Archive

Archive for June, 2014

DFSR not copying all temporary files

June 6th, 2014 3 comments

I implemented DFSR replication in our customer between two locations. There are people opening same files on both locations and they want to use Office document locking feature. This locking mechanism is based on creation of temporary files (~*). So I removed file exception (~*) from DFSR Replicaiton Group and allowed to replicate temporary Office files. When I create and open Word document on one location two files are were: WORD.docx and ~$WORD.docx. And when I created new Excel document two files were created: EXCEL.xlsx and ~$EXCEL.xlsx.

Creation of temporary filesOn other location only two files were replicated (created): WORD.xlsx and ~$WORD.xlsx:

Replicated filesWhen I closed Word and Excel temporary files dissapeared and docx and xlsx files replicated correctly.

So let’s look why those files were not replicated. In some Technet articles I found that DFSR doesn’t replicate temporary files. More info is here and here.

It’s nice to know that DFSR doesn’t replicate files marked as temporary. So let’s look at those opened Word and Excel files.

WORD.docx

File attrib

– Only archive attribute set (0x20)

~$WORD.docx:

File attrib– Archive attribute (0x20) and Hidden (0x02)

EXCEL.xlsx

File attrib– Only archive attribute set (0x20)

~$EXCEL.xlsx

File attrib

So utility fsutil cannot open data from this file. It looks that Excel opens its files different way as Word does. And that’s why file ~$EXCEL.xlsx didn’t copy to other location, because DFSR cannot access this file while it’s opened in Excel.

This Excel behaviour causes that Office locking mechanism is not working over DFSR.

Let’s hope Microsoft will fix this in other release Office 🙂

Have a nice day,

Quickie: How to delete registry using reg file

June 6th, 2014 No comments

I always used .reg files to import registry keys and values. I started to think if it’s possible to delete registry key or value using .reg file.

To create key and value you can use following .reg file:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\test]
“test_value”=dword:00000010

 

To delete only value “test_value” you can run following .reg file (minus sign after the equal sign):

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\test]
“test_value”=

 

To delete whole key you can run following .reg file (minus sign in front of key name):

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\test]

 

That’s all for now,

 

Problem with issuing certificate to domain controllers

June 6th, 2014 No comments

I have experienced same problem in two customers within four days. I had server with operating system Windows Server 2012 R2. I installed role Active Directory Certificate Services with default settings. Also default certificate templates were installed. One of the default certificate templates is called Domain Controller and it should be enrolled automatically to all domain controllers using autoenrollment method.

Certification Template

Certificates didn’t autoenroll to domain controllers so I tried to enroll certificate manually. I received following error:

Error: The RPC server is unavailable. 0x800706ba (WIN32: 1722 RPC_S_SERVER_UNAVAILABLE)

CA Error

After couple of minutes of debugging I found out that it should have something to do with security of accessing DCOM object. When I have looked on DCOM security settings I found some domain group called CERTSVC_DCOM_ACCESS. I tried to google for this and I found out that this group should contain all domain members that want to enroll certificate using DCOM. And it was missing “Domain Controllers” group:

certsvc_dcom_access

I just inserted group “Domain Controllers” into domain group CERTSVC_DCOM_ACCESS. Rebooted domain controllers, they had to get new group membership, and everything started to work as expected.

More info here and here.

That’s all for today,