To implement/edit account lockout policy in Small Business Server do the following.
1. Start/Administrative Tools/Group Policy Management
2. Forest/Domains/<Your Domain>
3. Right-Click “Windows SBS User Policy” /Select “Edit”
4. Computer Configuration/Policies/Windows Settings/Security Settings/Account Policies/Account Lockout Policy
5. Double-Click the items in the right hand pane to enable and set the Account Lockout Parameters.
In Control Panel/Credentials I found a link to a Terminal Server saved password on a long defunct server. After I deleted the saved credential my 10009 errors disappeared.
In the end, using DNS Manager, I deleted _msdcs.<YourDomain>.local from the Forward Lookup Zones, restarted the DNS Service, and ran Fix My Network from the SBS console. Again using DNS Manager I recreated _msdcs.<YourDomain>.local, restarted the DNS Service, and reran Fix My Network. This time when I ran the BPA there were no errors.
The DNS errors may have been there since the migration from SBS 2008 a few months ago but only came to light with the latest release of BPA.
The SBS 2011 BPA was showing a bunch of network errors including the IPv6 disabled warning. This is an extremely annoying error because there is not enough information to track where it comes from so it caused a bit of head scratching before I found the root cause.
I am using Fortinet Client Lite and it had installed a miniport network adapter which I was unable to configure nor delete even after un-installing the Fortinet Client. The adapter is visible with device manager. A search of the registry for “Fortinet” uncovered the Fortinet Miniport Adapter which I deleted. I re-ran BPA and the annoying IPv6 message was gone.
If you are not using Fortinet Client and still face this problem. Check the Network Adapters in Device Manager and make sure that they are all configured correctly. BPA seems to check all adapters even the disabled ones.
Occasionally, on restarting SBS2011, after upgrade, I found that it had lost Internet connectivity. The connections to local devices were still perfectly good. I could ping other PCs, connect to shares, use and control network printers, but I couldn’t ping the router/gateway and couldn’t get through to the Internet.
I chased a few red herrings before I came across an article on the VMware forums somewhere referring to IP4 Checksum Offload. The article didn’t directly relate to VMworkstation 8 but it pointed me in the right direction.
Connectivity seems to be quite sensitive and if you face intermittent connectivity issues then here are a couple of recommended steps relating to NIC setup that worked for me.
1. Switch off Auto-negotiate, manually change connection speed until you make the connection, then switch on Auto-negotiate.
2. On all NICs, real and virtual, disable IP4 Checksum Offload.
Apparently, nowadays patching SharePoint is a two stage process. After running the update you need to run the PSCONFIG command from an Administrative Command Prompt. I’ve attached the article with the fix. http://social.technet.microsoft.com/Forums/pl-PL/smallbusinessserver/thread/94c5f178-f020-4d0f-ba7c-11c415d0d862.
I got neither TRUE nor FALSE when I ran the test command but I ran the PSCONFIG command anyway and it fixed my backup problems.
*Excerpt from the article
1. Open an Administrative command prompt.
2. Change directory to C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN
3. Run PSConfig.exe -cmd upgrade -inplace b2b -force –cmd applicationcontent -install -cmd installfeatures
*End of Excerpt
The virus was in a pop-up entitled “PC Repair”. The user was scared by the pop-up which looked like a very genuine Anti-Virus scan. It showed numerous infections and the easy way out was to click the repair button. The virus disabled Task Manager, Hid all the Desktop Icons, the Start Menu items, the Taskbar, and said that my remote control software, CentraStage, had been disabled. It also cleared all valid Restore Points and set some invalid Restore Points.
I could see from the history that MSSE did catch the initial infection but the user was confused by the believable PC Repair notice. I booted to safe mode and MSSE was able to remove parts of the virus but I was left with Browser Redirection to random advertising and sales sites. Turns out that this was caused by a TDSS RootKit which I was able to remove with TDSSKiller from Kapersky.
I failed to find the rootkit with the following spyware / AV programs:-
1. SpyBot
2. SpyDoctor
3. MalwareBytes
4. HijackThis
5. ComboFix
6. MSSE
I found and removed the virus with TDSSKiller from Kapersky. I also found the virus with Hit Man Pro but they wanted a subscription in exchange for virus removal. Hit Man Pro would have been worth it but TDSSKiller is free.
If your favicon displays in Firefox but not Internet Explorer then delete your browsing history in Internet explorer.
I came across many threads on this topic but basically if it is showing in Firefox then you have a good favicon image and it is in the right place in your website. Apparently IE has a mind of its own as to when it refreshes the favicon for a stored page and from what I can gather it is every 2 weeks or so. The easiest way around this is to delete your browsing history.
If your internet slows to a crawl after adding a VPN connection then it is most likely because all internet traffic is being routed via the default gateway on the VPN connection. Change this via:-
Control Panel/Network and Sharing Center/Change Adapter Settings/<Your VPN Connection>/Properties/Networking/Internet Protocol Version 4 (TCP/IPv4)/Properties/Advanced – Untick Use Default Gateway on Remote Network. (You may also have to change the same setting for TCP/IPv6). Restart the connection. This solution works for connecting Outlook to Exchange Server on the remote network.
This was an absolute pain. I found the cause by creating a new profile and adding the accounts that Outlook “front ends” for me one at a time. Eventually I found the offending account. It was an issue with the server for that particular account and nothing to do do with the Outlook side of things. During the troubleshooting I came across a very useful tool, http://www.howto-outlook.com/products/outlooktools.htm.
