November 2008 - Posts
I recently blogged about time and how critical it is in a domain environment. Just this morning I read a post from the Directory Services Team that shows how to configure WMI Filtering through Group Policy to ensure that the PDC Emulator always has the right time configuration. You need to read through this post really consider implementing a similar policy into your environment.
The only portion that is missing from that post is the location of the W32Time settings in Group Policy. The policy you will be configuring is located under the Computer Configuration\Administrative Templates\System\Windows Time Service\Time Providers\Enable Windows NTP Client
After you enable it you will want to change the default setting from NT5DS (which means find and sync with the PDCe) to NTP. This is because we are configuring this for our PDCe which should be pointing to a reliable time source (internal or external). You will also configure the location to that reliable source in the NTPServer dialog box.
I haven’t seen a great tip like this in some time. This is one of those great little finds and I hope you enjoy it.
I ran into this error awhile back after building a new root level Domain Controller (DC). My initial health checks panned out ok but after about an hour the following should up in my System Event log:
Event Type: Error
Event Source: KDC
Event Category: None
Event ID: 11
User: N/A
Computer: DCShortName
Description:
There are multiple accounts with name cifs/DCShortName of type DS_SERVICE_PRINCIPAL_NAME.
My forest root domain has a fairly small amount of accounts with the majority of them being DCs. I knew that the name that was added was not in conflict with the forest root. With this name being the shortname of the DC I knew that I would have to check other child domains. After a quick search of the directory (GC) via Active Directory Users and Computers I was able to find another computer with the same name. Unfortunately one of the computers had to go bye-bye…and it sure wasn’t going to be my DC. Needless to say after the computer was removed from Active Directory the errors stopped showing up.
Quite a few people have asked recently about services in Server Core. They want to know what’s running and what’s not running. Below you will find a listing that intended to help those out that need to know the status of Services on Server Core. It is sorted by Service Name.
Another useful item to note on Server Core (or the CMD Prompt on Server) is that you can still use the SC command. In particular you should run SC Query, this little useful command will tell you which services are running. If you want to view the ones that are not running just run sc query state=inactive. There is a bunch of stuff you can do with the SC command and you should really check out the help.
A great tip for using commands is to append | more to the end of the command. This should only display one page at a time.
| Service Name |
Display Name |
Startup Mode |
Account |
| AeLookupSvc |
Application Experience |
Auto |
LocalSystem |
| AppMgmt |
Application Management |
Manual |
LocalSystem |
| BFE |
Base Filtering Engine |
Auto |
LocalService |
| BITS |
Background Intelligent Transfer Service |
Auto |
LocalSystem |
| Browser |
Computer Browser |
Manual |
LocalSystem |
| CertPropSvc |
Certificate Propagation |
Manual |
LocalSystem |
| COMSysApp |
COM+ System Application |
Manual |
LocalSystem |
| CryptSvc |
Cryptographic Services |
Auto |
Network-Service |
| DcomLaunch |
DCOM Server Process Launcher |
Auto |
LocalSystem |
| Dhcp |
DHCP Client |
Auto |
LocalService |
| Dnscache |
DNS Client |
Auto |
Network-Service |
| DPS |
Diagnostic Policy Service |
Auto |
LocalService |
| Eventlog |
Windows Event Log |
Auto |
LocalService |
| EventSystem |
COM+ Event System |
Auto |
LocalService |
| FCRegSvc |
Microsoft Fibre Channel Platform Registration Service |
Manual |
LocalService |
| gpsvc |
Group Policy Client |
Auto |
LocalSystem |
| hidserv |
Human Interface Device Access |
Manual |
LocalSystem |
| hkmsvc |
Health Key and Certificate Management |
Manual |
LocalSystem |
| IKEEXT |
IKE and AuthIP IPsec Keying Modules |
Auto |
LocalSystem |
| iphlpsvc |
IP Helper |
Auto |
LocalSystem |
| KeyIso |
CNG Key Isolation |
Manual |
LocalSystem |
| KtmRm |
KtmRm for Distributed Transaction Coordinator |
Auto |
Network-Service |
| LanmanServer |
Server |
Auto |
LocalSystem |
| LanmanWorkstation |
Workstation |
Auto |
LocalService |
| lltdsvc |
Link-Layer Topology Discovery Mapper |
Manual |
LocalService |
| lmhosts |
TCP/IP NetBIOS Helper |
Auto |
LocalService |
| MpsSvc |
Windows Firewall |
Auto |
LocalService |
| MSDTC |
Distributed Transaction Coordinator |
Auto |
Network-Service |
| MSiSCSI |
Microsoft iSCSI Initiator Service |
Manual |
LocalSystem |
| msiserver |
Windows Installer |
Manual |
LocalSystem |
| napagent |
Network Access Protection Agent |
Manual |
Network-Service |
| Netlogon |
Netlogon |
Manual |
LocalSystem |
| netprofm |
Network List Service |
Auto |
LocalService |
| NlaSvc |
Network Location Awareness |
Auto |
Network-Service |
| nsi |
Network Store Interface Service |
Auto |
LocalService |
| pla |
Performance Logs & Alerts |
Manual |
LocalService |
| PlugPlay |
Plug and Play |
Auto |
LocalSystem |
| PolicyAgent |
IPsec Policy Agent |
Auto |
Network-Service |
| ProfSvc |
User Profile Service |
Auto |
LocalSystem |
| ProtectedStorage |
Protected Storage |
Manual |
LocalSystem |
| RemoteRegistry |
Remote Registry |
Auto |
LocalService |
| RpcSs |
Remote Procedure Call (RPC) |
Auto |
Network- Service |
| RSoPProv |
Resultant Set of Policy Provider |
Manual |
LocalSystem |
| sacsvr |
Special Administration Console Helper |
Manual |
LocalSystem |
| SamSs |
Security Accounts Manager |
Auto |
LocalSystem |
| SCardSvr |
Smart Card |
Manual |
LocalService |
| Schedule |
Task Scheduler |
Auto |
LocalSystem |
| SCPolicySvc |
Smart Card Removal Policy |
Manual |
LocalSystem |
| seclogon |
Secondary Logon |
Auto |
LocalSystem |
| SENS |
System Event Notification Service |
Auto |
LocalSystem |
| SessionEnv |
Terminal Services Configuration |
Manual |
LocalSystem |
| slsvc |
Software Licensing |
Auto |
Network-Service |
| SNMPTRAP |
SNMP Trap |
Manual |
LocalService |
| swprv |
Microsoft Software Shadow Copy Provider |
Manual |
LocalSystem |
| TBS |
TPM Base Services |
Manual |
LocalService |
| TermService |
Terminal Services |
Auto |
Network-Service |
| TrustedInstaller |
Windows Modules Installer |
Auto |
LocalSystem |
| UmRdpService |
Terminal Services UserMode Port Redirector |
Manual |
LocalSystem |
| vds |
Virtual Disk |
Manual |
LocalSystem |
| VSS |
Volume Shadow Copy |
Manual |
LocalSystem |
| W32Time |
Windows Time |
Auto |
LocalService |
| WcsPlugInService |
Windows Color System |
Manual |
LocalService |
| WdiServiceHost |
Diagnostic Service Host |
Manual |
LocalService |
| WdiSystemHost |
Diagnostic System Host |
Manual |
LocalSystem |
| Wecsvc |
Windows Event Collector |
Manual |
Network-Service |
| WinHttpAuto-ProxySvc |
WinHTTP Web Proxy Auto-Discovery Service |
Auto |
LocalService |
| Winmgmt |
Windows Management Instrumentation |
Auto |
LocalSystem |
| WinRM |
Windows Remote Management (WS-Management) |
Auto |
Network-Service |
| wmiApSrv |
WMI Performance Adapter |
Manual |
LocalSystem |
| wuauserv |
Windows Update |
Auto |
LocalSystem |