Categories
Windows 7

Error access Certsrv site from 2008 server to 2003 CA

So we recently had to request a certificate from a Windows 2008 R2 Server from our internal Windows 2003 Enterprise Certificate Authority. When we hit the https://server/certsrv site we got this error:

 

Microsoft Active Directory Certificate Services  —   
Error
The certificate enrollment page you are attempting to access cannot be used with this version of Windows. To enable Web certificate enrollment for clients running Windows Vista, your administrator must update all Windows CA Web enrollment pages. To learn more about this issue and the steps needed to update Web enrollment pages to support all versions of Windows, see:
http://support.microsoft.com/kb/922706

 

Well after doing some searching, http://en-us.sysadmins.lv/Lists/Posts/Post.aspx?ID=53, I found that you need to do some uninstalling and re-installing of patches for the CA server.

Here are the steps to get it working:

To work around this issue you must follow the steps described below:

  1. Uninstall KB2518295 from Add or Remove Programs applet.
    Note: by default security updates are not shown in Add or Remove Programs applet. Mark Show Updates check-box.
  2. Install KB922706 update. Use the links below to download appropriate update:
    Download link for Windows Server 2003 x86
    Download link for Windows Server 2003 x64
  3. Install MS11-051 security patch. Use the links below to download appropriate update:
    Download link for Windows Server 2003 x86
    Download link for Windows Server 2003 x64

After update installation you may need to restart web site that serves enrollment web pages. To do that, do the following:

  1. In the Start –> Administrative Tools select Internet Information Services (IIS) Manager.
  2. In the opened console, expand Computer Name\Web Sites node.
  3. Select Default Web Site entry.
  4. In the Actions menu, select Stop and then click Start from the Actions menu.
Categories
Windows 7

How to Enable Remote Desktop Remotely using PSEXEC

If you’re like me, you’ve probably tried to connect to a remote Windows system and found that the "Allow Remote Connections" setting is disabled. Well I found this great little article, Ben O’Sullivan’s Blog, that will allow you to enable it remotely. 

 

 

  • Download and install PSExec. This is an offical tool from Microsoft to emulate a remote command prompt. 
  • Enter the following command to enable remote desktop in cmd
    psexec \\machinename reg add "hklm\system\currentcontrolset\control\terminal server" /f /v fDenyTSConnections /t REG_DWORD /d 0
  • Enter these commands enable RDP traffic through the windows firewall
    psexec \\remotecomputername netsh firewall set service remoteadmin enable
    psexec \\remotecomputername netsh firewall set service remotedesktop enable

    psexec netsh

     

     

Categories
Windows 7

Can’t delete long or deep folder path

For a while now I’ve been using a scheduled backup that copies my windows profile to my file server on a nightly basis. Well since I switched to Vista and now Windows 7 I’ve noticed something funky.

If you look in your C:\users\<username>\AppData\Local (hidden folder) folder you’ll notice an "Application Data" directory with an icon that looks like it’s a shortcut and that you have no rights to access. Well it seems the Microsoft in all it’s wisdom created a junction point here that basically points back to itself.

So what happens when you have a backup solution that overrides access denied and then attempts to copy this folder is that you copy itself into itself over and over again until you reach the windows folder depth limit and error out. You end up with something like this but MUCH deeper

 folders.jpg

Well I search for about an hour and finally found a solution on Windows IT Pro, JSI Tip 9651.

By using RobCopy, which is now part of Vista and Windows 7, this script will automatically delete the deep/long folder structure. If you’re not runing Vista or Windows 7, make sure a copy of RoboCopy.exe is in the same folder as the batch file.

Copy and paste this into notepad and save as DelFolder.bat. The syntax is DelFolder.bat <FolderPath>:

@echo off
if {%1}=={} @echo Syntax: DelFolder FolderPath&goto :EOF
if not exist %1 @echo Syntax: DelFolder FolderPath – %1 NOT found.&goto :EOF
setlocal
set folder=%1
set MT="%TEMP%\DelFolder_%RANDOM%"
MD %MT%
RoboCopy %MT% %folder% /MIR
RD /S /Q %MT%
RD /S /Q %folder%
endlocal