Active Directory - J House Consulting - DevOps, Microsoft, Citrix & Desktop Virtualisation (VDI) Specialist - +61 413 441 846

A change to the fields in the Netlogon.log file from Windows 2012 and above

January 21, 2014December 13, 2013 by Jeremy Saunders

If you collate and report on the Netlogon.log files from Domain Controllers, you’ll notice that many existing scripts may fail to correctly split the lines when processing the logs from Windows 2012 Domain Controllers; unless of course you’ve already noticed and made an allowance for it.

Enabling the Active Directory JET Database Performance Monitor Counters

February 25, 2014June 20, 2013 by Jeremy Saunders

When monitoring the performance of Domain Controllers there are certain counters over and above the default ones that will provide you with advanced information to ensure that they are sized and performing correctly. These are the JET Database Performance Counters.

An improved and enhanced version of the famous LaunchApp.wsf

September 4, 2012September 3, 2012 by Jeremy Saunders

Have you ever wondered why your logon script fails to map network drives when an Administrative user logs onto a computer with User Account Control (UAC) enabled; even though the drive mapping process completes successfully?

To understand this you need to read the section from “Group Policy Scripts can fail due to User Account Control” here: http://technet.microsoft.com/en-us/library/cc766208(WS.10).aspx

Finding Orphaned Group Policy Objects

September 4, 2012September 3, 2012 by Jeremy Saunders

Group Policy Objects (GPOs) are stored in two parts:

GPC (Group Policy Container). The GPC is where the GPO stores all the AD-related configuration under the CN=Policies,CN=System,DC=… container, which is replicated via AD replication.
GPT (Group Policy Templates). The GPT is where the GPO stores the actual settings located within SYSVOL area under the Policies folder, which is replicated by either File Replication Services (FRS) or Distributed File System (DFS).

This script will help find GPOs that are missing one of the parts, which therefore makes it an orphaned GPO.

NetApp Filers and vFilers generating Netlogon Event ID 5722 errors on Windows 2008 R2 Domain Controllers

August 8, 2012August 7, 2012 by Jeremy Saunders

I have a customer where the NetApp Filers and vFilers are generating Netlogon Event ID 5722 in the System event log on the Windows 2008 R2 Domain Controllers.

Example:

Log Name: System
Source: NETLOGON
Date: 18/07/2012 11:32:22 AM
Event ID: 5722
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: dc1.mydomain.com
Description:
The session setup from the computer vfiler1 failed to authenticate. The name(s) of the account(s) referenced in the security database is vfiler1$. The following error occurred:
The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you.