Hi Everybody
What is the best software for protect Windows Server 2012?
Im a little confused because i see Forefront security, System center endpoint protection and a lot of other software.
What will be the best software to install? and do i need more than one software?
Thanks
Jakob
Hi,
I have a set of 2008 servers, and I'm using SCW to disable unnecessary services.
Right now I'd like to ship the policies through a domain controller, is it possible?
I know there's a Service tab in group policy configuration, but I don't want o duplicate the configuration of each service from SCW to it.
HI,
We Have some issue with this KB2813345, (in server 2003 Sp2 32 BIT )
Error: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. for more details check the log file
C:\windows\KB2813345.log
Plz follow the below KB Log Details:
[KB2813345.log]
0.469: ================================================================================
0.469: 2013/04/11 11:56:01.643 (local)
0.469: c:\39632f1a4d6b5b78399c\update\update.exe (version 6.3.4.1)
0.469: Hotfix started with following command line:
0.469: In Function GetBuildType, line 1170, RegQueryValueEx failed with error 0x2
0.485: Software\Microsoft\Updates\Windows Server 2003\SP3\KB2481109 is not Present
0.485: Software\Microsoft\Updates\Windows XP Version 2003\SP3\KB2481109 is not Present
0.485: Condition Check for Line 1 of PreRequisite returned FALSE
0.485: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
0.485: KB2813345 Setup encountered an error: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
0.500: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
0.500: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
39.579: Message displayed to the user: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
39.579: User Input: OK
39.579: Update.exe extended error code = 0xf0f4
39.579: Update.exe return code was masked to 0x643 for MSI custom action compliance.
0.610: ================================================================================
0.610: 2013/04/11 12:00:14.420 (local)
0.610: c:\521b3fb6c1e367ef2c7213\update\update.exe (version 6.3.4.1)
0.610: Hotfix started with following command line:
0.610: In Function GetBuildType, line 1170, RegQueryValueEx failed with error 0x2
0.625: Software\Microsoft\Updates\Windows Server 2003\SP3\KB2481109 is not Present
0.625: Software\Microsoft\Updates\Windows XP Version 2003\SP3\KB2481109 is not Present
0.625: Condition Check for Line 1 of PreRequisite returned FALSE
0.625: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
0.625: KB2813345 Setup encountered an error: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
0.641: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
0.641: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
125.750: Message displayed to the user: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
125.750: User Input: OK
125.750: Update.exe extended error code = 0xf0f4
125.750: Update.exe return code was masked to 0x643 for MSI custom action compliance.
2.359: ================================================================================
2.359: 2013/04/11 12:10:31.477 (local)
2.359: c:\1ddbeaee995123b3336f45a577c8\update\update.exe (version 6.3.4.1)
2.359: Hotfix started with following command line:
2.359: In Function GetBuildType, line 1170, RegQueryValueEx failed with error 0x2
2.422: Software\Microsoft\Updates\Windows Server 2003\SP3\KB2481109 is not Present
2.422: Software\Microsoft\Updates\Windows XP Version 2003\SP3\KB2481109 is not Present
2.422: Condition Check for Line 1 of PreRequisite returned FALSE
2.422: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
2.422: KB2813345 Setup encountered an error: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
2.437: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
2.437: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
156.765: Message displayed to the user: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
156.765: User Input: OK
156.765: Update.exe extended error code = 0xf0f4
156.765: Update.exe return code was masked to 0x643 for MSI custom action compliance.
0.797: ================================================================================
0.797: 2013/04/11 14:50:13.813 (local)
0.797: c:\30eba3b59db40af6df\update\update.exe (version 6.3.4.1)
0.812: Hotfix started with following command line:
0.812: In Function GetBuildType, line 1170, RegQueryValueEx failed with error 0x2
0.828: Software\Microsoft\Updates\Windows Server 2003\SP3\KB2481109 is not Present
0.828: Software\Microsoft\Updates\Windows XP Version 2003\SP3\KB2481109 is not Present
0.828: Condition Check for Line 1 of PreRequisite returned FALSE
0.844: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
0.844: KB2813345 Setup encountered an error: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
0.844: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
0.844: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
4.359: Message displayed to the user: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
4.359: User Input: OK
4.359: Update.exe extended error code = 0xf0f4
4.359: Update.exe return code was masked to 0x643 for MSI custom action compliance.
0.516: ================================================================================
0.516: 2013/04/11 15:04:00.515 (local)
0.516: c:\89aa6d845f707cae353d\update\update.exe (version 6.3.4.1)
0.516: Hotfix started with following command line:
0.516: In Function GetBuildType, line 1170, RegQueryValueEx failed with error 0x2
0.547: Software\Microsoft\Updates\Windows Server 2003\SP3\KB2481109 is not Present
0.547: Software\Microsoft\Updates\Windows XP Version 2003\SP3\KB2481109 is not Present
0.547: Condition Check for Line 1 of PreRequisite returned FALSE
0.547: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
0.547: KB2813345 Setup encountered an error: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
0.563: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
0.563: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
328.016: Message displayed to the user: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
328.016: User Input: OK
328.016: Update.exe extended error code = 0xf0f4
328.016: Update.exe return code was masked to 0x643 for MSI custom action compliance.
0.485: ================================================================================
0.485: 2013/04/11 15:16:58.698 (local)
0.485: c:\8bd44e63f160d98b52d51e98\update\update.exe (version 6.3.4.1)
0.485: Hotfix started with following command line:
0.485: In Function GetBuildType, line 1170, RegQueryValueEx failed with error 0x2
0.500: Software\Microsoft\Updates\Windows Server 2003\SP3\KB2481109 is not Present
0.500: Software\Microsoft\Updates\Windows XP Version 2003\SP3\KB2481109 is not Present
0.500: Condition Check for Line 1 of PreRequisite returned FALSE
0.500: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
0.500: KB2813345 Setup encountered an error: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
0.516: ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102
0.516: Setup cannot continue because one or more prerequisites required to install KB2813345 failed. For More details check the Log File c:\windows\KB2813345.log
Please Help me
Regards:
Chandra sekhar
I've been trying to find a "good" answer to how to deal with this issue and I really can't find some solid advice. Recently the Microsoft Trusted Root Certificate Updates have exceeded the acceptable limits that were originally set within Windows. I have apps that are now failing because there are > 200 entires in the Trusted Root Certificate Store. SChannel Errors are showing up on a TON of servers. The only advice I've found is to "manage" the store. This is kind of a nebulous term. I've gone in to one of these servers and removed expired certificates from this store and then I'm trying to figure out how best to 'prune' valid ones? I'm guessing the ramification is that if we have communications issues due to TLS/SSL errors we should see who the signing authority is to resolve this issue. Is there any good guidance on how to prune this list with the least amount of potential problems? Is there any guidance on how to do it for 163 servers in an enterprise?
Windows Server 2008 R2 -> Domain Machine but local Guest Account. Local Security Policy has Guest disbaled, GPO has Guest renamed but not defined on disabled/enabled.
I'll focus on one machine, but this has occurred on several other machines. I am seeing Logon Failures in Windows Event Logs associated with our Guest account. Drilling into these EventLogs, I've foudn that it is the Local Guest account, and the calling Process is Explorer.exe:
LogName=Security
SourceName=MicrosoftWindows
securityauditing.
EventCode=4625
EventType=0
Type=Information
ComputerName=ANONASERVER.NCSGROUP.BNSF.com
TaskCategory=Logon
OpCode=Info
RecordNumber=397235473
Keywords=AuditFailure
Message=Anaccountfailedtologon.
Subject:
SecurityID: ANONASERVER\ANONAUSER
AccountName: ANONAUSER
AccountDomain:ANONASERVER
LogonID:0x16f84c6
LogonType:3
AccountForWhichLogonFailed:
SecurityID:NULLSID
AccountName:Guest
AccountDomain: ANONASERVER
FailureInformation:
FailureReason:Account
currentlydisabled.
Status:0xc000006e
SubStatus:0xc0000072
ProcessInformation:
CallerProcessID:0x1640
CallerProcessName:C:\Windows\explorer.exe
NetworkInformation:
WorkstationName:ANONASERVER
SourceNetworkAddress:
-
SourcePort:-
DetailedAuthenticationInformation:
LogonProcess:Advapi
AuthenticationPackage:Negotiate
TransitedServices:-
PackageName (NTLMonly):-
I've included the entire output. So I drilled into the machine, found the person who was the Security ID associated with the calling Process. Opened Procexp64.exe, found the PID, did a bring to front and it was as it says, Windows Explorer.exe. One that had been opened to "Pictures" under the users Documents. He said he hadn't navigated that Windows Explorer process yet (fellow Admin, he is accurate).
Either way, this doesn't seem to be that rare of an issue, but I am having trouble nailing down exactely what is occurring and more important how to put an end to it. GPO Info: Network access: Sharing and security model for local accounts: Classic
Accounts: Guest account status: Not Defined
Accounts: Rename guest account: Enabled and renamed
Thanks
HI All,
Please see following alerts from our Server 2008 Standard server:
Can you help?
An account failed to log on.
Subject:
Security ID: CONTOSO\administrator
Account Name: administrator
Account Domain: CONTOSO
Logon ID: 0x1590da
Logon Type: 3
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: Guest
Account Domain: SERVERNAME
Failure Information:
Failure Reason: Account currently disabled.
Status: 0xc000006e
Sub Status: 0xc0000072
Process Information:
Caller Process ID: 0x10b8
Caller Process Name: C:\Windows\explorer.exe
Network Information:
Workstation Name: SERVERNAME
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon request fails. It is generated on
the computer where access was attempted.
The Subject fields indicate the account on the local system which
requested the logon. This is most commonly a service such as the
Server service, or a local process such as Winlogon.exe or
Services.exe.
The Logon Type field indicates the kind of logon that was requested.
The most common types are 2 (interactive) and 3 (network).
Thanks,
JJ.
Hello
I have a two-tier PKI setup (2008 R2) in a Dev Network - Offline Root, and Enterprise Issuing with Online Responder. I've just run PKI View on the Enterpise CA, and all the HTTP locations, have a status of "Unable to Download", and the OCSP Location has a status of "Error". If I copy any of the URL locations and paste it into a browser, I can download the file without an issue.
The one thing I have done on this server recently was install WSUS, so I'm not sure if that has caused the issue, but since I can still manually download the files from the http location, I'm unsure what the issue could be.
I was also testing a proxy server recently on this network, but this has been decommisioned, and browser settings have been reverted to go "direct".
Any assistance will be appreciated.
Cheers
Glenn
Que tal todos Espero se encuentren bien,
Encontré una respuesta parecida, pero de igual manera quiero saber si también esto ocurre con el SO operativo mencionado en el titulo.
Saludos,
Daniel
I have Windows server 2008 and domain base network. My network is working perfectly except one thing.
When ever some body send me e-mail attached with picture or pdf file it appear distorted or patchy. I talk to my smtp server host and they are saying port **80 and 443** is scan and sucking my mail. i turn off all firewall and allow inbound and out bound connection full access but still no solution.
Please if some body have any idea or solution feel free to buss me.
Thank you
Hi,
I need to install the hotfix KB2775511 on number of Windows 2008 R2 -SP1 servers .I would like to automate this process.
Regarding the reboot ,i need to make sure that the servers are rebooted automatically. This reboot should happen at a scheduled time.
We use WSUS for patching the servers.
Thank you.
Hi,
I have a normal domain user that need to run tsmmc.msc, everytime he starts mmc, you will be prompted for administrator credentials, but I don't want to grant Administrator privilege to him.
What should I do now?
I need to create a cert for a computer and I need to supply a number of subject alternative name values but when I complete the cert enrollment request and supply the different subject alternative name values the resulting cert only contains the 1st "alternative name" not all the values I entered
Is there something to do with the AD domain being at windows 2003 level and if so how do I submit a request that will include all the alternative names I require?
EventID 4732 and 4733 are found on windows 2008 servers when a local group is modified. 4732- member added and 4733 member removed. When this event is generated the "Account Name" field does not contain any data. When similar events are generated on domain controller, the distinguished name of the user is generated within that field.
Does anyone know if there is a setting or some sort so that information regarding the user account cvould be populated in that field on member servers.
Thanks
Paul
Paul Glickenhaus
I am trying to recover a lost private key for a certificate on a 2008 R2 box (web server cert, issued by Thawte) and when I run:
>certutil -repairstore my "cert serial #"
I get:
>No key provider information
>Cannot find the certificate and private key for decryption.
>CertUtil: -repairstore command FAILED: 0x80090010 (-2146893808)
>CertUtil: Access denied.
I am domain admin, and running the command in an Administrator:Command Prompt. For some reason I vaguely recall something about permissions to the keystore needing to be modified, but I have slept since then so I may be way off base. My searching is failing me this morning, so hopefully this is an easy fix (short of revoke/reissue the cert) that someone else has encountered.
Thanks in advance.
We have recently installed our certificate servers and issued certificates to all domain computers and users. We have noticed that the Application event logs on all the user systems and terminal servers are getting flooded with events 64 and 65 that are informational only. I am trying to find a way to eliminate these useless events. I have tried looking for a GPO or something, but so far have been unable to come up with a solution
Any help would be greatly appreciated.
================
Log Name: Application
Source: Microsoft-Windows-CertificateServicesClient-CertEnroll
Date: 9/19/2011 1:07:36 AM
Event ID: 65
Task Category: None
Level: Information
Keywords: Classic
User: SYSTEM
Computer: MY_COMPUTER.MY_DOMAIN.com
Description:
Certificate enrollment for Local system is successfully authenticated by policy server {AC59B4C0-922A-4EBB-A387-D29C34207A9C}
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-CertificateServicesClient-CertEnroll" Guid="{54164045-7C50-4905-963F-E5BC1EEF0CCA}" EventSourceName="CertEnroll" />
<EventID Qualifiers="33370">65</EventID>
<Version>0</Version>
<Level>0</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2011-09-19T08:07:36.000000000Z" />
<EventRecordID>48478</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>MY_COMPUTER.MY_DOMAIN.com</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="Context">Local system</Data>
<Data Name="ServerURL">{AC59B4C0-922A-4EBB-A387-D29C34207A9C}</Data>
</EventData>
</Event>
=======================
Log Name: Application
Source: Microsoft-Windows-CertificateServicesClient-CertEnroll
Date: 9/19/2011 1:07:31 AM
Event ID: 64
Task Category: None
Level: Information
Keywords: Classic
User: MY_DOMAIN\MY_USERNAME
Computer: MY_COMPUTER.MY_DOMAIN.com
Description:
Certificate enrollment for MY_DOMAIN\MY_USERNAME successfully load policy from policy server {AC59B4C0-922A-4EBB-A387-D29C34207A9C}
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-CertificateServicesClient-CertEnroll" Guid="{54164045-7C50-4905-963F-E5BC1EEF0CCA}" EventSourceName="CertEnroll" />
<EventID Qualifiers="33370">64</EventID>
<Version>0</Version>
<Level>0</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2011-09-19T08:07:31.000000000Z" />
<EventRecordID>48477</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>MY_COMPUTER.MY_DOMAIN.com</Computer>
<Security UserID="S-1-5-21-1085031214-1604221776-682003330-1193" />
</System>
<EventData>
<Data Name="Context">MY_DOMAIN\MY_USERNAME</Data>
<Data Name="ServerID">{AC59B4C0-922A-4EBB-A387-D29C34207A9C}</Data>
</EventData>
</Event>
Hi,
I am currently working on a PKI system which should allow users to logon to a domain using smart cards. I have implemented a CSP which communicates with my smart card. I am able to generate a RSA key pair on the smart card, request a user certificate from the
CA and put the resulting certificate on the smart card. The problem comes in when I try to logon using the certificate on the smart card.
Windows is able to successfully extract the certificate from the smart card during the logon process, requests the user's pin and sends the authentication request to the domain controller. After a while the logon process fails with the message "The system
could not log you on. Your credentials could not be verified." and the message in the event logs on the server says "An error occurred while verifying a signed message using the inserted smart card: Invalid Signature" with event ID = 8.
The messages posted by Windows is self explanatory and I understand them, so I tried verifying whether my smart card is producing the correct signatures. I used openssl to calculate the SHA1 digest of the logon certificate, on a PC, and instructed my smart
card to sign the digest. I then used openssl to verify the signature using the public key in the certificate and it says that the verification was successful. So I am assuming the signature is correct.
Any ideas what might be causing the problem? Could it be the padding type?
I am running Windows 7 Professional (32-bit) on the client PC and Windows Server 2008 R2 Enterprise (64-bit) on the server. The client PC is using a checked build version of Windows which allows me to run a kernel debugger which enables Windows to use my CSP, otherwise, as far as I understand, Microsoft needs to sign the CSP before Windows accepts it.