Thursday, February 23, 2017

Server 2003 administrative tasks related

Why does enable audit on SINGLE user FOLDER generate SO many log entries including ones that related to system files ?

Windows 2003 server file access audit
That is normal, unfortuante but normal.  When a machine opens a file there may be several hooks into the file to handle different things.  Each one of these is recorded in the audit log.

Only on Server 2008 or later
----------------------------------
File Auditing Server 2008 R2
I think the issue could be that he is using the basic "Local Policies \ Audit Policy -> Audit Object Access" settings. If you, instead, configure the "Advanced Audit Policy Configuration \ System Audit Policies \ Object Access -> Audit Files System OR Audit File Share" you might have better luck. I had the same issue and then I realized that the later is the better option and it seems to work. Don't configure both, just the "Advanced Audit Policy Configuration"
---


Sunday, February 19, 2017

Server 2003 troubleshooting

Cannot change domain password from Remote Desktop session on NON DC server :
The users password must be changed before logging on the first time
See Best Answer (KB2927811)
---

Plenty of Event ID 675 with Failure Code 0x19 :
There are various causes to this error - which is a Kerberos error. One of the most common is the fact that Windows 2003 DCs inc SBS 2003 use a lower encryption standard than Vista/Win2k8/Win7. This generate a 0x19 error & possibly others. 0x18 errors seem to be to do with password failures