Recently in Windows 2000 Category

5 if you include the couple of Dell partitions! The Dell pc comes with two hidden partitions - one is the diagnostics partition and the other is the system restore partition so you can get back to factory image if you ever need to. After I had installed Vista on the machine I then attempted to install Windows2008 but the installation process wouldn't let me proceed as it couldn't make a new partition due to the limit of 4 primary partitions on a hard disk. I therefore booted back into XP, blew away the Vista partition, created a new extended partition and within that created two drives - one for Vista and one for 2008. A quick reboot off the dvd and Vista was soon installed, then a repeat of the process, this time with Windows2008 and that was installed quickly too - I think Windows 2008 took about 20 minutes.

This evening I was preparing for an adminstrator password change that I need to do tomorrow on a Windows 2000 box so to check everything worked ok I created a new virtual machine in 2008, loaded the Windows 2000 cd and 26 minutes later I had installed Windows 2000 in a vm, rebooted, changed the password using the Offline NT Password cd and rebooted back into Windows 2000 and was able to log back in again. I suspect on old hardware it will take that long just to boot the machine up and change the password and log back in again!

I also really wanted the ability to select the Operating System that the machine would boot into after it was rebooted. The default installation of any OS is going to prompt you for the installation but that isn't much use when the reboot is happening remotely.  I remember some software I used back in the NT4/2000 days that would do this but couldn't remember what it was called. That wouldn't actually help though as the boot structure in Vista and Windows2008 is radically different requiring the use of BCDEdit......  Alternatively EasyBCD could be used to edit the boot configuration. This is well worth downloading as it makes editing the boot configuration much nicer. I was able to use this utility to remove the extra Vista configuration as a result of the dual installations of Vista. What is even better is their iReboot software. Install this on all the OS's and then you can select which OS to boot with from a Task Notifier icon and restart the machine - just what I needed. (Note this does require .net framework so I had to install this on the new xp installation as it didn't have it already! Also note that the first result for .net framework 2 comes up with a page can't be found on Microsoft's site and the second hit is for the beta version! Use this link instead and don't forget to check Windows Updates afterwards)

An upgrade to XP wasn't working this morning with the pc giving various error messages - Setup was unable to verify drive C, Setup cannot copy the file: driver.cab. At this point it had damaged the w2k installation enough that the previous installation would not boot. A chkdsk from the recovery console would just reboot the pc. Booting to BartCD I was able to run defrag and a chkdsk with no problems found. I tried different installation media and still got the same problem. I searched for a BIOS upgrade but couldn't find anything useful so I then swapped the cd drive itself and it is now working (or at least it is most of the way through the upgrade).

If you are decomissioning an old server and moving the data to a new server, an easy way to let all the hosts still connect to the old server is to create a cname alias in dns such that oldserver points to newserver.domain This way, any software coded to use unc names will still find the share but on the new server.
Unfortunately, by default the new server does not expect to get requests for the oldname so it ignores them and the client receives an error message. This is apparently fixed by following the instructions in KB281308.

MS06-049 has issues with Windows 2000 and compressed files which could lead to compression. Make sure you read this discussion and the original patch article.

kb article 909444 has how to fix the issues that may arise when you install Microsoft Security Bulletin MS05-051: Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400). Although I've not had any of these issues - yet - this will be good reference for me.

I had another interview with a recruiting company this morning and after the interview I was asked to complete two Windows2000 server tests. Both of them were on the setup and installation of Windows2000. The scores had been marked with an average of all the people across the consulting company who had taken the tests and I was suprised to see that the average was about 55% (I think - it could have been less). Although I found some of the questions hard, some of them were easy and quite a few of them were ambiguous - just like the Microsoft exams really. However I was pleased to get the results of 70 and 71% correct. I think if I had known I'd have been tested on these programs I would have swotted up a bit. I also think that some of the answers were incorrect.
One of the questions was "Which of the following servers can NOT be configured to use dhcp for a network address". The answers were Dns server, dhcp server, AD controllers, print server, Wins server. I know for a fact (because I've done it in the past) that you can use dhcp for all of the above. Not necessarily recommended but it is possible. By setting a dhcp reservation for the mac address of a DNS, AD Controller and DHCP server , it is possible to have it use dhcp to get an address. The answer, according to MS, was that the last 2 were ok as dhcp servers....personally I beg to differ, but you just have to remember that there is the right way, the Microsoft way, the Real World way and the I can't believe its not butter broken way.
Anyway, with those results, hopefully that will give the recruiter proof that I know what I'm talking about even if I don't have the certifications to prove it. However the good thing is that they will have online training and also sponser the majority of the costs for accreditation once employed so I will be able to get my certs soon.

Seeing as though its been a long time since i've done much work with Group Policies, it took me a long time to work out why the policy for disabling Windows Updates within IE and the start menu would not work, yet the settings for telling where the client should go to get its updates did work.
Eventually I read a website which tipped me off and is actually obvious when you think about it. I had created an OU and moved computers into it, but I hadn't added the users to the OU. Therefore only the computer configs were amended but not the users.
Now that I've done it correctly, WUS seems to be working pretty well (apart from one machine that thinks it needs to download .net framework 1.0 patches when in actual fact it needs to download 1.1 patches.

Although its not a good idea to do this, we have a requirement to set the passwords for users on a telnet application so that they never expire. This is because the telnet interface is the only interface they have with the server and therefore they don't have any way of changing their passwords. Security is controlled by another layer of usernames and passwords within the app so its not that much of an issue.
Anyway, I have a script that creates all the users for me - saves me having to enter all the fields correctly and also ensures that all the fields are entered in a uniform manner.
Until this morning, I'd not been able to set the password never expires option. However using netuser.exe, available from JSI Tip 570 you can do this with netuser username /pwdnexp:y

Its advisable FIRST to check whether TCP/IP Printing is actually started on the nt4 server. If it's not then nothing is going to work. When the service is started, telneting to the server on port 515 proves that the server is listening for requests.
WHY it took so long to check this I don't know - I guess the fact that it is already working for other machines on the network (using some other protocol to print with) made me a bit too complacent - now back to adding those 50 printers........

Fixing "connection refused" when trying to ftp into iis, "the system cannot find the drive specified" when using the iis admin interface, "2148073487: object already exists" when trying to start the ftp service and "0x8009000F = Object Already Exists" when trying to reload IIS onto a w2k server. That should sort out the google search requests - for details read on.......

Had an interesting hour this morning trying to fiddle our dns on the lan here. I wanted to force a lookup via ip to go to the internal network address rather than the external network address. Here's how I did it (as I know I'm going to need it again one day)

Yesterday was patch day at the office with the ie patches being deployed and as it was the first of the month I decided to check the servers to make sure they were uptodate. One of them was still on Servicepack3 so it was way overdue an upgrade to sp4. However on installing it this morning, it failed and rolled back. The svcpack.log in the winnt directory gave me

Starting process:  C:\WINNT\system32\wzcsetup.exe /i /P

***

Return Code = 2148467211 

***

DoInstallation:RunInfProcesses for ProcessesToRun Failed

Searching on google groups I came across the thread where somone else had the same problem installing sp4. I followed the installation of the wireless networking patch (even though like the original poster I don’t have wireless networking on the lan, let alone this machine), rebooted the server...and then users were in the office and I had to postphone the sp4 update....for about 5 minutes until I told persuaded them to let me try it one more time - and it worked.
Thanks to Emmers Presson and Leonard Severt for their words of wisdom on google 9 months ago!

User complained that My Documents was not on his desktop and not appearing in the explorer view when he pressed the WindowsKey and E. After about 30 mins of hunting through to find the solution it was "easy when you know how". Just go to control panel/Folder Options/View tab and select Show My documents on the desktop. You do not have to edit the registry, run various dll routines, use tweakui or throw the monitor out of the window.

I thought I had blogged this already but we had major problems trying to create a trust between our w2k domain on a remote network and our w2k domain locally with errors saying that our server was not operational when trying to add permissions. This was due to the additional step (compared to nt4 domains) of having to ensure that dns and zone transfers are setup correctly beforehand. It would have been nice if the Domains And Trust mmc told you about this instead of having to find the JSI Tip 4606. You can't access the users list in a trust because the 'The server is not operational'?
And yes I know if we'd read the manual we might have known that - but there isn't a manual for w2k anymore - but thats another story.

I've been attending the Microsoft Scripting week webcasts this week - with a 90 minute presentation sent over the web with audio and powerpoint slides. Its been pretty good with some useful scripting tools and techniques picked up. The best thing is that the whole presentation can be downloaded and looked at offline rather than having to stream the whole thing in realtime (or even in on-demand) so I'll be able to get to review the presentations later. There are also several scripts that are downloadable which build upon each other to produce some good scripts. I'm looking forward for the next two events.

Google have changed their web interface so that when you post to a newsgroup you have to have a google account now instead of any email address you like. This is good in some respects as it means you might get a gmail account but it means you have to put your gmail address in the newsgroups - NOT a good idea due to the amount of spam

Customer needed to pause a network queue from a dos prompt (don't ask!) on windows 2000. Looks like you need to download the Windows Server 2003 Resource Kit Tools (ironically enough) and then use setprinter.exe
Details for this was found at a mcse.ms. Not tried it yet, but will do sometime.....

A useful place to download all those post sp4 hotfixes, some of which would normally need a call logging with microsoft are at Pubforum. As this is an unknown source, you really need to be sure the files you are downloading are legitimate.

First working day of the year and I'm already stressed out! Kristen's car decided to start playing up - I managed to drive about 30 metres up the road when it just conked out. Various attempts at trying to start it failed,with the engine just not firing. Jump leads didn't help at all so we've got to arrange a visit back to the garage (and it only passed it's MOT less than a month ago.
Today we finished the last of the 98-W2K/XP upgrades. One of the machines the user was unable to connect to one of our domain controllers - all of the other domain controllers were fine apart from this one and other users on that machine were also fine. netdom was coming up with errors saying that the trusted channel didn't exist (didn't have time to get the exact error message) so I figured the machine account on the network was missing. Removing and adding back onto the domain didn't make any difference.I had to remove from the domain, change the computer name and then add it back to the domain again.
The other machine works fine except it won't change the scheme under display properties/appearance. Selecting a different scheme just switches back to the original one, you are unable to scroll through the list of schemes and the apply button is permanently greyed out. Again, logged on as a different user, the problem doesn't exist. I can't work out where the settings are being stored or how to fix it.....yet. Thankfully I have 2 more days before the user comes back to the office.
Oh and I've also spent the past four days with a REALLY sore/stiff neck for no obvious reason. I had to work from home in a still position three days ago as it was too painful to drive (and i couldn't move my neck from side to side). It's almost better now, still stiff though :-(

One of our servers suddenly stopped doing its backup properly. When I watch the (scheduled) backup routine running the selection that it backs up is not the selection that is listed in the .bks file. I'm not sure what it *is* backing up as the (full) log file doesn't tell me the details and the gui interface is not available for me to poke around on when the job is scheduled. Turns out that the @ in front of the backup selection (as per Microsoft's XP backup article) did the trick. Why I should need one in Windows2000, when it's not documented anywhere else that I can see, I don't know. I'm just glad the backups are all working again in time for the Christmas break. Our mail server was also refusing to backup, but this was because there was more data on the disk than would fit on the tape drives. Swine consultants keep backing up their hard disks using ghost or even just an xcopy onto the server and taking it over the tape drive capacity.
No flames telling me to use BackupExec or any other third party software please, unless you are going to give me a cheque to buy the third party software at the same time.

Microsoft have brought out a new utility called Tweakomatic that is primarily used for retrieving or configuring Windows and IE settings. It can also be used for configuring various other scripts using WMI interfaces. Although I've not used it yet I will be downloading the 258k file.

The best source for a Offline NT password & reg-editor with a link to how to change the password for a Domain Controller

I think I'm getting a bit closer in my hunt to work out why the computer seems to spontaneously combustreboot when I am doing certain things. A lot of the time it seems random but there are certain things I do that make it reboot. Viewing a certain gif file in a certain package, or going to www.merzo.net in Phoenix. The quick answer of course is to stop doing those things. However I logged on as a new user on the w2k box, went to the merzo site and it didn't reboot. Therefore I think its a corrupt w2k profile that is causing problems. I tried creating a new Phoenix profile in the normal w2k profile but this didn't solve the problem. Incidentally the Merzo website has some pretty cool artwork on it and when you move the mouse over the pictures something happens.

The fix to the onboard AMD Ethernet adapter fails after upgrading to Microsoft Windows 2000 did the trick.

I'm really struggling to do an inplace upgrade of nt4 to windows2000 (and there *are* good reasons for doing an inplace upgrade as opposed to a clean install) and one of the suggestions to get around a bsod when it boots is to disable the cache on the motherboard. When I did that and booted into nt4, just clicking start and then run took 12 seconds to fire up the run dialog box. As you can imagine the rest of the process is painfully slow which means its going to take even longer to do the upgrade. The difference in speed when you have no cache on the processor is pretty amazing (although I guess I could have cheated by interrupting the reboot process of the upgrade to disable the cache at this point in time instead of at the beginning of the upgrade)

Yesterday I started on an inhouse, inplace upgrade of a nt4sp6 machine to Windows 2000. Fortunately I took a backup with PowerQuest DriveImage of the machine before I started. Ghost is normally our imager of choice but the version of Ghost we have would not see the SCSI disks yet DI would.

Anyone have any ideas why my w2k machine would just suddenly reboot itself to the bios screen and start backup again? It doesn't seem to be a windows crash as I'd expect a blue screen if that was the case. Sometimes it will do it at random, but other times its reproducable. I downloaded a gif file this morning and everytime I loaded it into a certain application it would reboot. However loading into paintshoppro, saving as a jpg it was fine. Resizing the itunes app to fit the width of my screen (they don't have a maximize button strangely) caused it to reboot.
Booting to recovery console and chkdsk of all drives initially said they were ok, but then I did a chkdsk c: /p which forces it to do a chkdsk and it found some errors, so then it was a chkdsk c: /r to repair. Then i'll have to do f,g,h,i,j and k..... a long afternoon.

With the combination of net time /setsntp:"ntp.demon.co.uk ntp1.demon.co.uk ntp2.demon.co.uk" and w32tm -period 0 -once -v my home pc should now be telling me the correct time which means there won't be a time warp of 10 minutes from leaving the pc in the morning to getting in the car!

From the Windows and .net magazine is an article providing details about the recent Win2K SP4 Bluescreen Fix; Terminal Server Bug Fix; and Citrix Logon Delay

I received an invitation to join this beta today. Among the advertised highlights are -
Support for Windows, Office, SQL, and Exchange patches
Reporting capabilities – deployment status about download, install and impacted machines.
Ability to uninstall patches that support uninstall
More Administrative controls – patch install, uninstall, install by a deadline, and configurable client polling intervals.
Targeting of different updates to administrator defined groups of machines.

They should really have been in version 1!

After installing some patches on one of the servers I got the following message - "Your updates have been installed successfully. To complete installation you must restart your computer. Do you want to restart your computer now?" Nothing wrong with that - the weird thing is that the YES button was greyed out....I'm just wondering if its because I was using terminal services to do the upgrade but very strange.

Had a weird event id 1000, source Userenv when building a desktop in the office.
The full error was "Windows cannot determine the user or computer name. Return value (1326)".

Finally got some downtime yesterday (as I couldn't sleep early in the morning) to swap the tape drives around on our Windows 2000 servers.

Microsoft PowerToys for Windows XP and Windows2000 has been updated with at least a new version of tweakui although this needs XP Service Pack1 or Windows 2003. I'm not sure what else has been updated as the web site doesn't say. CmdHere hasn't changed. Tweakui has gone on a diet as its now 147kb instead of the previous 577Kb

Winnet Magazine has an online column where readers report on Win2K SP4 problems. Most of them are the same problems as reported elsewhere, but definately worth a check before you roll out sp4

Winnetmag has an article (in an incredibly tiny font - but using Firebirds Style Switcher I set it to no style so I could read it) on more problems with SP4.

A list of NT Commands is quite a useful bookmark, although the title is a bit misleading as a lot of the commands are actually resource kit utilities.

Windows 2000 Service Pack 4 (SP4) Issues are noted and commented on. This is what I was trying to find when I installed sp4 on the servers last week. Mind you, I've not had any problems (that I'm aware of) with the installations so far. I'll probably roll it out to other servers when I get time.

First time I tried to install Service Pack4 it complained it hadn't been able to do it and to either rollback or continue, rebooting into safe mode and recovering from the emergency repair disk.

First installation of Service Pack is going on a server this afternoon. I've checked the Release Notes for Windows 2000 Service Pack 4 and there are only a couple of things that *might* have been relevant, the list of post sp4 hotfixes, none of which we have installed and the fact that key management may not start after the sp4 installation.

Yesterday I had a problem where the (local) user account had expired on a Windows 2000 server yet there is no interface in Computer Management for unexpiring the account. Eventually I found out that typing in net user username /expires:never solves the problem.

Tuesday was the day that new NT4 fixes were no longer issued free by Microsoft. The same thing will happen in 6 months for exchange 5.5 and 12 months after that nt4 won't be supported anymore. Thats a real shame as exchange 5.5 is the last mail server version that will run on a non AD site and I know loads of companies who aren't running w2k/Active Directory yet. (Thankfully we're not one of them)

I managed to get backup exec installed and running on the server yesterday in an effort to try and get the backup times down from 19 hours to the original 1hour 20 mins. (This changed when we put a DLT tape drive instead of a DAT drive in). Backup exec has brought the time down (sounds suspiciously like MS owns BackupExec and has crippled dlt support so that you have to buy backup exec to get a decent backup). However I turned on email notification on alerts and job success/failure. I knew something was wrong when I logged in and had 33 new emails this morning - one every 15 minutes to tell me to remove the media as it had finished. You would have thought that after a couple of hours (at 2am in the morning) it should have realised we were all asleep and not to continue sending out the alerts wouldn't you?????

Ok - lets see how many servers break this weekend :-) I think ours can wait until I get back into the office on Wednesday - then I'll look to see if there have been any major bugs. In the meantime if you want to test it for me, then go to the download page. Thanks nfo

. Now this is the sort of server I'd like to play quake/doom/half life on and with 8 processors you'd probably have no problem running all three. Seeing as though it's a customers server I couldn't put the software on it :-)

I stumbled upon a question that I could answer at Experts Exchange the other day whilst searching for a technical answer for something. It's interesting that this site is getting higher and higher up the ranks in google when you search for computer stuff - its very often in the top 3 hits (or even ALL the top 3 hits). I registered, answered the question on red crosses appearing in web pages and today I had my answer accepted, received 100 points and rated A! Whilst I was looking at how I got these points I answered another question on smtp email receiving 0xC00402C7 when trying to send mail to a certain domain (or in this case a particular server). A quick google search meant I answered the question, got rated A again and this time got 500 points! Now I need to work out what I can do with these points and what the grades are for. Answering questions in here is good exam practise, technical knowledge refreshing and good training on how to write clear concise answers for people to follow.Still got a long way to go though as I'm currently ranked 20779 (out of 41235). Thats almost in the top 50% - just from two questions - but it also shows just how many other people there are with similar problems and answers.

Found a useful site yesterday that has a long list of articles on Technet to do with Terminal Services. Its the home of Mark Minasi's site who is the author of several very good Windows 2000 books.

Had an interesting problem at work this afternoon. Clients using windows98 were unable to open some hlp files, with a message saying "Cannot display this Help file. Try opening the Help file again, and if you still get this message, copy the Help file to a different drive, and try again. (136)". Thanks to dovico from a google search, the solution bizarrely enough is to make the directory that the files are stored in as read only. When this happens, the help file doesn't try to edit another file in the directory and opens successfully. It's all to do with the file being opened by Windows NT clients at the same time.

We have the need to upgrade an existing nt4 server to windows2000, the only problem is that the nt4 server is available to restore and create nt4 backups for our customers and patch management. After a quick test today I discovered that W2k CAN restore data from an nt4 backup tape (we tried a while back but couldn't get w2k to read the tape for some reason) but we need to also create nt4 readable tapes....I had thought of using vmware running a nt4 virtual machine but apparently the $300 is too expensive :-( Instead we are looking at having a dual boot machine which can dual boot to nt4 on those rare occasions we need to use the nt4 backup facility....or does anyone else have any ideas?
Update Sorry - should have said LEGAL ideas!

You would have thought that if IIS had Integrated Authentication AND Basic Authentication was enabled that if the client didn't support Integrated Authentication it would revert back to Basic.....No chance. The annoying thing is that several of our customers had this problem but I was completely unable to replicate the problem until this afternoon. One of our clients dialed up using a local rate Internet provider that was free to sign up for. After I signed up (to actually solve a completely different problem he was getting) I tested the website and was unable to get in. After removing Integrated Authentication I was able to get into the website after entering the correct username and password. Now I can close about three incidents :-)

From the Windows2000 Faq, this is how you configure the Remote Console to not require you to enter the administratorpassword. This is pretty useful as I found it really hard to remember what the password was when I installed a server all those years ago.....(especially as people tend to set it to the same as the administrator password and user passwords have to be changed every 90 odd days).
Using Regedit, navigate to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Setup\RecoveryConsole registry subkey. Double-click SecurityLevel, set its value to 1 to not require password entry (or 0 to require the user to enter the password), then click OK.
You can also use the Microsoft Management Console (MMC) Local Security Settings snap-in (go to Local Policies, Security Options, "Recovery console: Allow automatic administrative logon") to configure this setting.

Naturally the MMC option is the preferred route.