binaryfactory.ca

Having issues similar to:

Trying to enable EFS on a specific OU, while it’s disable at the top of the structure or domain?
Recovery certificates from two different GPOs mixing up instead of being replaced?

Overall EFS GPOs looking like they aren’t merging properly?

Well, it’s not because EFS GPOs are supposed to behave like black magic. Turns out there’s a bug, Microsoft’s aware of it, but doesn’t think it would be a good idea to FIX IT on Windows XP and 2003.

Thankfully, all it means is you need to edit your GPOs from a Vista, 2008 or Windows 7 machine.

KB : EFS may not be enabled expectedly after you disable a policy and this policy turn off the EFS feature

Opening my EFS GPOs in Windows 7, switching the Allow/Don’t allow and applying the ‘change’ fixed my GPOs. A few minutes later, and stuff was behaving like it should’ve been… Can I have those wasted hours of my life back, Mr. Ballmer?

You might have had some computers not communicating properly with your WSUS servers.

After looking at the WindowsUpdate.log file, you notice an error, WARNING: WU client failed Searching for update with error 0x8024400e .

You then find info about
1) This error being related to Office 2003 Service Pack 1, and that unapproving it fixes the isse
2) Microsoft having released a patch for this issue that you can install on your servers.

But in reality, the issue might be…
3) You’re retarded, and called a computer group on your test lab .. Group! .. With the ! !

For security reasons, it might be advisable to clear your swap file at shutdown.

It doesn’t provide great security, and you really should be using full drive encryption anways.

But in case anyone is wondering, for a 1.5gig swap file, this option (ClearPageFileAtShutdown) seems to add about 30 to 40 seconds of time to the shutdown procedure as it overwrites the file with zeroes.

Now turn it back off and install Truecrypt!

When working a lot with Group Policy, one thing that I would love being able to do is merging user right assignments. If you’re aware of how to do it, be sure to post a comment (Workaround, 3rd party tool, etc).

Let’s say you have 500 servers. All servers run some agent service that must always be set to automatic, and for which you have customized ACLs. (You grant helpdesk the right to restart the service for example).

Well, this is pretty easy to handle as every service can be handled in different GPOs, so you just create a GPO with your settings, and you link it appropriately.

Now, what if you want to grant the service account that this service uses on every computer the right to “Log On as a Service” ? You could put that in the same GPO, but it would override any other policy that has “Log On as a service” defined and is applied before this one. Wouldn’t it be nice to be able to specify in a GPO that the service account must have “Log on as a service” while keeping the currently specified rights?

Vmware

When I use Windows virtual machines, sometimes the system beep gets annoying to my neighbors.

When I use Linux virtual machines, it goes through my laptop’s PC Speaker, which makes me have a heart attack, and annoys my neighbor.

Find your Vmware preferences file

Windows: Application Data\VMware\preferences.ini

Linux: ~/vmware/preferences (you could possibly do it in the system wide config as well)

Add this line:

mks.noBeep = TRUE

All beeps should be gone.

Windows itself

If for some reason you use some other Virtualization product that does not allow you to disable beeps, just create a Group Policy on your test domain (you could do it local as well). Configure any non critical service in the GPO to be DISABLED. (I use the print spooler).

Once that is done, browse to the sysvol, find the GPO’s folder, and edit the security policy text file. Replace the name of the service you disabled with “beep”.

The reason we have to do that is because you don’t see the beep service in the list of the GPO editor. But this effectively disables the beep service that Windows uses, well, to beep ! I deploy this on test domains where I “beep” often.