Over 1 million tech questions and answers.

SID Filtering Enable on Domain Level - Windows 2012

Q: SID Filtering Enable on Domain Level - Windows 2012

Hello Experts,

I have single AD Forest, 1 root domain and 4 child domain which having parent child trust with each other

Windows 2012 Functional Level

We find in some security tool that SID Filtering is not enabled on 4 child domain.

Please suggest is there any risk of enabling SID Filtering on domain level and how to do that from Root domain to child domain
Early response will be really appreciated

Thanks, NG

Read other answers
RELEVANCY SCORE 200
Preferred Solution: SID Filtering Enable on Domain Level - Windows 2012

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 71.6

Windows
2012 

IP settings           172.17.2.36

Subnet mask       255.255.0.0

Gatevay                 172.17.2.1

DNS                       8.8.8.8

                           
     

Windows 7

Obtain
IP address automatically  

----------------------------------

----------------------------------

DNS
                       8.8.8.8

 
                                

The
error code reads 

------------------------------------------------------------------------------------------------------------------------------------------------

The
following error occored wen DNS was queried for the servise location (SRV)

resource
record used to locate an Active Directory Domane Controller (AD DC) for Domain

"dalek.local
".

 

the
error was: "This operation returned because the timeout period expired."

(error
code 0x000005b4 ERROR_TIMEOUT)

 

The
query was for SRV record_ldap._tcp.dc._msdcs.dalek.local.

the
DNS server used  by this com... Read more

Read other answers
RELEVANCY SCORE 68.8

I current have Windows 7 and my wireless router is provided with bellsouth/att. However, my Westel router was replaced with 2WIRE. it does not accurately show my mac addresses. my Ethernet and wireless connections are all listed as one device and once I enable mace filtering, I am booted off the internet and unable to log on. Also, I received an email that i tried to delete but it opened anyway and my browser shut down immediately, could this have been sent to gain access through my computer through a surveillance program like spectorsoft pro.

Malwarbytes continues to scan my computer but i keep getting Broken-OpenCommand and I got HijackDisplayProperties. what is this. I have a bran new dell computer and Mcafee Internet Security Suites. Please advise as to what I should do. Thanks, I am new to all of this, do I need to have the someone come in a scan, fix, repair. Or should I reset to factory delivery.

A:2wire router Windows 7 will not enable mac filtering

Well, mac filtering is a painful way of achieving a useless affect. I tried to use it to allow only the computers I know onto the internet (the purpose), but every time, it just booted them all off the network. From what I've read, it's pretty useless. Doing things like mac filtering, not broadcasting SSID, etc...only serve to make it more difficult for you to connect to the internet. The signal is transmitted in many more ways than that. Somebody with the right tools can still find your network even if you do things like that (mac filter, hide SSID, etc.) The best way to stay secure is to use WPA2 encryption with a long password (random, non-dictionary based ASCII characters, like !*?R#PZPwv^)Sounds like that email may have infected your PC somehow. You can either hack in out in the "Am I Infected? What do I do?" sub-forum (NOT in this topic!!), or you can do the simple thing and just reset to factory settings (my recommendation).But yeah, forget about the mac filtering. Just use a strong WPA2 password, and reset to factory settings to get rid of any malware you might have picked up. If you had had it longer, I would say to try and fight it. But with one fresh from the factory, you might as well just reset it to factory settings. Good luck!

Read other 1 answers
RELEVANCY SCORE 67.6

So there are about 1000 computers on our Domain, Vista 700, Windows 7 300. After restart, as required by updates the computers can access resources on the network, the computer name can be resolved by DNS, but they are not pingable, cannot RDP, DameWare, or remote manage. We have found that the update has for some reason started the Base Filtering Engine Service. If we put hands on the computer we can disable Base Filtering Engine and all is well.

The number of computers effected is growing at an alarming rate, probably 100+ a day.Tomorrow is day 3.

The problem is that some of the computers are 400 miles away, we need to fix this remotely if possible.
 

Read other answers
RELEVANCY SCORE 64.4

I have configured Outlook 2010 to filter out top level international domains and other languages (encoding options). It's all coming in to my inbox instead of junk mail folder. Have all updates. I keep getting spam from China so either the blocking of top level domain or Chinese characters should be caught. Set to Low and trying High settings.

A:Outlook 2010 Not Filtering Top Level Domains

Hi, MoInSTL!

Have you tried adding the domains to the Junk email filter? I apologize if this is basic stuff for you and you've already tried it, but right click on an email, select "Junk" then "Junk E-mail Options..." and then the "Blocked Senders" tab. Add the domain to the list by clicking the "Add..." button:

Also, see my post here for a bit more on the easiest way to add the domain from an email that you want blocked.

Read other 4 answers
RELEVANCY SCORE 61.6

Hi,



I want to filter driver packages on WDS  so that they only deploy when a particular image is used. I am deploying Windows 7 Sp1 64bit via a WDS 2012 R2 server.



One of the options on Driver Filtering is by Image ID. I used the technique described here to find the image ID and apply filters to my driver package:

https://social.technet.microsoft.com/Forums/windowsserver/en-US/bec273fa-4411-4947-977f-794e3f4c850c/wds-on-server-2012-driver-group-filter-to-specific-images?forum=winserversetup



The drivers do not deploy when the Image is used. I have double checked the drivers (when filtering is off they deploy without problems).



Has anyone else been able to get Filtering by Image ID to work, if so please help let me know how you obtained the ID and what i may be doing wrong?



Thanks in advance!

Read other answers
RELEVANCY SCORE 61.2

I have a Windows Server 2012 R2 domain in the dmz. I have a Windows Server 2012 R2 domain in the network. I can access the one in the network to the dmz without a problem, but I cannot access the one in the dmz to the network. The ip addresses in the network are different than the ip address in the dmz. I fowarded the ports but the dmz box still gets blocked. I tried to do it by VPN after setting the router to accept VPN. The connection still gets blocked. I set all the firewall settings.

I'm not sure where to go from here, any help would be appreciated.

Thank you
 

A:Windows Server 2012 R2 connecting 1 domain to another through 2 routers

Read other 6 answers
RELEVANCY SCORE 60.8

   Dear Team
       I have windows 2012 R2 domain server. It is connected domain perfectly windows 7 pro .
      But if i connected domain windows 7 ultimate . It is showing DNS error. I am joining same process win7 pro.
      please help me how to join windows 7 ultimate in domain.

   Note. I give my client PC windows 7 ultimate network proper DNS.

Read other answers
RELEVANCY SCORE 60.4

I am working at a elementary school with a mixed environment of Windows 7 Pro and Windows 10 Pro workstations.  We need a roaming mandatory profile for a generic login.  The student often are changing settings even with a GPO limiting what is accessible
to the students.
The Windows 7 tools for creating profiles are apparently no longer available.  The current tool sets (Windows 8 and Windows 10) have not produced a workable Windows 7 mandatory profile.  We get one or another error message when we try them.
Is it still possible to create an usable Windows 7 mandatory profile with "today's" tool sets?
If it still is possible, would you please point me in the correct direction.
Thanks in advance.

Read other answers
RELEVANCY SCORE 60.4

When imaging HP EliteOne 800 G1 All-in-One  (Intel I217-LM NIC) by Windows 10 task Sequence, Domain Join stage fails every time. It was imaged with Windows 8.1 without any issue.  Same task Sequence works on HP 800 Mini (Intel I217-LM NIC) and other system from different vendor. Could I get some help please? Regards

A:windows 10 Task Sequence Not Join Domain (SCCM 2012 R2 SP1)

Hi,  I'm having the same problem for both the g1 800 and G2 800 EliteDesk Mini 35w.  Did you have any luck resolving this?  Thanks.

Read other 1 answers
RELEVANCY SCORE 60

Hi all,

I was trying to enable IE11x64 bit browser in windows 8.1x64 bit ent for domain users and i was unable to enable it.
below are the steps i followed to enable IE11x64 bit for domain users:
step 1:

step 2:
It will be 64bit, only when this feature is checked, otherwise IE will still use a 32bit process.
closed the borwser and opend the browser again but i checked in process.exe


Tabs are displayed in 32 bit.

can anybody help me with this issue.
i want 64 bit tabs to be opened instead of 32 bit

Read other answers
RELEVANCY SCORE 60

Windows 2012 Verification of prerequisites for Domain Controller promotion failed and gave the below error(In computer management local group and user option is not there as suggested by a solution!)

"Verification of prerequisites for Domain Controller promotion failed. The local Administrator account becomes the domain Administrator account when you create a new domain. The new domain cannot be created because the local Administrator account password
does not meet requirements.

Currently, the local Administrator password is blank, which might lead to security issues. We recommend that you press Ctrl+Alt+Delete, use the net user command-line tool, or use Local Users and Groups to set a strong password for the local Administrator
account before you create the new domain."

A:Windows 2012 Verification of prerequisites for Domain Controller promotion failed

You need to have a password before you begin. Arnav Sharma | http://arnavsharma.net/ Please remember to click ?Mark as Answer? on the post that helps you, and to click ?Unmark as Answer? if a marked post does not actually answer your question. This can be beneficial to other community members reading
the thread.

Read other 6 answers
RELEVANCY SCORE 60

                    
This was originally posted in the Server 2012 forum, but perhaps it's more applicable to Windows 7.

            




I've joined the Windows 7 Pro workstations to the Domain using the SERVER2012/Connect app and that seemed to work fine.  I made the Users all Standard, not Admin, and access to the Shared folders is working fine too.  Users appear to be in the
Administrators group on the local machine, which is what I need.
However, a number of our applications aren't working correctly ... one writes changes to HKey Current User and those changes will not stick.  Some IE sites that require changes have to be made each time; those changes don't save.  Some
of the ODBC connections to SQL databases are behaving strangly as well.  I tried checking permissions on the Windows Registry keys, and they looked OK.  Turning off User Access Control did not help either.
If I log on to the workstation not using the Domain Account I don't have this problem.  And, one of the workstations which had performed the Windows 10 Upgrade while connected to the previous Domain Controllder works fine.
Any direction would be greatly appreciated!   Thx DMiller

Read other answers
RELEVANCY SCORE 59.6

When I bought my ThinkPad P72, the biometric login via face recognition and fingerprint was enabled and working. After adding the laptop to my current 2016 Windows domain, the biometric login has been disabled. Does anyone know the settings to re-enable via the laptop local domain policy without having to reconfigure the domain controller server?





There are 10 types of people in IT: those that understand binary and those that don't .....

Read other answers
RELEVANCY SCORE 59.6

When I bought my ThinkPad P72, the biometric login via face recognition and fingerprint was enabled and working. After adding the laptop to my current 2016 Windows domain, the biometric login has been disabled. Does anyone know the settings to re-enable via the laptop local domain policy without having to reconfigure the domain controller server?





There are 10 types of people in IT: those that understand binary and those that don't .....

Read other answers
RELEVANCY SCORE 59.6

Internet Explorer 8 (also have Mozilla and Google Chrome- same results).......No administrator access.....when I try to open pretty much anything, this is the message I get  "Open DNS' "this domain is blocked due to content filtering"....

Microsoft HomeEdition XP  Version 2002  Service Pack 2....ancient stuff. Looked up EVERYTHING on the net about this, all the suggestions do not work, including stuff like www.torproject.......etc etc   those too get blocked.

PLEASE if you have a solution THAT WORKS.....help liberate me and this piece of junk.


Thank you so much, and Happy New Year.

Read other answers
RELEVANCY SCORE 59.6

I am unable to visit NSFW related websites anymore. I get an OpenDNS message
 
 
 
This domain is blocked due to content filtering.
This site was categorized in: Pornography, Nudity, Anime/Manga/Webcomic
 
every time. I have never had this issue on my laptop before and I have always been able to go onto this site. Now it no longer works. Nothing has changed on my laptop. It just started today. I do not know what an OpenDNS is nor have I ever heard of it.
 
I am trying to access: hxxp://rule34.paheal.net/ (link removed due to NSFW)
 

A:This domain is blocked due to content filtering. message

Looks like you've changed your DNS settings in the past to OpenDNS.
 
https://www.opendns.com/home-internet-security/
 
http://www.howtogeek.com/201312/how-to-use-opendns-on-your-router-pc-tablet-or-smartphone/

Read other 4 answers
RELEVANCY SCORE 59.2

Windows Server 2012 R2

Domain Join User Not Able To Access Internet Need Solution.

Scenario.

Server Attach 2 Networks Card.
Private Network
IP: 10.0.0.10
Subnet: 255.0.0.0
Dns: 10.0.0.10

Public Network
IP: 192.168.15.14
Subnet: 255.255.255.0
Default Getway: 192.168.15.1
Internet Working On Domain Controller

Client User:
IP: 10.0.0.11
Subnet: 255.0.0.0
Dns: 10.0.0.10
Now I Want To Access Internet on Client User without Proxy Server
Kindly Guide Me Complete Procedure.
Guide You In Depth.
Server Attach Two 2 Network Card
1st Network Card Attach Internet Wire
Ip 192.168.15.14 Subnet:255.255.255.0 Default Getway: 192.168.15.1
2nd Network Card Configure Private Ip
Ip: 10.0.0.10 Subnet: 255.0.0.0 Dns:10.0.0.10

Now Private Network Card Wire Attach In Cisco Switch 2950
And One Wire From Cisco Switch 2590 Connect To Local User System
Client Ip 10.0.0.11 Subnet: 255.0.0.0 Dns: 10.0.0.10
Client System Join Domain Successfully
Now My Question Is I Want To Access Internet On Client PC Without Proxy Server.
Waiting For Good Reply...

Read other answers
RELEVANCY SCORE 58.8

Hi,
I would like to give software Installation restriction for Domain Admin users but he can have all of remain admin rights.
If he want to install any software it should be ask for password.please suggest to me is there any Group Policy for that one.
Server : windows 2012 R2
Clients : windows 10 

Read other answers
RELEVANCY SCORE 57.6

How do you tell the name of the Root Level Domain of a site please? For instance on this site GraphicsBlastServer139.GraphicsDept.Generic.com would it just be generic.com?

I appreciate any help. tia
 

A:Root Level Domain

Top level domains like .com, .net, .org, etc are under the root level domain, .
The root-level domain is usually left off of the URL though, google.com is really google.com.
 

Read other 1 answers
RELEVANCY SCORE 55.6

I posted this in e-mails, but it probably better belongs here since the question relates to security.

Probably a hugely basic question, but while setting up some new addresses I've just figured out that my (Irish) hosting provider doesn't run SSL on their pop e-mail servers.

Guess I'm wondering just how much of a risk this might represent. I'm not so worried about the data in the mails (I don't send sensitive information), but I'd rather not find that I was being used to send spam or worse.

I'm on Mac Mail right now - but hope to switch to a notebook running Win 10 Prof in the coming week or so which might be a different scene. Mail pretty clearly regards SSL as more or less standard - it goes through a routine to get an OK to continue without it.

The Mac Mail has been consistently glitchy over the years - with mailboxes getting corrupted and having to be rebuilt, folders disappearing, and counters showing crazy numbers.

The latter somehow was sorted immediately after running the recenty installed Kaspersky internet security, and previously (for short periods only) following clean installs of the OS - which has tended to make me suspicious that I maybe had company. The local Mac service place has always poo pooed the possibility however.....

Read other answers
RELEVANCY SCORE 53.6

Hi, I'm a DBA and hope to help people with there database questions. However networking has always been my weakest area and I'm trying to change that. However, I've gotten in way over my head with this one. My kids and I built a server and I've installed Windows Server 2012 Data Center Edition on it with the intention of making it our DC and DNS server as well as to host some hyper-v instances. However, I can't seem to get this thing to work. Everything I've read tell me I have to give it a static IP but every time I try it loose connection to my router. I finally relized that I had to make the IP on the same subnet as the router. My router is 10.0.0.1 and the DHCP ip my server was receiving was 10.0.0.18 so I figured I'd make it 10.0.0.50 and set the scope in my router from .2 -.49 but that didn't work. I really don't know what I'm doing and the network guys are work are trying to help me but it's not working and I live almost 50 miles from my office. Please help.
 

Read other answers
RELEVANCY SCORE 53.6

I have installed WIN Server 2012 on my laptop using a new volume and dualBoot.
I would like to set it up on our domain but I'm not very technical. I have run NSLookup but I don't really know what I'm looking for. I haven't yet setup the DNS on the server.

Thank you in advance for any assistance you make be able to offer.
 

Read other answers
RELEVANCY SCORE 52.8

Hi, I was trying to enable the teredo client in Vista when joined to a domain.  I gather from reading this is disabled by default when the computer is joined to a domain.  I tried netsh interface ipv6 set teredo enterprise client and show teredo still displays: Type                               enterprise client server name                      teredo.ipv6.microsoft.com Client Refresh Interval           30 sec client port                         unspecified state                                 offline error                                   client is in managed network How do you turn this on? CCNA, A+, N+

A:enable teredo in domain

Hi,
 
Thank you for posting.
 
Based on my research, I would like to suggest the following:
 
1.    Please refer to the following document and run the command to see if it works:
 
Teredo and the PNRP Global Cloud
http://blogs.msdn.com/p2p/archive/2007/03/22/teredo-and-the-pnrp-global-cloud.aspx
 
Please note the section:
If it says ?Client is in a managed Network? it means teredo has detected that you are in a corperate environment. If that is the case you need to set the Teredo type to Enterprise client ?Netsh int ter set state enterpriseclient?.
 
2.    Check your firewall with the following Knowledge Base:
 
Firewall requirements for coexisting with Teredo
http://support.microsoft.com/kb/968510
 
Hope this helps. Thanks.Nicholas Li - MSFT

Read other 4 answers
RELEVANCY SCORE 52.8

- I have created GPO in domain to bloc usb drive but it didn't work with window 8.1 or latter, window 7 work fine. why?

Read other answers
RELEVANCY SCORE 52.4

A previous GPO tech set these to be disabled by default and I can't figure out how to re-enable. The options stay greyed out no matter what I try. I don't want to remove the settings to disable from the default policy so I have created an additional GPO for certain PCs to have it enabled and I'm just trying to find all of the settings to get this working again for the approved users.

This is what I have set currently...
In Computer -> Policies -> Admin Templates:
System/Logon -> Turn on PIN sign-in = Enabled
Windows Components/Biometrics -> Allow domain users to log on using biometrics = Enabled
Windows Components/Biometrics -> Allow users to log on using biometrics = Enabled
Windows Components/Biometrics -> Allow the use of biometrics = Enabled
Windows Components/Microsoft Passport for Work -> Use biometrics = Enabled
Windows Components/Microsoft Passport for Work -> Use Microsoft Passport for Work = Enabled

Any suggestions are most welcome

Thanks

Read other answers
RELEVANCY SCORE 52.4

hi
I have encountered a problem with a Windows XP computer that the both option from joining to a Domain or WorkGroup button are disabled when I tried to joine a Workgroup on our peer-to-peer network. Is there anyone who can give idea about enabling them again. Can you also please let me know how these option can be disabled as well. Thanking you for your help and time solve it.
 

A:enable Domain and WorkGroup Option

Are you logged in on an account with admin rights ?
 

Read other 3 answers
RELEVANCY SCORE 52

what I did:
1. enable guest in "local user and groups"
2. remove guest account from local security policy -->"deny log on locally"
but, in local seurity policy -->"guest account status " is greyed out, by default it is disable, I have to put the computer to workgrup then enable the guest account
after all these, still can't logon to the PC as guest, got "the account is disabled, pls contact admin....."
what am I missing? should I modify GPO? where do I find the GPO that affecting guest account?
thanks.

A:how to enable guest account on a domain computer

Hi,
 
As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will
mark it as ?Answered? as the previous steps should be helpful for many similar scenarios. If the issue still persists, please feel free to  reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you
wish.

BTW,  we?d love to hear your feedback about the solution. By sharing your experience you can help other
community members facing similar problems. Thanks for your understanding and efforts.
 
Regards,
Leo   Huang
TechNet Subscriber Support
If you are
TechNet Subscription user and have any feedback on our support quality, please send your feedback
here.Leo Huang
TechNet Community Support

Read other 8 answers
RELEVANCY SCORE 52

Can Microsoft please provide methodology for setting up Windows Event forwarding (Sender initiated) for a Domain Controller based on a Windows Server 2012 R2 Core installation? Unfortunately all of your documentation relies on using the local Event
Viewer GUI to set this up. Connecting Event Viewer from a full Server 2012 installation to a Core Installation loses this ability entirely. The only option I've tried to employ so far leverages an .xml file, but I am not sure it is working correctly.

Please note: this is for Windows Security Event ID 4776 ingestion.

Read other answers
RELEVANCY SCORE 51.2

Hi
I have a strange problem I cant workout. It started with a new customer RDP 2012 server which we could not connect to an app once logged in.
If on an external PC it works OK.
If I create a fresh PC on our LAN it works.
If I this PC to the domain, it works.
If I move the PC to a UK Specific OU it stops working
If I move back out of the OU it still does not work
If I remove from the domain and do "GPUPDATE /FORCE /BOOT" and reboot and log backon as local admin account it still does not work!!
So there seems to be something in particular on the GPO in the UK OU in AD which causes the problem but even after moving the computer out it seems to store this mysterious setting and fails to work unless reimaged.
Any suggestions besides adding each option one by one in test GPO/OU????

Read other answers
RELEVANCY SCORE 48.8

On the page
https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution-s we can see that the section
Manage Speculative Store Bypass and mitigations around Spectre Variant 2 and Meltdown
applies to Windows Server 2016 Version 1803 (Server Core), Windows Server 2016 Version 1709 (Server Core), Windows Server 2016 and Windows Server 2008 R2 SP1.
Can you please tell us if this is just a typo and if setting the FeatureSettingsOverride
registry key to 8 enables mitigations for Windows 2012 and Windows 2012 R2?
In case that's not a typo, can you explain how to protect Windows 2012 and Windows 2012 R2 against Speculative Store Bypass (CVE-2018-3639)?
Thanks

Read other answers
RELEVANCY SCORE 48

Hi,
Does Windows 2012 Standard (and R2 standard edition) provide log collector facility? If so, could you please provide aq link for that. I understand that 2012 and R2 essential provides that feature - looking
for Standard edition support.
Regards,
Champak

Read other answers
RELEVANCY SCORE 47.6

I have had AT&T Uverse that came with a 2Wire 3800HGV-B Gateway for about a year now. I enabled MAC Filtering and entered all my home computer's MAC Addresses. About six months ago my brother tried to connect his work laptop to my wireless network but it would not connect until I added its MAC Address. For this past Christmas, I bought a new HP laptop running Windows 7 (64-bit). To my surprise before I had registered its MAC Address, I was able to connect to my wireless network and surf the Internet. I checked and MAC Filtering was enabled. I diabled and re-enabled. I rebooted the wireless gateway several times and still I was able to connect with this new laptop even though its MAC Address had not been registered. I removed an existing registered MAC Address and again to my surprise I was able to connect to my wireless network and surf the Internet despite its MAC Address had been removed completely or moved to the Block area. I showed this to my work Sr. Network Admin and he found nothing wrong. I have asked AT&T Support but so far no response. I doubt it is a hardware issue. I think it is the firmware. I am at the latest version of the firmware. I think I may need to re-flash the firmware. Since I do not techically own this gateway device, I am reluctant to do anything without AT&T approval. I did try contacting the gateway manufacturer 2Wire but they refuse to help me and directed me to contact AT&T. I am using WPA2-PSK with AES. Anyone have any sugge... Read more

A:Solved: MAC Address Filtering Not Filtering

First off, MAC filtering is a needless security measure if you're running WPA2-AES. I'd simply disable it and get on with your life!

A good read: The Six Dumbest Ways to Secure A Wireless LAN
 

Read other 3 answers
RELEVANCY SCORE 46.8

Hello everyone,

We are running into a somewhat peculiar issue that I have been unable to find any information about and I was hoping someone here could point me in the right direction.



Several of our Windows 7 laptops (We're working on moving to W10) have become unable to change the password for a domain account from the Change a Password screen after hitting CTRL ALT DEL. Usually when someone would select to change their password,
it would take them to the text boxes with the domain\username pre-populated, I'm sure you are familiar.

Recently, when following the same steps, an account selection screen comes up with the option to use a smart card or simply type in the username. While we are working on implementing smart cards, they are not yet in use and in fact should not even
show any options for them yet. After opting to type in a user account, rather than populating the username field with domain\username, the field remains blank with grey text saying "provider\user name" instead. If the user types in their domain\username
and attempts to change the password, they get a generic error stating it is unable to change the password.



Users are still able to use a co-workers machine to change their password from the same screen by substituting the username. Most of the affected machines are from users that work in the same team, even though those same users can change their passwords
elsewhere just fine. It appears to be isolated to specific ... Read more

Read other answers
RELEVANCY SCORE 46

We have been getting sporadic reports from our users of the error, "The trust relationship between this workstation and the primary domain failed."  The workaround has been to dejoin and rejoin the domain, but it keeps happening and we need a permanent
fix.  We are primarily a laptop shop.
It has been suggested we disable the automatic machine accouint password change on our domain members in GPO.  While this may be a viable option with relatively low security risks, I'd really like to figure out why it's happening and try to
fix it. 
The machines can lose the trust relationship at random.  It can happen overnight, or after going into hibernation.  I've had it happen to me a few times.  The DCs (we have 2) both show error 5722, but one is spitting out a specific Kerberos
error that the other one is not:

While processing an AS request for target service krbtgt, the account kriegesh did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of 2).
The requested etypes : 18. The accounts available etypes : 23  -133  -128  3  1. Changing or resetting the password of kriegesh will generate a proper key.
My main issue is trying to determine why this continues happening and if we can resolve it without disabling the account password.  If that IS our best option, then so be it.  Any
thoughts are welcome.
Thank you very much in advance!  ~Sarah

Read other answers
RELEVANCY SCORE 46

I've been trying to join a new Windows 7 Professional machine to a domain controller running Windows 2003 Server with no luck.  We currently have 4 Windows XP machines running on that domain without any issues, but when I try to add the Windows 7 computer,
here is what happens:

A computer account on the domain could not be found (confirmed it is already there)
I put in the computer name and domain again, and Administrator credentialsNow it tells me: "An attempt to resolve the DNS name of a DC in the domain being joined has failed."
I currently have DNS on the Windows 7 PC set to the Domain Controller and have IPv6 unchecked under Network Properties.  I can even ping the domain name (resolves to IP of the domain controller).  It looks like it can, indeed, find the domain from
the message in step 1, so am I missing something here?
Thanks in advance for any help!

A:Cannot join Windows 7 to domain even after setting DNS to domain controller IP

Hi,
You need flush your DNS cache in client side first.
Then, let?s create the following registry value for a try:
HKLM\System\CurrentControlSet\Services\LanManWorkstation\Parameters
 
 - Created a DWORD DomainCompatibilityMode = 1
 - Created a DWORD DNSNameResolutionRequired = 0
Reboot the machine and check the result again.Alex Zhao
TechNet Community Support

Read other 17 answers
RELEVANCY SCORE 45.6

Is there a chance do define two different audio levels?
I guess I am not the only one listening to music with my computer - so I'd like to avoid awkward and looooud system sounds while turning up my stereo...

is there a chance to do so? I know that apple has it, not sure bout win7...

thx

A:Low system sound level, high music level?

I think I understand your question. I use powered partner speakers and in my audio controls for my sound card it has output levels and then and then my music manager has it's own. First I set my sound card at around 1/3 volume +- and then go to the mm and set a volume to around 1/2-3/4 full volume. Then at my speakers I adjust the volume to a clear but loud volume. Then going back to the mm I'll use it's volume only which is controlled off my keyboard and it seems to work well. You still will run into situations where things are too load or too soft and other than in your music files there really isn't much you can do about that, just be ready to ride your volume a little.

Read other 3 answers
RELEVANCY SCORE 45.6

We have laptop computers that normally log into the AD domain, but also need to be able to allow users to log into the computer when the domain is not available  for authentication.
My issue is, I would like to harden the laptops against brute force login in the event the laptop were stolen.  Even though we have a domain-level policy that locks an account after three invalid login attempts, I am not finding a way to do that with
cached credentials when the computer is not on the domain.  The user does not have a locally defined account on the laptop, only cached domain credentials.
Limiting the number of cached logins does not address this particular situation that I have been able to find -- the computer still allows an unlimited number of incorrect guesses at the password, and once the correct password is entered, the account is
logged in.
This is Windows 7 Professional.
Any suggestions would be appreciated.  Thanks.

Read other answers
RELEVANCY SCORE 45.2

Hello everyone. I really hope that you can help me. You are my last hope.

I maintain about 30 domain computers. Recently when users try to log in on most of them the following error appears frequently:

"Windows cannot connect to the domain, either because the domain controller is down or otherwise unavailable, or because your computer account was not found. Please try again later. if the message continues to appear, contact your system administrator for assistance."

I have seen that this error appears only in the computers with Windows XP and not in the computers with Windows Vista or 7. We have 2 domain controllers.

Please let me tell you about the ways I tried to resolve this problem and their results:

- on some computers, after several restarts the users are able to log in, but if they restart or shutdown after that the error appears again; this worked for some computers, but I do not know if the error will appear again in the future.
- on some computers, when i disabled the windows firewall or allowed all kind of ICMPs it was resolved, but this did not work for all the computers and I do not know if the error will appear again in the future.
- I unjoined and then rejoined some computers from the domain and it was resolved but after restarting the error appears again.
- If I unplug the network cable the users can log in but after restart the error appears again.
- I have tried to reset the user password and computer on the Active Directory for some users and... Read more

A:windows cannot connect to the domain, either because the domain controller is down...

Read other 16 answers
RELEVANCY SCORE 44.8

I cannot use IE on my desktop, but several other applications (e.g. outlook) can access the internet. When I ping my router from the desktop, it works fine, but when I ping the desktop itself from the desktop it times out.

Pinging the desktop from other computers on the home network work fine.

Is my stack screwed up, or do I have a problem with the network adapter?

Steve
 

A:Low-level Connects work, not high-level

Read other 14 answers
RELEVANCY SCORE 44.8

Hello,
Does anyone know how to disable Level 1 and Level 2 cache in CMOS
there doesnt seem to be any options in the bios menus (PHOINEX)
I have a problem of windows xp not booTing after installing windows sp2

Many thanks
Joe

A:Disable Level 1 and Level 2 cache in CMOS

If there is no option for it in the BIOS you probably cant do it. Its not advisable anyways - and i also doubt your problems with SP2 come with the CPUs cache.

Read other 1 answers
RELEVANCY SCORE 44.8

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 6143 Mb
Graphics Card: ATI Radeon HD 4650, 1024 Mb
Hard Drives: C: Total - 938406 MB, Free - 848180 MB;
Motherboard: Gateway, EG43M
Antivirus: PC Cleaner Pro, Updated: Yes, On-Demand Scanner: Disable
I play FarmVille and was at Level 39. I started it today and am now at Level 1 and can't get my game back.
 

Read other answers
RELEVANCY SCORE 43.6

Hi,

I recently bought a new Dell laptop. I went to add a new standard user (for my kids) and set set up parental controls. To my surprise, this version did not come with web filtering. I went to the Help, and asked "What happened to Parental COntrols Web Filtering and Activity Report?". The response is:

"The Parental Controls web filter and activity reporting program isn't included in this version of Windows. To enable web filtering and activity reporting, you'll need another program from Microsoft or another company."

I would be very grateful if someone could tell me how I can install the web filtering and activity reporting capability on this new laptop just as I do on my other Windows 7 and VIsta machines.

Thanks for any response!

Tim

A:How to get Web Filtering for my Version of Windows 7

Windows Live Family Safety 2011

Read other 3 answers
RELEVANCY SCORE 43.6

In the task scheduler, under Windows Filtering Platform, an item exists called bfeonservicestarttypechange, where bfe stands for Base Filtering Engine. I know not enough about firewalls to know whether I may disable the task scheduler entry. I like the
Microsoft Windows Firewall and always use it.

Read other answers
RELEVANCY SCORE 43.6

Hello,
  I'm working with Bitdefender Total Security 2019.  I've noticed that their firewall is enabled when my Dell Latitude E6410 connects to my wireless network approximately 1.5 minutes after Windows 7 Professional starts.  In an e-mail, the
company told me that their firewall is enabled after the specified interval because of Windows Base Filtering Engine (BFE).  They also described the issue this way, BFE controls
the operation of the Windows Filtering Platform.  This is a network traffic processing platform that allows software to ?hook? into Windows networking stack and perform such functions as firewall, traffic shaping, filtering, etc. When this service loads
with a delay, it also triggers a delay of the Bitdefender firewall driver, which translates into the notification "Firewall status changed". The driver is coded to wait until BFE is completely loaded, otherwise it can't work.
     I've worked w/Checkpoint's ZoneAlarm Firewall (free edition) and it is enabled right when Windows starts, there is no delay.  Can
I modify BFE to enable Bitdefender Firewall to initiate at Windows startup?

Any and all feedback would be appreciated!

Thank you

Read other answers