New KB articles February 10-16
Now that Windows Server 2008 and Vista SP1 have released to manufacturing, you can expect to see quite a few KB articles coming out for those products. Before I list the ones relevant to Directory Services, here are a few general ones to be aware of -
| 946405 | Client computers may not work correctly when you add a Windows Server 2008-based domain controller to an existing pre-Windows Server 2008 domain |
| 929851 | The default dynamic port range for TCP/IP has changed in Windows Vista and in Windows Server 2008 |
| 948690 | You cannot remotely access encrypted files after you upgrade a Windows Server 2003 file server to Windows Server 2008 |
| 948680 | Description of the Microsoft server applications that are supported on Windows Server 2008 |
| 948070 | Information and resources to use when you plan to upgrade Windows Server 2003 to Windows Server 2008 |
| 947025 | Support guidelines for migrating roaming user profiles data to Windows Vista or to Windows Server 2008 |
| 947034 | How to use unattended mode to install and remove Active Directory Domain Services on Windows Server 2008-based domain controllers |
| 948472 | How to extend the Windows Server 2008 evaluation period |
| 947226 | Description of security events in Windows Vista and in Windows Server 2008 |
Previously I had mentioned the Server Core Step-by-Step Guide that does a great job of giving you the command-line equivalents for common admin tasks. One thing it does not cover is how to uninstall applications from Server Core, but I did come across this blog on the subject. Under the covers when you uninstall a program, the Add/Remove Programs (XP/2003) and Programs & Features (Vista/2008) control panel applets are just running whatever is specified in the UninstallString registry value under HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall, so on Core installs of Server 2008 where those control panel applets do not exist, you just find that registry value and run the command it specified from the command-line. Be sure to check out the Server Core blog for other tips on Server Core.
| KB | Title |
| 947460 | Error message when you try to open a mapped DFS folder after the computer comes out of standby in Windows XP Service Pack 2: "<Drive Letter>: is not accessible" |
How to use the “netsh advfirewall firewall” context instead of the “netsh firewall” context to control Windows Firewall behavior in Windows Server 2008 and in Windows Vista |
|
Windows Server 2008 will log on the administrator account automatically without displaying the logon dialog box when you set the administrator password as blank |
|
You cannot remotely access encrypted files after you upgrade a Windows Server 2003 file server to Windows Server 2008 |
|
The autoenrollment functionality fails when a Windows Vista-based computer uses version 2 (V2) certificates |
|
How to let a user apply a Group Policy that has the "Devices: Unsigned driver installation behavior" Group Policy setting from a Windows Vista-based computer to a client computer |
|
When you use an account from an external MIT Kerberos realm to log on to a Windows Vista-based workstation, the logon fails |
|
Description of the Microsoft server applications that are supported on Windows Server 2008 |
|
Error message when you try to use the Active Directory Service Interfaces extension for Terminal Services to read the properties for a user on a Windows Server 2008-based computer: "The directory property cannot be found in the cache" |
|
A replication may fail when you perform the replication among Active Directory Lightweight Directory Services (AD LDS) instances on a Windows Server 2008-based computer |
|
Error message when a user uses Internet Explorer 7 to open the certificate enrollment Web page to install an end entity certificate on a Windows Vista-based client computer |
|
Description of security events in Windows Vista and in Windows Server 2008 |
|
On a Windows Server 2003-based computer that has a TCP Chimney Offload network adapter, the TCP data stream may be corrupted when the network adapter indicates an MDL chain whose starting MDL has a nonzero offset |
|
The user profile may not be correctly unloaded when you log off from a Windows Server 2003-based computer, and event 1517 is logged |
|
How to clone a certificate template from a Windows 2000 CA to a Windows Server 2008 CA |
|
When you try to move files from one network drive to another network drive, the files keep permissions from the source folders on a client computer that is running Windows XP or Windows Server 2003 |
|
Certificate mapping fails on a Windows XP Service Pack 2-based computer that is running the Windows Server 2003 Administration Tools Pack |
|
The Knowledge Consistency Checker deletes the connection object for a read-only domain controller in Windows Server 2008 |
|
The time stamp of a file's "Modified" box changes to the current time after you use the Encrypting File System to encrypt a file on a Windows XP SP2-based computer |
|
A temporary profile is loaded after you log on to a Windows Vista-based system |
|
Internet Explorer Maintenance-related Group Policy results are not displayed correctly in Group Policy Management Console on a Windows Vista-based computer |
|
Error message when you try to access an administrative share on a Windows Vista-based computer from another Windows Vista-based computer that is a member of a workgroup: "Logon unsuccessful: Windows is unable to log you on" |
|
Error message when you log on to a Windows Vista-based computer by using a temporary profile: "The User Profile Service failed the logon. User profile cannot be loaded" |
|
A user's icon and name are not displayed on the logon screen in Windows Server 2008 after you add the Terminal Server server role |
|
How to change the computer certificate on a Windows Server 2008-based computer that is running the "Routing and Remote Access" service and SSTP |
|
Object changes or new objects may be lost when the ADAM Synchronizer tool in Windows Server 2003 synchronizes data from Active Directory to ADAM |
|
A Windows Server 2003-based computer responds slowly to RDP connections or to SMB connections that are made from a Windows Vista-based computer |
|
When you redirect the Documents folder on a Windows Vista-based computer to a network share, the folder name unexpectedly changes back to Documents |
|
When the Kerberos ticket expires for a Kerberos-authenticated SMB connection that is created to a Windows Server 2003-based server, the oplock on a file cannot be broken in a timely manner |
|
How to set the /insite option on the Distributed File System (DFS) root on a Windows Server 2003-based computer |
|
Error message in Windows Server 2003 R2 when you use the Dfsmgmt.msc snap-in to create a new DFS namespace that contains a period (.) character |
|
MS08-003: Vulnerability in Active Directory could allow denial of service |
- Craig Landis
Comments
Anonymous
February 23, 2008
great list! Thank you for the links. and BTW where's KB935834? It's supposed to tell about LDAP hardering (as per annoying event 2886 from ActiveDirectory_DomainService in 'Directory Service' log).Anonymous
February 24, 2008
There doesn't appear to be any KB article with number 935834, and internally here I don't see any record of it either - are you sure that is the correct number? If you can include a copy of the exact event you are looking for more information on, I can try to find out some more. Thanks, CraigAnonymous
February 25, 2008
oh sorry for misleading you. What I mean is Event 2886 from 'Microsoft-Windows-ActiveDirectory_DomainService'. It refers to the following link: http://go.microsoft.com/fwlink/?LinkID=87923. And this link seems to be actually KB935834, and this article is not online yet. I wonder when it will be published. (This event also mentioned in the forum: http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=2609788&SiteID=17). Thanks in advance