Virtualised domain machines may have snapshots which can be a problem after the machine is forced to change it's domain password; usually after 30 days. This is forced by group policy which is nearly always very difficult to get modified.
Check the password age setting here
Key = HKLM\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
Value = MaximumPasswordAge REG_DWORD
The controlling policy is
Computer Configuration\windows Settings\Security settings\Local Policies\Security Options
Domain Member: Maximum Machine Account Password Age.
If a machine automatically changes its domain account password and is then reverted to an earlier snapshot then the message
The trust relationship between this workstation and the primary domain failed
appears and it can be a mission to get this sorted out. Logging on as local admin, switching to workstation reboot, switching to domain entering an authorised domain user account and password for adding machines to the domain etc etc.
Avoid the pain by remembering to force the password change before 30 days and saving a new snapshot. This command forces a machine domain account password change.
nltest /sc_change_pwd:<yourdomain>
Monday, February 29, 2016
Sunday, February 28, 2016
Changing Network Type Public Private Work
The network type of a configured connection can be changed in the local policy editor.
Run GPEDIT.MSC
Go to Computer Configuration > Windows Settings > Security Settings > Network List Manager Policies
Right Click Show All
Right Click the Network to edit
Click the Network Location Tab and change the Location.
"Home" editions may not have policy editors available
This page describes how Windows 8 home can have the network type changed.
https://www.tekrevue.com/tip/change-network-location-windows-8/
Tuesday, February 23, 2016
Firefox >v38 in App-V 5
An internal webapp was not performing well within the primary (IE) or standard secondary browser (Firefox).
By creating a separate custom profile and launching the App-V isolated Firefox the webapp can be completely isolated and launch in its own session and profile.
-no-remote -new-instance -P "CustomProfileName" http://urlserver/folder/page.htm
Subscribe to:
Posts (Atom)