Finding the source to something that keeps locking a domain user – MICROSOFT_AUTHENTICATION_PACKAGE_V1_0

Windows 7 Network Drive not Connecting …

I cannot map to the network drive! It said the password is not valid!

1. Goto Run –> gpedit.msc
2. Open the Local Security Policy
3. Select the Security Option under Local Policies
4. Choose “Send LM & NTLM responses“in Network security: LAN manager authentication level

LAN Issue

Complete Force Removal of a Domain Controller from Active Directory

Manually remove a DC from AD follow these steps
Know Your FSMO Locations

Make sure that the DC you are removing is not holding any of the FSMO Roles

i) On any health domain controller, click Start, click Run, type “Ntdsutil” in the Open box, and then click OK
ii) Type “roles”, and then press ENTER
iii) Type “connections”, and then press ENTER
iv) Type “connect to server <servername>”, where <servername> is the name of the server you want to use, and then press ENTER
v) Type “quit”, and then press ENTER
vi) Type “select operation target”, and then press ENTER
vii) Type “list roles for connected server”, and then press ENTER
viii) Review the listed roles and their host, if the DC that wish to remove is not listed proceed to step 4

Seizing FSMO Roles (The Last Resort)

If for what ever reason you can not do a clean transfer you will need to seize it

i) On any health domain controller, click Start, click Run, type “Ntdsutil” in the Open box, and then click OK
ii) Type “roles”, and then press ENTER
iii) Type “connections”, and then press ENTER
iv) Type “connect to server <servername>”, where <servername> is the name of the server you want to use, and then press ENTER
v) Type “quit”, and then press ENTER
vii) Type seize <role>, where <role> is the role you want to seize
viii) You will receive a warning window asking if you want to perform the seize. Click on Yes

Do not put the Infrastructure Master (IM) role on the same domain controller as the Global Catalog server. If the Infrastructure Master runs on a GC server it will stop updating object information because it does not contain any references to objects that it does not hold. This is because a GC server holds a partial replica of every object in the forest.
Transferring the any hosted FSMO Roles

i) For the RID, PDC, and Infrastructure Master
1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
2. Right-click the icon next to Active Directory Users and Computers, and then click Connect to Domain Controller.NOTE: If you are not on the domain controller where you want to transfer the role ,you need to take this step. It is not necessary if you are connected to the domain controller whose role you want to transfer.
3. Click the domain controller which will be the new role holder, and then click OK.
4. Right-click Active Directory Users and Computers icon, and then click Operation Masters.
5. In the Change Operations Master dialog box, click the appropriate tab (RID, PDC, or Infrastructure) for the role you want to transfer.
6. Click Change in the Change Operations Master dialog box.
7. Click OK to confirm that you want to transfer the role.
8. Click OK.
9. Click Cancel to close the dialog box.

For the Domain Naming Master role
1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Domains and Trusts.
2. Right-click the Active Directory Domains and Trusts icon, and then click Connect to Domain Controller.NOTE: If you are not on the domain controller where you want to transfer the role ,you need to take this step. It is not necessary if you are connected to the domain controller whose role you want to transfer.
3. click the domain controller that will be the new role holder, and then click OK.
4. Right-click Active Directory Domains and Trusts, and then click Operation Masters.
5. In the Change Operations Master dialog box, click Change.
6. Click OK to confirm that you want to transfer the role.
7. Click OK.
8. Click Cancel to close the dialog box.

For the Schema Master Role
1. Click Start, click run, type mmc, and then click OK.
2. On the Console, menu click Add/Remove Snap-in.
3. Click Add.
4. Click Active Directory Schema.
5. Click Add.
6. Click Close to close the Add Standalone Snap-in dialog box.
7. Click OK to add the snap-in to the console.
8. Right-click the Active Directory Schema icon, and then click Change Domain Controller.NOTE: If you are not on the domain controller where you want to transfer the role ,you need to take this step. It is not necessary if you are connected to the domain controller whose role you want to transfer.
9. Click Specify Domain Controller, type the name of the domain controller that will be the new role holder, and then click OK.
10. Right-click Active Directory Schema, and then click Operation Masters.
11. In the Change Schema Master dialog box, click Change.
12. Click OK.
13. Click OK .
14. Click Cancel to close the dialog box.
Attempt a Force Removal

i) As a Domain Admin and in a command prompt type dcpromo /forceremoval
ii) If the force removal did not work pull the plug ( or shut down properly) and never every turn it back on while connected to the network
Clear the Metadata from AD

i) On any health domain controller, click Start, click Run, type “Ntdsutil” in the Open box, and then click OK
ii) Type “metadata cleanup”, and then press ENTER
iii) Type “connections”, and then press ENTER
iv) Type “connect to server <servername>”, where <servername> is the name of the server you want to use, and then press ENTER
v) Type “quit”, and then press ENTER
vi) Type “select operation target”, and then press ENTER
vii) Type “list domains”, and then press ENTER
viii) Type “select domain [n]”, [n] representing the domain, and then press ENTER
ix) Type “list sites”, and then press ENTER
x) Type “select site [n]”, [n] representing the site, and then press ENTERR
xi) Type “list servers in site”, and then press ENTER
xii) Type “select server [n]”, [n] representing the DC to be removed, and then press ENTERR
xiii) Type “quit”, and then press ENTER
xiv) Type “remove selected server”, and then press ENTER
Cleanup DNS by Removing all References to the Removed server

i) In the DNS snap-in, right click domain.whatever and Properties
1. Click on Nameservers tab: remove server
ii) Repeat the above instructions for Reverse lookup and all zones
iii) Open up _msdcs and check all folders within for server name or ip reference
iv) Repeat the above step for _sites, and all others
v) Repeat the above steps for the Reverse Lookup Zones
In Active Directory Sites and Services – delete server

Adding first Windows Server 2012 Domain Controller within Windows 2003/2008/2008R2 network


To be able to configure Windows Server 2012 Domain Controller within Windows 2003/2008/2008R2 network we need to check if Forest Functional Level is set up at least in Windows 2003 mode. This is the lowest required Forest Functional Level allowing Windows Server 2012 Domain Controller installation. That means, Windows 2000 DCs are not supported anymore. Microsoft does not support them with cooperation with 2012 Domain Controllers. It’s time to forget about these old DCs.

Windows Server 2012 DC Forest Functional Level requirements

We can check this in domain, where we want to install first 2012 DC. To verify that, we need to use “Active Directory Users and Computers” or “Active Directory Domains and Trusts” console.

Using “Active Directory Users and Computers” console, select your domain and click right mouse button (RMB) on it. Choose “Raise Domain Functional Level” and check that.

If you see screen like this (Windows 2003 mode), it means that you do not need to raise your Domain Functional Level. In other case you have to remove all Windows 2000 Domain Controllers or if you have no any, raise DFL to Windows 2003 mode or higher

But remember, raising Domain Functional Level is one time action and cannot be reverted. Before you raise it to 2003 mode, please ensure that all of your Domain Controllers are running at least on Windows Server 2003. In this case all of them are running at least 2003 DCs as DFL is set up to 2003 mode, which would not be possible when any of 2000 DCs are still available.

Windows 2003 mode do not support DCs based on earlier Microsoft Windows systems like NT4 and Windows 2000

Another way for that is using Active Directory Domains and Trusts console. Run this console, select domain for which you want to check Domain Functional Level and choose “Raise Domain Functional Level”

Follow the same steps as in previous console.

More about Raising Domain Functional Level you can find in another article on my blog.

In this place, you can also raise your Forest Functional Level if all of your Domain Controllers in entire forest are running on Windows Server 2003. If not, please skip below steps and go to Single Master Operation Roles section.

To raise Forest Functional Level, select “Active Directory Domains and Trusts” node, click on it RMB and choose “Raise Forest Functional Level”. On the list accept “Windows Server 2003” mode by clicking on “Raise” button.

In this case FFL is set up on Windows Server 2003 mode and there is no need to raise it.

For more information about Raising Forest Functional Level please check another article on my blog.

You can also try to determine DFL and FFL levels following artilce on my blog titled: Determine DFL and FFL using PowerShell

Now, it’s time to determine which Domain Controller(s) hold(s) Single Master Operation Roles. The most important for preparing environment for 2012 DC are

  • Schema Master
  • Infrastructure Master

We need to be sure that connection to this/these DC(s) are available during set up process. In previous versions we need to prepare environment using adprep command to extend schema and configure Infrastructure Master. From Windows Server 2012 we don’t have to run adprep first. Of course, if you wish, you can still do that but it is not mandatory step. From, now, Windows Server 2012 will do that for you if it will detect that adprep was not used before for Schema and Infrastructure preparation. That’s the newest feature in Windows Server 2012 which simplifies promotion process as much as it can. You need to only check if connection to DC(s) with mentioned operators master roles is available (it is based on similar solution applied in Exchange 2010 where you do not have to use to extend Schema yourself).

To verify necessary Operation Masters, we can use netdom command installed from Support Tools on Windows Server 2003 (in 2008/2008R2 it is available by default). Open command-line and go to default installation directory:

C:Program FilesSupport Tools and type:

netdom query fsmo

and identify DC(s) from an output

We collected almost all necessary information to start AD preparation for the first Windows Server 2008 R2 Domain Controller. The last and the most important part before we start preparation, is checking Forest/Domain condition by running:

  • Dcdiag (from Support Tools)
  • Repadmin (also from Support Tools)

Run in command-line on a DC where you have installed Support Tools

dcdiag /e /c /v

and check if there are no errors. If so, please correct them (in case that your forest/domain has a lot of Domain Controllers, please skip /e switch)

now run in command-line:

repadmin /showrepl /all /verbose

to check if your DCs are replicating data without errors.

For more about Active Directory Troubleshooting Tools check one of my articles on this blog

After those checks, you can start with Active Directory preparation.

Adding first Windows 2012 Domain Controller

Before we start preparing AD for new Windows Server 2012 DC, we need to be sure that we are members of:

  • Enterprise Admins group

when we are sure for that, we can start installation.

Install your new box with Windows Server 2012 and configure its IP address correspondingly to your network settings and change default server name to yours.

Remember that it’s very important to properly configure Network Card settings to be able to promote your new box as domain controller!

The most important part of configuring NIC is setting up DNS server(s). Point your new box to one of the existing Domain Controllers where you have installed and configured DNS.

After you verified IP settings, you can start server promotion to Domain Controller. However, you cannot use old good known dcpromo command as it is not valid anymore :)

Microsoft removed it and now everything is done over new Server Manager console. You need to install Active Directory: Directory Servicesrole and after that in post-installation steps, you can promote it to Domain Controller. Let’s start

Open Server Manager console (if it was not already opened) and click on “Add roles and features” on Dashboard screen

Using default settings in a wizard go up to “Server roles” step (in this article those steps are not described. You may expect their description in another article) and select Active Directory Directory Services role. Accept also default features which are required during installation

Verify if check box is in proper place and go to the next step

On “Features” screen also go to the next step as we do not need more at this step to be installed. All required features will be installed as you accepted them a little bit earlier

Read information about role you are installing and go to confirmation screen to install it

Wait some time until selected role is being installed before you will be able to promote server to Domain Controller

Now, when role is installed, you can see in notification area an exclamation mark. It tells you that post-installation steps might be required

Click on it to see what can be done. You will see that now, you can promote your server to Domain Controller and information that features were installed successfully

OK, let’s start server promotion to Domain Controller! Click on “Promote this server to a domain controller” and you will see a wizard.

As we are adding Domain Controller into existing domain, we need to select proper option. It is selected by default, however, please ensure if you can see that “Add a domain controller to an existing domain” is selected

When you verified that, place in field with red star DNS domain name to which you are promoting DC. Provide Enterprise Administrator credentials and go to the next step

Define if server should be DNS server and Global Catalog. I would strongly recommend installing both roles on each Domain Controller in your environment. Select a Site to which this DC should belongs to and define Directory Services Restoration Mode (DSRM) password for this DC

Do not worry about DNS delegation as this server is not DNS already. Go to the next step

In”Additional options” you can define if you want to install this Domain Controller from Install From Media (IFM) (if you have it) and point from which DC replication should be done. When you do not specify, server will choose the best location for AD database replication. If you have no special requirements for that, just leave “Any domain controller”

Specify location for AD database and SYSVOL (if you need different that suggested) and go to the next step

Now, wizard informs you that Schema and Domain preparation need to be done. As you did not run adprep before, it will be executed in a background for you

You will see a summary screen where you can check all selected options for server promotion. As in Windows Server 2012 everything done over Server Manager is translated into PowerShell code and it is executed in a background, you can check code by clicking on “View script” button. You will see what exactly will be run. This is transparent process and you cannot see PowerShell window in front of you

PowerShell code for adding Domain Controller

 # Windows PowerShell script for AD DS Deployment
Import-Module ADDSDeployment
 Install-ADDSDomainController `
 -NoGlobalCatalog:$false `
 -CreateDnsDelegation:$false `
 -Credential (Get-Credential) `
 -CriticalReplicationOnly:$false `
 -DatabasePath "C:WindowsNTDS" `
 -DomainName "testenv.local" `
 -InstallDns:$true `
 -LogPath "C:WindowsNTDS" `
 -NoRebootOnCompletion:$false `
 -SiteName "Default-First-Site-Name" `
 -SysvolPath "C:WindowsNTDS" `

If all prerequisites will pass and you are sure that all setting you have set up properly, you can start installation

You can observe that Forest and Domain are being prepared by adprep running in backgroun. Wait until wizard will do its job and after server restart you will have new Windows Server 2012 Domain Controller.

Give DC some time to replicate Directory Services data and you can enjoy with new DC.

Post-Installation steps

Now, you need to do small changes within your environment configuration.

On each server/workstation NIC properties configure alternative DNS server IP address pointing to the new Domain Controller.

Open DHCP management console and under server/scope options (it depends on your DHCP configuration) modify option no. 006

Add there IP address of your new Domain Controller as DNS server.

That’s all!

Congratulations! You have promoted your first Windows Server 2012 in existing domain

Install and Configure NLB (WLBS) on Windows Server 2008

In this article I will load balance 2 servers and take you through the process step-by-step. Load Balancing takes 2 or more servers and lets them share one IP address so both servers can serve client requests. At the end of this article you should be able to configure NLB.

Gathering Information

Log onto both of the servers and run IPCONFIG /ALL from the command prompt. We need the name, domain and IP address of each server that will be in the NLB Cluster. We will also need to make up an additional name for the cluster in this example we will use SERVER-LB for the virtual cluster name.

The 2 servers we will be Load Balancing are PL2008-01 and PL2008-02. The virtual cluster name will be PL2008-V. So if this was a web server users would go to http://PL2008-V, depending how we configure NLB either PL2008-01, PL2008-02 or both servers will service the web request.

SERVER NAME IP ADDRESS TYPE Server 1 Server 2 Virtual cluster name and IP address of Servers 1/2

In this example both servers only have one network card. If you have multiple network cards you will still be able to load balance the 2 servers. You need to configure one NIC per server for NLB, both NIC’s should be on the same VLAN and be they should able to contact each other.



Installation of NLB feature on all NLB nodes

This should be done on ALL NODES in the NLB Cluster. In this case we are performing this installation on PL2008-01 and PL2008-02.

Open Server Manager, you can open this several different ways in Windows Server 2008. Probably the quickest way to open Server Manager is to right click “My Computer” and choose “Manage”, another way is open “Control Panel” go to “Program and Features” and select “Turn Windows features on or off”. A third way to open it is “Server Manager” option under Administrative Tools.

  • Select “Features” from the Server Manager menu on the left
  • Press “Add Features”

  • Select the checkbox next to “Network Load Balancing”
  • Press “Next”

  • Press “Install”

Installation will proceed to install the necessary components

Installation has successes. It is highly recommended that you repeat this process on all nodes in the NLB cluster at this point before continuing with configuration

  • Press “Close”

NOTE: Network Load Balancing may also be installed from a command prompt with elevated privileges (right click on the command prompt in the Start menu and select Run as administrator) by running the servermanagercmd -install nlb command.

For example:

C:\Windows\system32>servermanagercmd -install nlb
Start Installation...
[Installation] Succeeded: [Network Load Balancing].
Success: Installation succeeded.

Configuring NLB on NODE 1 (PL2008-01)

Network Load Balanced clusters are built using the Network Load Balancing Manager which you can start from Start -> All Programs -> Administrative Tools menu or from a command prompt by executing nlbmgr.

  • Under the Cluster Menu option select “New”

  • Enter the first node in the cluster which is PL2008-01
  • Press “Connect”

You will have the option to choose which network adapter you want to use, the NIC should be on the same subnet as the other servers in the NLB cluster

  • Press “Next”

  • Enter the Priority ID as, 1 (each node in the NLB cluster should have a UNIQUE ID)
  • Make sure the correct adapter was selected under “Dedicated IP Address”
  • Select “Started” for the “Initial host state” (this tells NLB whether you want this node to participate in the cluster at startup)
  • Press “Next”

  • Press “Add”
  • Enter the Cluster IP and Subnet mask
  • Press “OK”

You can add multiple IP Addresses for the cluster, enter as many as you want.

  • Make sure the “Cluster IP addresses” are correct
  • Press “Next”

  • Select the IP Address for this cluster
  • Enter the NLB address “”
  • Enter “Unicast” as the “Cluster operation mode”
  • Press “Next”

Unicast vs Multicast

Unicast/Multicast is the way the MAC address for the Virtual IP is presented to the routers. In my experience I have almost always used Multicast, which if you use you should enter a persistent ARP entry on all upstream switches or you will not be able to ping the servers remotely.

In the unicast method:

  • The cluster adapters for all cluster hosts are assigned the same unicast MAC address.
  • The outgoing MAC address for each packet is modified, based on the cluster host’s priority setting, to prevent upstream switches from discovering that all cluster hosts have the same MAC address.

In the multicast method:

  • The cluster adapter for each cluster host retains the original hardware unicast MAC address (as specified by the hardware manufacture of the network adapter).
  • The cluster adapters for all cluster hosts are assigned a multicast MAC address.
  • The multicast MAC is derived from the cluster’s IP address.
  • Communication between cluster hosts is not affected, because each cluster host retains a unique MAC address.

Selecting the Unicast or Multicast Method of Distributing Incoming Requests


I am leaving all the default for the port rules; by default its set to all ports with Single affinity, which is sticky. For more information on Port Rules, see my Note below.

  • Press “Finish”

NOTE: Add/Edit Port Rule Settings

For most scenarios I would keep the default settings. The most important setting is probably the filtering mode. “Single” works well for most web application, it maintains a users session on one server so if the user server requests go to PL2008-01, PL2008-02 will continue to serve that request for the duration of the session.


  • You want to ensure even load balancing among cluster hosts
  • Client traffic is stateless (for example, HTTP traffic).


  • You want to ensure that requests from a specific client (IP address) are sent to the same cluster host.
  • Client state is maintained across TCP connections (for example, HTTPS traffic).

Class C

  • Client requests from a Class C IP address range (instead of a single IP address) are sent to the same cluster host.
  • Clients use multiple proxy servers to access the cluster, and they appear to have multiple IP addresses within the same Class C IP address range.
  • Client state is maintained across TCP connections (for example, HTTPS traffic).

For more information on this please see this TechNet article:

Specifying the Affinity and Load-Balancing Behavior of the Custom Port Rule

You should see a couple of things in the NLB Manager, this will let us know that this node successfully converged on our new NLB Cluster

  • Make sure the node’s status changes to “Converged”
  • Make sure you see a “succeeded” message in the log window

Configuring NLB for NODE 2 (PL2008-02)

We will configure PL2008-02 from PL2008-01. If we wanted to configure this from PL2008-02 then we would need to connect to the PL2008-V cluster first then add the host to the cluster.

  • Right click the cluster name “” and select “Add Host to Cluster”

  • Enter PL2008-02 and press “Connect”

A list of Network adapters will show up

  • Select the network adapter you want to use for Load Balancing
  • Press “Next”

This step is very important; each node in the NLB cluster should have a unique identifier. This identifier is used to identify the node in the cluster.

  • Enter the Priority ID as, 2 (each node in the NLB cluster should have a UNIQUE ID)
  • Make sure the correct adapter was selected under “Dedicated IP Address”
  • Select “Started” for the “Initial host state” (this tells NLB whether you want this node to participate in the cluster at startup)
  • Press “Next”

  • Press “Finish”

You should see a couple of things in the NLB Manager, this will let us know that both nodes successfully converged on our new NLB Cluster

  • Make sure that both node’s status changes to “Converged”
  • Make sure each node has a unique “host priority” ID
  • Make sure each node is “started” under “initial host state”
  • Make sure you see a “succeeded” message in the log window for the second node

A closer look at the configuration information for this NLB cluster


  • Go to the command prompt and type “wlbs query”, as you can see HOST 1 and HOST 2 converged successfully on the cluster. This means things are working well.
  • Ping each server locally and remotely
  • Ping the virtual IP locally and remotely – you should do this three times from each location. If you cannot ping remotely you may need to add a static ARP entry in your switches and/or routers where the host machines reside
    • 1 – Both nodes up
    • 2 – Node 1 down
    • 3 – Node 2 down

NLB Documentation (from Windows Help)

Availability, scalability, and clustering technologies

Windows Server 2008 provides two clustering technologies: failover clusters and Network Load Balancing (NLB). Failover clusters primarily provide high availability; Network Load Balancing provides scalability and at the same time helps increase availability of Web-based services.

Your choice of cluster technologies (failover clusters or Network Load Balancing) depends primarily on whether the applications you run have long-running in-memory state:

Failover clusters are designed for applications that have long-running in-memory state, or that have large, frequently updated data states. These are called stateful applications, and they include database applications and messaging applications. Typical uses for failover clusters include file servers, print servers, database servers, and messaging servers.

Network Load Balancing is intended for applications that do not have long-running in-memory state. These are called stateless applications. A stateless application treats each client request as an independent operation, and therefore it can load-balance each request independently. Stateless applications often have read-only data or data that changes infrequently. Front-end Web servers, virtual private networks (VPNs), File Transfer Protocol (FTP) servers, and firewall and proxy servers typically use Network Load Balancing. Network Load Balancing clusters can also support other TCP- or UDP-based services and applications.

Network Load Balancing overview

The Network Load Balancing (NLB) service enhances the availability and scalability of Internet server applications such as those used on Web, FTP, firewall, proxy, virtual private network (VPN), and other mission-critical servers.

What are NLB clusters?

A single computer running Windows can provide a limited level of server reliability and scalable performance. However, by combining the resources of two or more computers running one of the products in Windows Server 2008 into a single virtual cluster, NLB can deliver the reliability and performance that Web servers and other mission-critical servers need.

Each host runs a separate copy of the desired server applications (such as applications for Web, FTP, and Telnet servers). NLB distributes incoming client requests across the hosts in the cluster. The load weight to be handled by each host can be configured as necessary. You can also add hosts dynamically to the cluster to handle increased load. In addition, NLB can direct all traffic to a designated single host, which is called the default host.

NLB allows all of the computers in the cluster to be addressed by the same set of cluster IP addresses, and it maintains a set of unique, dedicated IP addresses for each host. For load-balanced applications, when a host fails or goes offline, the load is automatically redistributed among the computers that are still operating. When a computer fails or goes offline unexpectedly, active connections to the failed or offline server are lost. However, if you bring a host down intentionally, you can use the drainstop command to service all active connections prior to bringing the computer offline. In any case, when it is ready, the offline computer can transparently rejoin the cluster and regain its share of the workload, which allows the other computers in the cluster to handle less traffic.

Hardware and software considerations for NLB clusters

  • NLB is installed as a standard Windows networking driver component.
  • NLB requires no hardware changes to enable and run.
  • NLB Manager enables you to create new NLB clusters and to configure and manage clusters and all of the cluster’s hosts from a single remote or local computer.
  • NLB lets clients access the cluster by using a single, logical Internet name and virtual IP address—known as the cluster IP address (it retains individual names for each computer). NLB allows multiple virtual IP addresses for multihomed servers.


In the case of virtual clusters, the servers do not need to be multihomed to have multiple virtual IP addresses.

NLB can be bound to multiple network adapters, which allows you to configure multiple independent clusters on each host. Support for multiple network adapters is different from virtual clusters in that virtual clusters allow you to configure multiple clusters on a single network adapter.

Installing the NLB feature

To use Network Load Balancing (NLB), a computer must have only TCP/IP on the adapter on which NLB is installed. Do not add any other protocols (for example, IPX) to this adapter. NLB can load balance any application or service that uses TCP/IP as its network protocol and is associated with a specific Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) port.

To install and configure NLB, you must use an account that is listed in the Administrators group on each host. If you are not using an account in the Administrators group as you install and configure each host, you will be prompted to provide the logon credentials for such an account. To set up an account that NLB Manager will use by default: in NLB Manager, expand the Options menu, and then click Credentials. We recommend that this account not be used for any other purpose.

You can use Initial Configuration Tasks or Server Manager to install NLB. To install NLB, in the list of tasks, click Add features and in the list of features in the wizard, click Network Load Balancing.

Managing NLB

Server roles and features are managed by using Microsoft Management Console (MMC) snap-ins. To open the Network Load Balancing Manager snap-in, click Start, click Administrative Tools, and then click Network Load Balancing Manager. You can also open Network Load Balancing Manager by typing Nlbmgr at a command prompt.

Additional references for NLB

To learn more about NLB, you can view the Help on your server. To do this, open Network Load Balancing Manager as described in the previous section and press F1.

For deployment information for NLB, see

For instructions on how to configure NLB with Terminal Services, see

For operations information for NLB, see

For troubleshooting information for NLB, see

101 Admin Tools – Windows

We know administrators love tools that make life easier – especially when they’re free! So here are 101 of them!

Any free tools you know of that are missing from this list? Leave me the comment!

System and network analysis

1. NTFS Permissions Explorer

Using this MMC snap-in you can quickly visualize the user and group permissions of a local or remote folder or drive in a hierarchical format to help identify problems.

2. Xirrus Wi-Fi Inspector

Wi-Fi Inspector is a powerful Wi-Fi management and troubleshooting tool that allows you to locate and verify Wi-Fi devices, detect rogue Access Points, troubleshoot connections, and search for Wi-Fi networks.

3. Whois

Whois performs a lookup of the registration information of a given IP address or domain name.

4. ShareEnum

ShareEnum allows you to scan and view the security settings of file shares on your network.

5. PipeList

PipeList displays a list of named pipes on your system, including the number of active instances and the instance threshold.

6. TcpView

TCPView allows you to view detailed TCP and UDP connection information in a user friendly format.

7. The Dude

The Dude from MicroTik can automatically scan all devices within a given subnet and then draw and layout a map of your network.

8. Microsoft Baseline Security Analyzer

The MBSA is a tool that can be used to detect missing security updates and typical security misconfigurations.

9. WireShark

WireShark is an interactive network protocol analyser and capture utility. It provides for in-depth inspection of hundreds of protocols and runs on multiple platforms.

10. Look@LAN

Look@LAN allows you to quickly scan your network looking for active nodes. It provides monitoring, reporting, logging and OS detection features.

11. RogueScanner

RogueScanner will scan your network looking for rogue devices and access points, classifying them in a way that allows you to quickly see what’s on your network.

12. Capsa Free Network Analyzer

Using this tool you can monitor, troubleshoot and diagnose issues on your network. It has a Microsoft Office-like user interface.

13. SuperScan

SuperScan is a fast connection-based TCP port scanner, pinger and hostname resolution tool.

14. Blast

Blast is a lightweight TCP service stress test tool that can help pinpoint weaknesses in your network.

15. UDPFlood

UDPFlood is a lightweight UDP service stress test tool that sends out packets to a specified IP or port.

16. IPplan

This tool allows you to quickly and easily track and manage your network IP addresses.

17. NetStumbler

NetStumbler is an application that allows you to detect the presence of a wireless network using 802.11a/b/g. It is useful for detecting rogue access points, finding locations with poor signal, verifying network configurations and determining the cause of wireless interference.

18. PingPlotter

PingPlotter is a lightweight tracert application that generates graphs to help you visualize the route of the packets from source to destination.

19. SolarWinds Free Permissions Analyzer for AD

Using this tool you can quickly visualize the user and group permissions of a folder or shared drive in a hierarchical format. It can track share level permissions, provide a breakdown of share level and file level permissions and help identify why certain users have the permissions they do.

20. Angry IP Scanner

Angry IP Scanner is a fast standalone IP address and port scanner.

21. FreePortMonitor

FreePortMonitor is a tool for monitoring servers and applications on your network.

22. WirelessNetView

WirelessNetView monitors the activity of wireless networks in the area and displays information related to them, such as SSID, Signal Quality, MAC Address, Channel Frequency, etc.

23. BluetoothView

BluetoothView monitors the activity of Bluetooth devices in the area and displays information related to them, such as Device Name, Bluetooth Address, Device Type, etc.

24. Vision

Vision allows you to view all open TCP and UDP ports and then maps them back to the owning process or application.

25. Attacker

Attacker is a TCP/UDP port listener that allows you to define a list of ports that you want it to listen on and it will notify you when a connection is established on that port.

26. Total Network Monitor

Total Network Monitor is a comprehensive network monitoring application that allows you to view the state of your network. It is customizable and has advanced alerting features, letting you know when something is wrong.

27. IIS Logfile Analyser

This tool allows you to analyse your IIS logfiles to determine website statistics such as number of visitors, number of downloads, etc.

28. ntop

ntop uses a web-based interface that allows you to monitor network traffic and statistics.


System testing and troubleshooting

29. Pinkie

Pinkie is a collection of network troubleshooting utilities that allows pinging multiple hosts, forward and reverse DNS lookup, a ping sweeper, and a subnet calculator.

30. VMWare Player

VMWare Player is a multi-platform virtualization solution that can be used to create and run multiple 32-bit or 64-bit virtual machines. Ideal for testing or development environments.

31. Oracle VirtualBox

VirtualBox is a free, multi-platform general-purpose virtualization solution that can be used to create and run multiple virtual machines. Ideal for testing or development environments.

32. ADInsight

ADInsight is a real-time monitoring tool used for troubleshooting LDAP (Lightweight Directory Access Protocol) clients.

33. Process Monitor

Process Monitor allows you to monitor activity related to processes, threads, DLLs, the registry and file system in real-time. Useful for troubleshooting application and system related issues.

34. SpiceWorks Network Troubleshooting

SpiceWorks Network Troubleshooting is an all-in-one tool that allows you to perform routine troubleshooting tasks such as killing processes remotely, access devices remotely, ping, tracert and nslookup, and even compare the status of two devices.

35. RAMMap

RAMMap allows you to analyse physical memory allocation in your system. You are able to determine how much file data is cached in RAM, how much RAM is used by the kernel and device drivers, etc.

36. Autoruns

Autoruns allows you to view which programs are configured to run at system boot up or login.

37. LogFusion

Using LogFusion you can view and monitor log files in real-time.

38. Microsoft Log Parser

Using Microsoft Log Parser you can generate a custom-formatted output file containing the results of multiple log file sources such as XML, CSV, Event Logs, or the Registry.

39. AppCrashView

AppCrashView allows you to view Windows Error Reporting (*.WER) files in a simple user interface and then save the results into TXT/CSV/HTML/XML file format.

40. RootKitRevealer

RootKitRevealer allows you to detect the presence of rootkits that operate by attempting to hide their files or registry entries.


System and network management

41. Bitcricket IP Subnet Calculator

This tool allows you to calculate subnets and CIDR routes automatically using its intuitive interface and auto-discovery feature.

42. EMCO Remote Installer Starter

The free version of EMCO Remote Installer (Starter edition) allows you to perform a software inventory of applications installed on your network. You can retrieve and track changes as well as save reports.

43. ManagePC

ManagePC allows you to create an inventory of all your machines in the domain, including hardware, software, devices, patches, group policies, etc.

44. Pandora FMS

Pandora FMS is a network monitoring solution that allows you to monitor multiple platforms, from Linux machines, to Solaris machine, to Windows machines. It provides alerts and reporting for CPU, disk and memory usage, temperature, or even application values.

45. SNARE Audit and EventLog Management

SNARE (System iNtrusion Analysis and Reporting Environment) allows you to install agents onto your server machines to facilitate the centralized collection of logs, including Windows, Solaris, AIX, ISA Server, IIS Server, SMTP, Exchange, Apache, etc.

46. OCS Inventory

OCS Inventory is an automated inventory and deployment application. It allows you to determine what devices or software are installed on your network and deploy software or configuration scripts using a simple web-based interface.

47. Zenoss Core – Enterprise IT Monitoring

Using the Zenoss Core application, you can monitor systems availability, performance, events and configuration across the network.

48. Unipress Free Help Desk

Unipress Free Help Desk is a simple yet powerful Help Desk solution that allows you to create, assign and receive issue tickets. It contains a web portal and knowledgebase for self-help.

49. SysAidIT Free Help Desk

Using this tool, you can easily manage and service requests and create an inventory of installed software and network devices on your network.

50. Cyberx Password Generator Pro

Cyberx Password Generator Pro allows you to create random highly secure passwords.

51. KeePass Password Safe

KeePass is a lightweight, user-friendly password manager. It allows you to store all your passwords in a central location that is encrypted using military grade encryption.

52. TweakUAC

Using TweakUAC you can quickly enable, disable UAC or set it to quiet mode.

53. Microsoft Application Compatibility Toolkit

The Microsoft Application Compatibility Toolkit allows you to evaluate and mitigate application compatibility issues during the pre-deployment phase of a Windows 7, Windows Vista, or new Internet Explorer version installation.

54. ExtraSpy Employee Monitor

ExtraSpy Employee Monitor allows you to monitor employee activities across your network to help detect misuse of company property or unproductive individuals.

55. NetWrix USB Blocker Freeware

Using this tool you can centrally manage access control of removable media on your network.

56. FileZilla

FileZilla is a cross-platform FTP, FTPS and SFTP client.

57. Wake On Lan 2 .NET

The Wake On Lan 2 .NET tool allows you to manually or automatically power on, restart or shutdown machines or devices over your local network.

58. Speccy

Speccy is a system information tool that allows you to quickly see comprehensive details related to your machine.

59. Active Directory Explorer (ADExplorer)

ADExplorer is an advanced Active Directory viewer and editor tool. It allows you to navigate through an Active Directory database and view and edit object properties and attributes.

60. ADRestore

ADRestore allows you to restore deleted Windows Server 2003 Active Directory server objects.


File and disk management

61. Disk2vhd

Disk2vhd allows you to create a Virtual Hard Disk (VHD) of a live machine, which can then be loaded using Microsoft Virtual PC or Microsoft Hyper-V.

62. Defraggler

Using Defragler you can defrag individual files on an NTFS or FAT32 file system.

63. PageDefrag

PageDefrag allows you to view the defragmentation status of the system Page File and Registry Hives and defragments them. It also allows you to defragment events logs and Windows 2000/XP hibernation files.

64. PsPad

PsPad is a powerful text editor that can be used as a substitute for Notepad and is useful for creating scripts, programming, file comparison, etc.

65. MD5Summer

Using MD5Summer, you can quickly generate MD5 hashes for files within a folder, allowing you to ensure or verify file integrity.

66. Universal Viewer

Universal Viewer is a multi-format file viewer that allows you to view different file types from a single interface. Supported file formats include Text, Image, MS Office, Audio, Video, amongst others.

67. FreeCommander

FreeCommander is a comprehensive file manager that aims to be an alternative to Windows Explorer.

68. Recuva

Using Recuva you can recover files you accidentally deleted from your machine.

69. Steganos LockNote

Steganos LockNote allows you to securely store confidential notes such as license keys, passwords, phone numbers, etc. It uses AES-256 encryption to store your text in a self-executable container that requires a password to open it.

70. Microsoft SyncToy

SyncToy is an application that can be used as a backup utility to synchronized files and folders between two locations.

71. 7-Zip

7-Zip is a powerful file archiving utility with a high compression ratio that supports a multitude of compression formats, including 7z, GZIP, TAR, ZIP, CAB, MSI, etc.

72. PeaZip

PeaZip is a cross-platform file and archive manager that supports volume spanning, high levels of compression and encryption and support for a wide range of archiving formats.

73. Bacula

Bacula is a suite of applications that allow for the backup, recovery and verification of data across a network.

74. Areca Backup

Areca Backup is a file-based backup application that supports incremental, image and delta backups to a local drive or an FTP server.

75. DirSync Pro

Directory Synchronize Pro is a powerful synchronization utility used to synchronize the contents of a directory to a given location. It provides scheduling, filtering, and logging functionality.

76. Amanda Network Backup

Amanda is a powerful multi-platform backup and archiving application that supports tape, disk, and optical media. Using a single master backup server, you can set Amanda to backup multiple clients across your network.

77. WebSynchronizer

WebSyncrhonizer allows you to manually or automatically backup, replicate and synchronize files to an FTP server or across your network.

78. KGB Archiver

KGB Archiver is a file archiving tool with a high level of compression that uses AES-256 for its encryption feature.

79. Iometer

Iometer is a disk I/O performance analysis tool that allows you to perform stress tests and displays the read and write speed of a specified drive.

80. Notepad++

Notepad++ is a powerful text editor that can be used as a substitute for Notepad and is useful for creating scripts, programming, file comparison, etc.

Performance and availability monitoring

81. ManageEngine Free HyperV Performance Monitor

HyperV Performance Monitor allows you to monitor CPU, Memory, Disk and Network utilization of your Microsoft Hyper-V virtual servers. It displays the results in a dashboard.

82. Nagios

Nagios is a powerful network monitoring tool that allows you to ensure that your critical systems, applications and services are always up and running. It provides features such as alerting, event handling, and reporting.

83. ManageEngine Free Exchange Health Monitor

Exchange Health Monitor allows you to monitor CPU and memory resource utilization, mail queue status, POP/IMAP performance counters, mailbox users, etc of your Microsoft Exchange 2003/2007/2010 servers. It displays the results in a dashboard.

84. Kratos Exchange Monitor

Kratos Exchange Monitor will continuously monitor your Microsoft Exchange Servers and provide a real-time view of its health, including mail queues, CPU and memory utilization, hard drive space, etc.

85. ManageEngine Free Windows Health Monitor

Windows Health Monitor allows you to monitor CPU and memory resource utilization, disk usage and I/O, running applications, etc of your Windows Client and Server machines. It displays the results in a dashboard.

86. ManageEngine Free Ping Tool

Free Ping Tool monitors the availability of servers, routers, switches, mail servers and web servers using the power of ICMP ping. It displays the results in a dashboard.

87. ManageEngine Free SQL Health Monitor Tool

The SQL Health Monitor Tool will monitor the performance and availability of your Microsoft SQL Server 2005 and 2008 servers. It can monitor CPU, memory and disk usage, as well as SQL specific parameters such as page reads/writes and buffer cache. It displays the results in a dashboard.

88. ManageEngine Free VM Configuration Tool

Using the VM Configuration Tool you can configure VMWare ESX virtual servers options like increasing or decreasing RAM and allocating more CPUs. It also monitors the performance of the virtual machines, reporting on CPU, memory, disk and network utilization.

89. Kratos Network Device Monitor

This tool allows you to monitor any SNMP devices on your network, ensuring their availability and performance.

90. IxChariot QCheck

QCheck is a small yet powerful network performance management tool that allows you to quickly check network response times, TCP/UDP throughput, streaming traffic, and troubleshoot wireless network performance problems.

91. EasyNetMonitor

A small, lightweight tool for monitoring local and remote hosts to determine if they are alive or not.

Remote management

92. Remote Desktop Manager

Remote Desktop Manager is a tool that allows you to centrally manage your remote connections. It support RDP, VNC, TeamViewer, FTP, SSH, Telnet, etc.

93. TightVNC

TightVNC is a cross-platform lightweight application used for remotely administering clients and server machines.

94. Microsoft RDCMan

RDCMan allows you to manage multiple remote desktop sessions from a single interface.

95. Terminals

Terminals is a secure multi-tab remote connection management client. It supports both terminal services and remote desktop client and allows you to better manage multiple connections from a single interface.

96. PsFile

PsFile displays a list of files on a system that are opened remotely and allows you to close them.

All-in-one toolkits

97. Net Tools 5.0

Net Tools is a comprehensive set of monitoring, network scanning, security and administration tools packed into an intuitive and user friendly UI. It includes 175 utilities including an Advanced Port Scanner, TCP Packet Sniffer, Bandwidth Monitor, Hash MD5 Checker, Fast FTP Client, and Standard Encrypter.

98. ManageEngine Free Windows Tools 2

The ‘Free Windows Tools 2’ kit contains a set of free Windows tools for Network Administrators, including the Remote Task Manager Tool, Wake on LAN, Software Inventory Tool, Remote Command Prompt Tool, GPO Update, Shutdown/Restart Tool, Join/Unjoin Computer Tool, Currently Logged On User, Hard Disk Space Detector Tool, Local Users/Groups List Tool, Network Share Browser Tool, and Laptop Battery Power Monitor Tool.

99. Axence NetTools Pro

NetTools Pro is a set of tools that network administrators can use for monitoring, network scanning, security and administration.

100. Free IP Tools

Free IP Tools is a collection of common tools used to troubleshoot network applications and services in a single interface. It includes tools such as PortScan, TraceRoute, Shares, SNMPAudit, etc.

101. PsTools

PsTools is a suite of tools that help you to administer your systems. The tools including in the package allow you to display, execute and kill processes remotely, retrieve system and logon information, and control account passwords and services.


Restore my Active Desktop Windows XP

Open up your registry: Start -> Run

*Warning: Be careful what you are doing when in the registry. It’s very easy to make your computer non-usable if you edit the wrong entry.

Type regedit

Expand the following:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\SafeMode\Components\

Double-click on DeskHtmlVersion, select the Decimal radio-button, and change the value from 272 to 0.

Then press OK.

Close out of Registry Editor, click in a blank area of your desktop, and press F5 to refresh the screen.

You should be back at your normal background/wallpaper.


Resolving “The User Profile Service failed the logon. User profile cannot be loaded.”

Appears while attempting to logon in Windows Vista, 2008, 2008 R2 and 7.

Exact cause is unknown, but this issue may occur if the user profile was manually deleted by using the command prompt or Windows Explorer by a user or by some program. A profile that is manually deleted does not remove the security identifier (SID) from the user profile list in the registry. Since the SID is still present, Windows will still try to load the profile by using the ProfileImagePath that points to a nonexistent path. Therefore, the profile cannot be loaded.

This can also be a issue with the user profile entering into a backup state, or if the C:\Users\(User Name) user profile folder is manually renamed.


Log on to the Computer

Log on to the computer using the Administrator (or an Administrator-level) account.

If the computer is not joined to a domain, reboot it and start your computer in safe mode, then log on using the Administrator (or an Administrator-level) account.


Trawl through the Registry

Open the Start menu. In the Start Search area, type regedit and press Enter (if prompted by UAC, click Continue/Yes). In regedit, go to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Expand the ProfileList key and look for the SID key (named “S-1-5″…) with a long number that ends in “.bak”. Click it, and look at the ProfileImagePath value in the right pane to verify that this is the user account profile that has the error.

a) If you have two SID keys with the same number (with one ending in “.bak” and one showing the affected user account in the ProfileImagePath value), continue to Step 3;
b) If you have just one SID key with the ProfileImagePath value showing the affected user account, proceed to Step 4.


Two SID keys with the same number

a) Of the two SID keys that corresponds to the affected user account, right-click the SID key that does NOT end in “.bak” and click Rename.
b) Add .bk to the end of the numbers and press Enter.
c) Right-click the other SID key that DOES end in “.bak” and click Rename.
d) Remove only .bak from the end of the numbers (so that it has the same name as the other SID key did before you renamed it) and press Enter.
e) Now go back and Rename the first one with .bk to .bak now at the end of the numbers and press Enter.

Proceed to Step 5…


Only one SID key ending in “.bak”

a) Right-click the SID key that corresponds to the affected user account and click Rename.
b) Remove only .bak from the end of the numbers, and press Enter.
c) In the right pane, right-click the RefCount value (if none exists, right-click the right pane and click New and DWORD (32 bit) Value, then type RefCount and press Enter), and click Modify.
d) Type 0 into the Value Data textbox and click OK.
e) In the right pane, right-click the State value and click Modify.
f) Type 0 into the Value Data textbox and click OK.


Try logging on again!

Close regedit and restart the computer. You should be able to logon now…

How to Fix “Keyset does not exist” for Scheduled Tasks in Windows

The full error that I received when accessing the schedule tasks was:

General page initialization failed.
The specific error is:
0x80090016: Keyset does not exist
An error has occurred attempting to retrieve task account information.
You may continue editing the task object, but will be unable to change the task account information.

I haven’t seen this error before, it it prevented my schedule task from running. I went online to see what I could find and eventually found a solution that worked for me. I outline the steps to the solution below.

Steps to Correct the Keyset Does Not Exist Issue:

After performing some research, I found out that the local system private keys used by the “Cryptographic Services” service had become corrupted. I simply used the following steps to correct the issue:

I stopped the “Cryptographic Services” service.

  1. I then double-clicked “My Computer”, and then clicked “Folder Options” on the “Tools” menu.
  2. On the “View” tab, I clicked “Show hidden files and folders”, and then clicked “OK”.
  3. I deleted all of the files in the “C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\S-1-5-18″
  4. I then restarted the “Cryptographic Services” service.