Quick helpful tip..
this is the command to clear your arp cache
netsh interface ip delete arpcache
your ads here (468x60) - after 1st post.
That’s right I had one of those days. I was deleting a user and accidentally deleted an OU containing every user at work. Needless to say everyone’s access to all our internal systems ceased immediately. after mashing my keyboard and mashing CTRL-Z (UNDO) which doesn’t exist in active directory users and computers, which I knew I just mashed it anyway whilst yelling a few colorful words at my monitors. Anyway I was left with the task of restoring all our users. Luckily I had the active directory directory restore mode password. Anyway, rebooted into active directory restore mode. and the desktop would come up after the login prompt and successful authentication. FUCK! anyway I was able to hit ctrl-alt-delete and get into task manager, and disable the exchange services, next reboot to AD restore mode was successful. We were running Backup Exec 11d. Which I couldn’t start as Domain Auth doesn’t work in AD restore mode. Changed the services to login as local administrator and backup exec was up and running. Restored the OU using backup exec.
ran ntdsutil
authoritative restore
restore subtree “OU=Staff Accounts,DC=domainname,DC=local
quit
quit
Rebooted and the OU was still missing. At this point I was starting to think I’d have to recreate all the accounts and reattach the mailboxes.
Anyway so I figured I’d attempt it again, same result.
So I restored the whole system state.
ran ntdsutil
authoritative restore
restore database
quit
quit
Rebooted, the server came up, the OU had returned.!!! WOHOO!
anyway finished the day up at the pub. as you do.
Came across a wierd problem today.
No computers could access the network. No critical events in the event logs.
Found these event’s in the Security logs.
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 534
Logon Failure:
Reason: The user has not been granted the requested
logon type at this machine
User Name: BLAH
Domain: BLAHDOMAIN
I eventially found the the domain controller local security had been edited. It should look something like this.
I found that only ENTERPRISE DOMAIN CONTROLLERS was listed. which explained why the computers wouldn’t connect to the server.
I used the following command to reset the domain controller policy.
dcgpofix /target:both
imediately everyone was able to connect to the network again. I started wondering how or who would have changed the policy. to find out 5 minutes later, the policy again only had the ENTERPRISE DOMAIN CONTROLLERS listed and nobody could connect to the network. Anyway. After patching the box and fumbling around. i found these to Trojan’s to be the cause.
C:\WINDOWS\SYSTEM32\RESVS.EXE
C:\WINDOWS\SYSTEM\SYSTEM.EXE
Booted into safe mode. removed RESVS.exe from Run key. and removed SYSTEM.EXE service.
Rebooted and ran dcgpofix /target:both. and everything is honkey dorey. Symantec and Trend did not find these infections.
Jul 04
Symptoms
The Access Suite Console is no longer able to properly communicate with Web Interface. The option to Create Sites is no longer available in the Common Tasks Pane of the Access Suite Console, and running discovery reports a warning which states “Could not contact any Web Interface configuration servers.”
Causes
This is caused by installing Microsoft .NET 2.0 on a Web Interface 4.0 server.
WorkAround
Remove .NET version 2.0.
-OR-
Create a file call “mmc.exe.config” in \Windows\system32 directory and add the following lines to the file. You should be able to open the Access Suite Console without any further problems.
