Category Archives: Windows

ipsec service fails to start and no network

apparently a known issue.  had no network after some windows updates on a windows 2003 VM

in the eventvwr:

The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions.

The IPSEC Services service terminated with the following error:
The system cannot find the file specified.

  • check if there are any entries in HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local
  • if so, delete that subkey
  • then run regsvr32 polstore.dll
  • restart the ipsec service

dsa.msc : Windows can not find “dsa.msc” in Windows 2008

Old habits die hard.  Used to be able to launch dsa.msc from any (terminal) server you’re currently logged on to ?

You’ll need to install the W2K8 feature AD Snap ins and command line tools.

with powershell :

PS C:\Windows\system32> Import-Module ServerManager
PS C:\Windows\system32> Add-WindowsFeature RSAT-ADDS-Tools

howto force windows update client to check for updates now

  • stop automatic update service (wuaserv)
  • delete LastWaitTimeout / DetectionStartTime & NextDetectionTime reg keys
  • start automatic update service
  • run wuaclt /detectnow

script available at msmvps.com blogs

software restriction policies on a SBC environment

As a best practice, you should always consider Software restriction policies to harden our SBC environment (pre Windows 2008 R2), with hash rules.

Microsoft Technet article can be found here

XenDesktop on hyper-v articles and info

Required IIS role services in Windows 2008 for APP-V

make sure you install the following role services before installing APP-V 4.5 on Windows 2008

  • IIS6 Management compatibility
  • IIS management scripts and tools
  • IIS 7 Windows authentication

For the first 2 you might end up with an error installing app-V and rolling back : “The Installation program was unable to create the required IIS virtual directory”  (error 25120) If you don’t add Windows authentication, it’s possible that you can’t login to App-V (Error 0000C801)

install SQL2008 failover cluster on Windows 2008 R2 might fail

with error message : There was an error setting private property ‘RequireKerberos’ to value ‘1’ for resource ‘SQL Network Name ‘.  Error: Value does not fall within the expected range.

=> solution, slipstream SP1 into the sql 2008 installer.