Sunday, November 8, 2009

Local group policy toolset

Useful toolset from Microsoft for turning text into policy settings and applying local group policies:

local group policy toolset posted on the FDCC blog
Posted by at No comments:
Labels: , ,

Saturday, November 7, 2009

network level authentication xp

Enabling Network Level Authentication on Windows XP Service Pack 3 for access to Server 2008 via Remote Desktop

"The remote computer requires Network Level Authentication, which your computer does not support."

To enable NLA on XP SP3, run regedit.exe:

1. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

2. Add tspkg to the Security Packages REG_MULTI_SZ

3. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders

4. Add credssp.dll to the SecurityProviders REG_SZ (separated by commas)

5. Reboot


happys days

Posted by at No comments:
Labels: , , , ,

Tuesday, November 3, 2009

OpenDSObject in Windows 7 "a local error has occurred"

Someone pinged me with a bug in a script on Windows 7 with a permissioned bind to AD over LDAP using the DN of a user. They received the error message: 0x8007203B error ("a local error has occurred").

From this:
Const ADS_SECURE_AUTHENTICATION = 1
Const ADS_USE_ENCRYPTION = 2
strPath = ldap://cn=machine,ou=Finance,dc=fabrikam,dc=com/
strUser = "cn=user,dc=fabrikam,dc=com"
strPassword = "4rTGh2#1"
Set objDSO = GetObject("LDAP:")
Set objThing = objDSO.OpenDSObject (strPath, strUser, strPassword, ADS_SECURE_AUTHENTICATION)

Apparently it worked under Windows XP...

The solution ... change strUser = "cn=user,dc=fabrikam,dc=com" to strUser = "fabrikam\user" or user@fabrikam.com Windows 7 does not like the user DN...

Posted by at 4 comments:
Labels: , , ,
Subscribe to: Posts (Atom)

Search Brian Hehir's sites

Loading