Archive for July, 2011

Windows Server 2008 enables you to track print job success and failure on a logical printer.


You can audit access and usage to a logical printer as follows:


  1. Select the printer you wish to audit for printing and management. Right-click and select Properties; then select the Security tab.
  2.  On the Security tab, click the advanced button, which launches the Access Control Setting dialog box for the   logical printer. Click the Auditing tab.
  3.  On the Auditing tab, click Add and select the group or groups you want to access. Choose the Success or Failure audits you want to trap and click Apply.


That’s all there is to auditing printer usage. To check the audits, refer to the system log in Event Viewer.


Exchange Server 2003 comes with a set of four Internet protocol services. These let you extend the reach of Exchange users beyond Microsoft’s very good, but proprietary, electronic messaging protocol MAPI. The four services are Hypertext Transmission Protocol (HTTP), which supports Outlook Web Access (OWA); Post Office Protocol (POP3); Internet Message Access Protocol (IMAP4); and Network News Transfer Protocol (NNTP):


HTTP:  HTTP is the core protocol that supports web access. OWA uses the HTTP protocol to give users access to everything in their Exchange mailboxes, as well as items in public folders, using a web browser such as Microsoft Internet Explorer. On the server side, OWA is supported by Windows Server 2003s Internet Information Server.


POP3 Server:  Exchange Servers POP3 server gives users with standard POP3 e−mail clients, such as Eudora or Outlook Express, limited access to their Exchange mailboxes. Users can download mail from their Exchange Inboxes, but that’s all. Users have no direct access to other personal or public information stores or to their schedules. This is due to limitations in the POP3 protocol itself, not in Microsoft’s implementation of the protocol.


IMAP4 Server:  The Exchange IMAP4 server goes one better than POP3, adding access to folders in addition to the Exchange Inbox. With IMAP4, folders and their contents can remain on the Exchange server, be downloaded to the computer running your IMAP4 client, or both. You can keep Exchange Server based folders and their contents in sync with the folders on an IMAP4 client.


NNTP Server:  The NNTP server lets you bring all those exciting Usenet newsgroups into your Exchange servers public folders, where your users can read and respond to them with the same e− mail clients that they use to read other public folders.

1. To restore the system state on a domain controller, first start the computer in Directory Services Restore Mode. To do so, restart the computer and press the F8 key when you see the Boot menu.

2. Choose Directory Services Restore Mode.

3. Choose the Windows 2000 installation you are going to recover, and then press ENTER.

4. At the logon prompt, supply the Directory Services Restore mode credentials you supplied during the Dcpromo.exe process.

5. Click OK to acknowledge that you are using Safe mode.

6. Click Start, point to Programs, point to Accessories, point to System Tools, and then click Backup.

7. Click the Restore tab.

8. Click the appropriate backup media and the system state to restore.

NOTE: During the restore operation, the Winnt\Sysvol folder must also be selected to be restored to have a working sysvol after the recovery process. Be sure that the advanced option to restore “junction points and data” is also selected prior to the restore. This ensures that sysvol junction points are re-created.

9. In the Restore Files to box, click Original Location.

NOTE: When you choose to restore a file to an alternative location or to a single file, not all system state data is restored. These options are used mostly for boot files or registry keys.

10. Click Start Restore.

11. After the restore process is finished, restart the computer.

Intersite replication takes place between sites. Intersite replication can utilize either RPC over IP or SMTP to convey replication data. This type of replication has to be manually configured. Intersite replication occurs between two domain controllers that are called bridgeheads or bridgehead servers. The role of a bridgehead server (BS) is assigned to at least one domain controller in a site. A BS in one site deals with replicating changes with other BSs in different sites. You can configure multiple bridgehead servers in a site. It is only these BSs that replicate data with domain controllers in different domains by performing intersite replication with its BS partners. With intersite replication, packets are compressed to save bandwidth. This places additional CPU load on domain controllers assigned the BS role. BSs should therefore be machines that have enough speed and processors to perform replication. Intersite replication takes place over site links by a polling method which is every 180 minutes by default.

ADSIEdit is a Microsoft Management Console (MMC) snap-in that acts as a low-level editor for Active Directory. It is a Graphical User Interface (GUI) tool. Network administrators can use it for common administrative tasks such as adding, deleting, and moving objects with a directory service. The attributes for each object can be edited or deleted by using this tool. ADSIEdit uses the ADSI application programming interfaces (APIs) to access Active Directory. The following are the required files for using this tool:



Regarding system requirements, a connection to an Active Directory environment and Microsoft Management Console (MMC) is necessary.

The tombstone lifetime is determined by the value of the tombstone Lifetime attribute on the Directory Service object in the configuration directory partition.

Administrative Credentials

To complete this procedure, you must be a member of the Domain Users group.


To determine the tombstone lifetime for the forest

1.            On the Start menu, click Run, type adsiedit.msc, and then click OK.

2.            In the console tree, double-click Configuration [DomainControllerName], CN=Configuration,DC=[ForestRootDomain], CN=Services, and CN=Windows NT.

3.            Right-click CN=Directory Service, and then click Properties.

4.            In the Attribute column, click tombstoneLifetime.

5.            Note the value in the Value column. If the value is <not set>, the default value is in effect as follows:

•             On a domain controller in a forest that was created on a domain controller running Windows Server 2003 with Service Pack 1 (SP1), the default value is 180 days.

•             On a domain controller in a forest that was created on a domain controller running Windows 2000 Server or Windows Server 2003, the default value is 60 days.

The Active Directory support files are listed below. These are the files that you specify a location for when you promote a server to a domain controller:

  • Ntds.dit (NT Directory Services): Ntds.dit is the core Active Directory database. This file on a domain controller lists the naming contexts hosted by that particular domain controller.
  • Edb.log: The Edb.log file is a transaction log. When changes occur to Active Directory objects, the changes are initially saved to the transaction log before they are written to the Active Directory database.
  • Edbxxxxx.log: This is auxiliary transaction logs that can be used in cases where the primary Edb.log file fills up prior to it being written to the Ntds.dit Active Directory database.
  • Edb.chk: Edb.chk is a checkpoint file that is used by the transaction logging process.
  • Res log files: These are reserve log files whose space is used if insufficient space exists to create the Edbxxxxx.log file.
  • Temp.edb: Temp.edb contains information on the transactions that are being processed.

Schema.ini: The Schema.ini file is used to initialize the Ntds.dit Active Directory database when a domain controller is promoted.