Microsoft Windows Server 2008 R2 Print error 602

Scenario:

You have a Microsoft Windows Server 2008 R2 Server and are using it to push printers via GPO. Aka a print server.

 


Problem:

Your eventlog is riddled with error logs refering to a event ID 602. You also get the error message “The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-21-127683249-1579156636-1434621442-1147\Printers\Connections” This happens for EVERY printer that you have on your system.

Print Error 602

 


The solution for this issue is very simple, it took me hours of searching the internet to find the Microsoft hot fix for this common issue and i will make it available here for download since Microsoft refuses to release it without users calling them.

On the Server 2008 R2 Machine:

  1. Click the following link to download the hot fix for KB2457866.
  2. DOWNLOAD HERE!
  3. Save it to your server.
  4. Run the Hot Fix.
  5. Reboot the server when prompted.
  6. Voila error 602 should not be displayed upon logon. Note that this error shows everytime a user/admin logs in. After the hotfix you wont get NEW errors. Just be sure to clear out the old ones.

Activate Offline Files via GPO and assign the User folder to always be available Offline.

Scenario:

You have a Microsoft Windows Server 2008 R2 Server and a set of Windows 7 Client PC’s that you want to enable Offline files on and set their User folder to always be available Offline.

 


Problem:

You could do this by going to every PC and doing it by hand, but being as awesome as you are having upgraded to windows server 2008 r2, you will do this from Group Policy Management Console and only have to do it once!

 


In this guide I will assume that you have one OU with Users in it, lets call it userOU. I will also make the assumption that you have another OU for your computer accounts named computerOU.

On the Computer OU:

 

  1. Open up GPMC on your Domain Controller by going to Start > Administrative Tools >Group Policy Management.
  2. Right click on the computerOU and select “Create a GPO in this domain, and link it here…”
  3. For name call it Offline Files Activation and hit enter.
  4. You will now see a shortcut to a group policy called Offline Files Activation under computerOU. Go ahead and right click it and select Edit.
  5. On the left hand side of the window that opened. Browse to Computer Configuration >Policies > Administrative Templates: Policy definitions (ADMX) > Network > Offline Files.
  6. Double click the setting named “Allow or disallow use of the Offline Files feature” Set it to Enabled and hit OK.
  7. Double click the setting named “Action on server disconnect” Set it to Enabled, on the left hand side select Work Offline, and hit OK.
  8. Double click the setting named “Enabled transparent caching” Set it to Enabled and hit OK.
  9. Go ahead and close out the policy so that you’re back in the Group Policy Management Console view.

On the User OU:

 

  1. Open up GPMC on your Domain Controller by going to Start > Administrative Tools >Group Policy Management if you don’t already have it open.
  2. Right click on the userOU and select “Create a GPO in this domain, and link it here…”
  3. For name call it Offline Files User Settings and hit enter.
  4. You will now see a shortcut to a group policy called Offline Files User Settings under userOU. Go ahead and right click it and select Edit.
  5. On the left hand side of the window that opened. Browse to User Configuration >Policies > Administrative Templates: Policy definitions (ADMX) > Network > Offline Files.
  6. Double click the setting named “Administratively assigned offline files” Set it to Enabled and hit Show under Options.
  7. For the Value Name enter \\YOURSERVER\Users$\%username% (This can be anything you want, in this case i want the User share to be allowed offline.) Hit OK.
  8. Hit OK again to close out the setting.
  9. Go ahead and close out the policy, and close the Group Policy Management Console.
  10. You can now go ahead and try it out by going to a computer that is affected by the policy and in the CMD type gpupdate /force.

This way of enabling this policy is great because in one swap you will enable everyone’s User share to be available Offline, and you only needed to do it one time from one place!

Create User folders in Windows Server 2008 R2 and add them to Active Directory

Scenario:

You have setup a brand new Windows Server 2008 R2 Server and want to share a User folder in the network that will be entered into AD into every user. As we keep a high standard of user integrity we will want to take every necessary precaution to prevent users from accessing/viewing/deleting each others files.

 


Share Permissions:

This walk through takes for granted that this server is a part of an active directory environment.

      1. Create a folder named Users (this can be anywhere on the server but I will put it in D:\)
      2. Right-click on this folder and select Properties.
      3. Select the Sharing tab
        Sharing tab
      4. Click Advanced Sharing.
        Advanced Sharing
      5. Check “Share this folder”.
      6. Add a $ sign to the end of the Share name so it says Users$. (This makes this share invisible when browsing the network)
      7. Click on the Permissions button.
        Permissions button
      8. Remove the Everyone group.
      9. Click Add, and add the following groups: Administrators, System, Authenticated Users.
      10. For each group (there should be three) give them full permissions (select allow under full control).
        Full Control
      11. Click OK.

 


NTFS Permissions:

      1. Select the tab Security.
        Security tab
      2. Select Advanced button.
        Security tab
      3. Select change permissions.
      4. Uncheck “Include inheritable permissions from this object’s parent”.
      5. Click on Add when the warning prompt pops up.
        Warning box
      6. Select Users and hit remove (Do this for both if you have two field with user permissions)
      7. Select Add and add the Authenticated Users group.
      8. At Apply To: Select: This folder only.
      9. For the permissions select allow for: Traverse folder / execute file, List folder/read data, Read attributes, Read extended attributes, Read permissions.
        Permissions Authenticated Users
      10. Click OK, Click OK, and Click OK again.
      11. Now your Security tab should look like the image below.
        Security Tab 2

 


Share and storage management:

  1.  Go to Start > Administrative Tools > Share and storage management.
    Share and storage management
  2. Select the share you just created: Users$.
  3. Right click and select Properties.
  4. Click on the Advanced button.
    Share and storage management advanced
  5. Check the check box Enable access-based enumeration.
    Share and storage management access
  6. Click OK.
  7. Close out the Share and storage management console.

Active Directory:

On Your Domain Controller.

  1. Go to Start > Administrative tools > Active directory users and computers.
  2. Navigate to the User you want to add the User folder to.
  3. Right click and select properties on the user.
  4. Select the profile tab.
  5. Under the section Home folder: Select the Connect radio button.
  6. Select the letter U:\
  7. In the To: Text area type: \\YOURSERVER\Users$\%username%(if your server with the share’s name is joe it would be \\JOE\Users$\%username%)
  8. Click OK
  9. Close Active Directory Users and Computers.

If you now browse to the Users$ share folder on the server you created it on. You will notice a folder in it with the users username as the folder name. If you check the permissions for the folder the right permissions have automatically been applied. This technique will definitely save you lots of time as if you were doing it via old net use scripts. Congratulations you have successfully added a user folder share and added it to a user.

Please note that this can be done to multiple users at once, all you do is select all the users in active directory and add the user share to the users.

Feel free to post comments if things are unclear or so, it’s very easy to miss certain details when making a guide like this.

CD/DVD ROM Has yellow exclamation mark in device manager

Scenario:

You have a computer it can be running windows server or windows xp / vista / 7 doesn’t matter. You suddenly notice that your CD/DVD drive is missing.

 


Problem:

You have done what any IT guy/girl would do and uninstalled the CD/DVD ROM from the device manager and rebooted, yet you still get the same code 39 error. You have tried swapping for a new CD/DVD ROM and you get the same error.

 


Solution:

To solve this Code 39 error, follow these instructions:
NOTE: After removing these registry keys and rebooting, it may be necessary to reinstall any CD or DVD recording applications. 

1) Close all open programs

2) Click on Start, Run, and type REGEDIT and press Enter

3) Click on the plus signs (+) next to the following folders

* HKEY_LOCAL_MACHINE
* SYSTEM
* CurrentControlSet
* Control
* Class
* {4D36E965-E325-11CE-BFC1-08002BE10318}

4) This folder is the DVD/CD-ROM Drive Class Description in the registry. Look for any of the following names in the right hand column.

* UpperFilters
* LowerFilters
* UpperFilters.bak
* LowerFilters.bak

5) If any of the above keys shown in step 4 are listed, right-click on them and choose Delete

6) After deleting the keys, close the Registry Editor

7) Reboot
your computer

8) Open My Computer and check to see if your CD or DVD drives have returned. You may also want to open Device Manager and verify that the yellow exclamation and error code on the CD or DVD drive is gone

Microsoft Windows Exchange Server 2007 OWA missing images / styles

Scenario:

You have a Microsoft Windows Server 2003 R2 SP2 server running Exchange server 2007 SP3. As a part of regular maintance uppdates are installed over night by junior IT managers.

 


Problem:

As users return the morning after they are met by a OWA (web-mail) that is very bleek, has no images nor styles. Basically just white with text. After further investigation you notice the Exchange 2007 SP3 Rollup 6 has recently been installed.

 


Solution:

Before you do anything make sure you have a recent backup of your exchange server. You can achieve this by running nt backup or ms backup.

  1. Go ahead and open up my computer and browse to: C:\Program Files\Microsoft\Exchange Server\ClientAccess\OWA\
  2. In this folder there will be numerous folders named 8.1 / 8.2 / 8.X
  3. Look in the folder named 8.3.245.1\Themes\Base
  4. This folder will probably only contain one file, a .css file.
  5. Open up a earlier version such as the 8.3.213.1\Themes\Base folder, if it contains a lot of .gif images and other files return to the Themes folder and copy all folders to the 8.3.245.1\Themes folder.
  6. After you do this you need to download and install the SP3 Rollup 6 Update redist at Click Here!
  7. Once the update has installed open Exchange Management Shell.
  8. Enter updateOWA.sp1 and hit enter.
  9. Close the management shell.
  10. Now surf into the OWA and voila your web-mail works again.

Disallow users logging onto a server localy via GPO

Scenario:

You have a Microsoft Windows Server 2008 R2 Server that is unfortunately located in an area open to users.

 


Problem:

Some of these users feel they can and will log into the server to check things. You obviously want to secure the server and disallow local logins.

 


Solution:

An important warning before you apply this policy. If the policy is applied to the Everyone group NO ONE will be able to log in.

On the Domain Controller server open the GPMC by going to Start > Administrative Tools > Group Policy Management.

  1. On the left hand side select the OU that your server(s) is/are in.
  2. Right click on it and select: Create a GPO in this domain and link it here.
  3. Name the GPO something explanatory such as “Disable local login”.
  4. On the left hand side browse to: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\User Rights Assignment\
  5. Select the policy Deny Log on locally.
  6. Click the check box “Define this policy”.
  7. Go ahead and add the groups you want to deny log on to. In most cases it’ll be the Domain Users group.

Disable Server Manager / Powershell icons on RDS Server 2008 R2 via GPO

Scenario:

You have a Microsoft Windows Server 2008 R2 Server that is used as a Remote Desktop Services server.  You have a number of users that are going to use this RDS server to run a software suite. Some of these users are known for meddling in the systems and others for deleting files and folders at random. Securing the system will take a lot of work and we’ll start with this simple task.

 


Problem:

As users connect they are presented with a very server like desktop, including an icon for the Server Manager as well as Powershell icons. You being the administrator don’t want the users to see these icons, let alone use them.

 


Solution:

This problem requires you to have a basic understanding of the GPMC (Group Policy Management Console). Please be aware that if you make a GPO you cannot simply delete it to return to the previous state, you must undo what the GPO did before it’s deleted.

  1. On the Domain Controller server open the GPMC by going to Start > Administrative Tools > Group Policy Management.
  2. On the left hand side select the OU that your RDS server is in.
  3. Right click on it and select: Create a GPO in this domain and link it here.
  4. Give it a descriptive name such as “Disable server icons”.
  5. Right click the policy Disable server icons and select Edit.
  6. A new windows will pop up. You may want to maximize it.
  7. On the left hand side navigate to: Computer Configuration > Policies > Windows Settings > Security Settings > File System.
  8. GPMC Displaying the folder File System
  9. On the right hand side Right click and select: Add file:
  10. Add the following files:
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Server Manager.lnk
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk
  11. When the server displays the security settings make sure you REMOVE Users from the list. Administrators and System should be the only one with NTFS rights.
  12. On the RDS server open a command prompt and type gpupdate /force and login with a user to test this out.

Now your wonderful users should be able to log on without seeing those awesome icons. The next step would be to remove Administrative Tools from the Start menu. I will cover this in another topic.

Export Windows Live Mail to Outlook 2010

Scenario:

You have a unfortunate user named Joe that used to be a outlook express user and has since moved onto Windows Vista and Windows Live Mail. Joe now wants to install and run Outlook 2010 on his new business PC and wants to move all of his mail, calender, and contact data to Outlook 2010.

 


Problem:

This shouldn’t normally be a problem except the fact that microsoft have failed to mention that the actually way to export to Outlook isn’t called export to Outlook.


Solution:

Exporting email messages from Windows Live Mail into Microsoft Outlook 2010:

  1. Open Microsoft Outlook.
  2. Open Windows Live Mail.
  3. In the Windows Live Mail window, click the File button and select “Export” and then select “Email messages”.
  4. Select “Microsoft Exchange” as the format and then click Next.
  5. You will see a message that all email will be exported to Microsoft Outlook or Microsoft Exchange, click Ok to continue.
  6. You can export all email folders or select the appropriate folders that you want to export by using the “Select folders” option.
  7. After you select the appropriate option, click OK and wait for the export process to be completed.
  8. When the “Export Complete” dialog box appears, click “Finish”.
Note: This process can take some time , depending on the number of messages that you are exporting.

Exporting Contacts from Windows Live Mail to Microsoft Outlook 2010:

  1. Open Windows Live Mail.
  2. Click “Contacts” folder, click “Export” button and select “comma separated values (.CSV)”.
  3. In the CSV Export window click “browse” and select the Desktop folder.
  4. Type “WLMContacts” in the file name and then click the “Save” button.
  5. Click Next and select all the fields that you want to export, click “Finish” button and wait for the export process to be completed.
    Note: The most common fields are First Name, Last Name, Email address and Telephone. If you are not sure about the information just select all the fields. Note: This process can take some time, depending on the number of messages that you are exporting.
  6. Close Windows Live Mail.
  7. Open Microsoft Outlook.
  8. Select the Contacts folder, click File, select Open and then click Import.
  9. Select the option “Import from another program or file” and then click Next button.
  10. Select “Comma Separated Values (Windows)” and then click the Next button.
  11. Click “Browse” and select the exported file “WLMContacts” in your Desktop folder and then click Open.
    Note: You can select some additional options to replace, duplicated or do not import duplicated contacts.
  12. Click the Next button and then make sure that the Contacts folder is highlighted.  If the Contacts folder is not highlighted, then select the Contacts folder and then click the Next button.
  13. Click “Finish” button and wait for the import process to be completed.
    Note: This process can take some time , depending on the number of messages that you are exporting.

Exporting Calendar from Windows Live Mail to Microsoft Outlook 2010:

  1. Open Windows Live Mail.
  2. Select the Calendar folder and make sure that you are logged in by using your Windows Live ID.
  3. Click Send/Receive to sync your calendar.
  4. Close Windows Live Mail.
  5. Visit the Windows Live Calendar webpage http://calendar.live.com            (http://calendar.live.com)        and logon by using your Windows Live ID.
  6. Click the “Share” button and select the calendar that you want to export.
  7. Select the option “Share this calendar”.
  8. Put a check mark in the item topic “Send people a view-only link to your calendar”.
  9. You will see some links to share your calendar.   If the links are not displayed, click “Get your calendar links (this will also save your settings)” and then click OK to confirm.
  10. Under the category “Links that show event details”, click “ICS: Import into another calendar application”.
  11. Select and copy the URL displayed without the webcal:// prefix.
  12. Open a new Internet Explorer window, paste the URL without the webcal:// prefix in the address bar and press Enter.
  13. Save the calendar .ICS file on your Desktop.
  14. Repeat the steps 5 to 13 for each calendar that you want to export.
    Note: After complete these steps your Windows Live Calendar settings from the webpage are saved as Shared. You can make the calendar private again following the steps 5 to 7 above. Select the option “Don’t share this calendar (keep it private)” and then click Save.
  15. Close the Internet Explorer window after you save all the .ICS files that you want.
  16. Open Microsoft Outlook.
  17. Click File, select Open and then the Import option.
  18. Select the option “Import an iCalendar (.ics) or vCalendar file (.vcs)” and then click the Next button.
  19. Select the .ICS calendar file in your Desktop folder and then click Ok button.
  20. Click the “Import” button in the dialog box and wait for the import process to be completed.
  21. Repeat steps 17 to 20 for each calendar that you want to import.

Offline files sync error “couldn’t access the file”

Scenario:

 

You have a domain controller running Windows Small Business Server 2003, and you have a domain joined Windows 7 Professional workstation. On this workstation is a user named Joe who uses a laptop and works remotely. Joe is the first at his company to have a Windows 7 computer that uses the Offline files feature. Joe cannot sync his files that are in his home network share. The following sync error appears: “The Process cannot access the file because it is being used by another process”

 


 Problem:

Every single file in the home share receives a sync error. When the user is disconnected from the network none of the files are available offline.


Solution:

This problem requires you to make changes to the registry of the server. Use caution when editing registry values!
Ensure that the files aren’t infact being locked by a document management software suite or a security software. Popular computers featuring this typ of software are Dell and HP lap tops.

Offline Files in Windows 7 require Oplock to improve performance. Since Windows 7 uses SMB2.0 and Server 2003 uses SMB1 this error will occur simply because of oplocks being disabled.

On the Windows Small Business 2003 Server:

  1. Open up Registry editor by hitting Windows+R key and typing regedit followed by enter.
  2. In the left hand side browse to the following key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MRXSmb\Parameters.
  3. Create a DWORD value named OplocksDisabled and set it to (Not disabled).
  4. On the left hand side browse to the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters.
  5. Change the following DWORD value EnableOplocks to 1 (Enabled).
Once this is done you will need to reboot the server for the changes to take affect. After the reboot is finished you should be able to sync Offline Files to a Vista / Windows 7 client.


Clear Offline Files Sync Cache

Scenario:

You have a domain controller running Windows Small Business Server 2003, and you have a domain joined Windows 7 Professional workstation. On this workstation is a user named Joe who uses a laptop and works remotely. The user used to be able to sync his files and folders when coming back to the office on his old XP laptop, but can’t any longer with his Windows 7 laptop.


 Problem:

Since Joe received his new laptop he has activated Offline Files numerous times and has done exactly as the computer asks of him which is to restart to allow this to work. Once Joe reboots the machine Offline Files is still inactive.


Solution:

  1. Open up registry editor by hitting the Windows-key + R and typing regedit followed by hitting enter.
  2. On the left hand side browse to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Csc\Paramaters
  3. If there isn’t a Paramaters key (folder) please create one.
  4. Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Csc\Paramaters, add a new DWORD value called FormatDatabase and set its value to 1.
  5. Reboot your PC and voila Offline Files works.