Mysterchr

I agree it was not something I expected either. It was by sheer luck and after countless hours of googling that I had found someone else who had come across this before.

Yes,

I should have updated this sooner but I was waiting to see if the resolution actually worked. So far it's a success not a single problem in nearly two days. The resolution ended up being removing all of the old account profiles from the previous domain. Logged in as admin, deleted them, now no more rebooting.

It's a brand new 2008 R2 domain with win xp and win 7 clients. The problem is at random intervals when they try to access network resources they are given a message stating that "the system as detected a possible attempt to compromise security please ensure that you can contact the server that authenticated you" or another one that says "you might not have permission to use this network resource." They get this messages even if they were in those drives moments before. They then have to reboot or log off and back on in order to regain access. I did an echo %logonserver% and got the correct DC as a response. Any ideas?

I need a little help understanding SCCM. From what understanding I have of it, it's basically group policy and WSUS wrapped into one. Any better description or help understanding what it is and what it does and how it differs from GP and SUS would be greatly appreciated.

Hey all, So I'll be attending the Citrix Web Cast tomorrow and Thursday and I will be available on Skype if anyone wants to chat and have a little Q&A. You can find me by searching for OverseNet on Skype.

Here's the quick and dirty of it, our SSL cert signed by our CA has expired. Typically the CA emails the requester before it expires and warns them but the requester was a former employee, his email was disabled when he left and therefore the warnings are well somewhere in email limbo. Nothing we can do about that now only make better choices in the future. But the issue is that now that it has expired I cannot seem to just press the renew button. I go into IIS 7 on our server 2008 sbs server, in our domain I go to server certificates. I select the expired cert from the center pane and press the renew button on the right. I select "Renew an existing certificate using a ca in my domain" On the next page I select my CA and press finish that's when I get the error "The request has been submitted to the online authority, but was not issued. The request was denied." So then I go to Certificate Authority in administrative tools. In the failed requests folder I see the failed request. In the request status column it says "A required certificate is not within it's validity period when Verifying against the system clock." Therefore I assume that that means I cannot renew the certificate as it has already expired. Correct? Is there a way around this? I mean without changing the time and date on the system clock of course. I've already considered it.

I do think that I should throw this out there despite the fact that this is a WINDOWS forum but their are also free software alternatives such as linux servers where the price of software is free but hardware would still cost you. You're not looking for much, it's not like you need a dual quad core with 16 gigs of ram. You won't be running ad, dns, or even dhcp. It might take a bit of research on your part but you could obtain a simple regular desktop PC, install linux, setup a vpn on it and then shared storage folders. You can also do this on any windows server platform but that would be more expensive. But their are benefits to paying for the more expensive option of course. You have five computers lets double that and say ten users, if all ten jump on to a dual core with 4 gigs of ram (which i think should be standard for all desktops) you won't see to much of a down grade in performance. My last suggestion would be for you to just take that "main" desktop of yours and installing hamchi's free vpn. It's free because you have less then ten computers. More then that and it's not free. Install hamachi on all of those pc's and create a hamchi network. Then create file shares that can be shared out through that hamachi connection.

@ICTCity I like you, your answers are always exactly what I was going to say!

Hi all, I'm Andrew also known as Mysterchr. I live in Morgantown, West Virginia, also known as east coast US. I am a system engineer for T3Corp, and also do some consulting on the side. I've been an admin/engineer for nearly seven years. My top most relevant credentials are MCP, MCTS, MCSA, MCSE, MCITP, A+, Net+, and Sec+. I'm of course here to help others in their journey but I'm also hoping to learn new things as well. Participating in forums like this one is part of what I do to train. I'm the type that learns best by either doing it or at least talking about. The only other thing I can think of at this point that you should know about me is that I'm a horrible speller. Granted browsers now a days make things very easy by putting those red squiggly lines underneath of misspelled words. But they also require you to get the word at least close to what you're trying to spell, and I'm not really good at that either. Also I would throw in here about my blog so that you can better familiarize yourself with me and what projects I'm working on, but I'm not sure if that's allowed here or not. Some forums say yes some say no. If you know the answer let me know, in the mean time feel free to PM if you would like to know where you can check it out or if you need some help, or even just want to chat. I'm online for at least ten hours a day so you shouldn't have trouble getting a hold of me.

This is for Server 2008 SBS...In the reg. under the path HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS\VssAccessControl I have three entries for NT Authority all with the value of 1 but I also have a username in there with the same value as the others. This user is a former admin here who has been gone for awhile and his account has been deleted. Lately I've noticed in the logs a lot of warnings with VSS being the source and the ID is 8227...Should I remove this entry? Tell me oh great geeks what should I do?

But how does a server know if a clients firewall is on or off, if the client is no longer a client of that network/domain. The client in this case was removed from AD removed from the list of SBS Network Machines, physically pulled off the network and had its hdd shredded. What else do I have to do to get this server to forget that this client was ever on the network. There is no reason for it to sit in any record. The client machine cannot be a threat if doesn't exist anymore. So how do you get the server to realize it doesn't exist. Communication with that client is not possible it's gone, trashed, deleted, terminated...

It's an SBS domain controller. and the clients are unreachable, they don't even excist on the network or in active directory. They only show up in the report logs as being unreachable how do I get that to stop since their no longer part of my organization.

As any administrator of SBS knows that when you log on much like the Server Management Console on all of the other server editions do the SBS Management Console comes up at logon. This screen shows that I have a number of critical errors under security and also under updates. When I go to the console's reports page, the detailed reports tell me that several computers are way out of date and their firewalls are not turned on. Seems like a nice feature, however the computers in question are no longer a part of our network. They were removed a while back before I got here which was at least two months ago. I removed them from the network using the SBS Console and cleared them out of AD however these reports are still jumping up and down saying there are critical errors on the network due to these machines not receiving the updates or having their firewall turned on. What am I missing those computers should be completely removed from this domain and their update or FW status should no longer be an issue. Please help!.!.! I hate sbs and have no patience for it.