Sunday, November 8, 2009

Local group policy toolset

Useful toolset from Microsoft for turning text into policy settings and applying local group policies:

local group policy toolset posted on the FDCC blog

Saturday, November 7, 2009

network level authentication xp

Enabling Network Level Authentication on Windows XP Service Pack 3 for access to Server 2008 via Remote Desktop

"The remote computer requires Network Level Authentication, which your computer does not support."

To enable NLA on XP SP3, run regedit.exe:

1. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

2. Add tspkg to the Security Packages REG_MULTI_SZ

3. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders

4. Add credssp.dll to the SecurityProviders REG_SZ (separated by commas)

5. Reboot

happys days

Tuesday, November 3, 2009

OpenDSObject in Windows 7 "a local error has occurred"

Someone pinged me with a bug in a script on Windows 7 with a permissioned bind to AD over LDAP using the DN of a user. They received the error message: 0x8007203B error ("a local error has occurred").

From this:
strPath = ldap://cn=machine,ou=Finance,dc=fabrikam,dc=com/
strUser = "cn=user,dc=fabrikam,dc=com"
strPassword = "4rTGh2#1"
Set objDSO = GetObject("LDAP:")
Set objThing = objDSO.OpenDSObject (strPath, strUser, strPassword, ADS_SECURE_AUTHENTICATION)

Apparently it worked under Windows XP...

The solution ... change strUser = "cn=user,dc=fabrikam,dc=com" to strUser = "fabrikam\user" or Windows 7 does not like the user DN...

Search Brian Hehir's sites