— pissing into the wind

Active Directory

After I installed Exchange 2013 and tried to access either OWA or ECP on it, I kept getting Error 500.  Looking at the httpproxy logs, I saw this: The unhandled exception was: System.Security.Cryptography.CryptographicException: Invalid provider type specified.

Turns out Exchange doesn’t like the key provider, Microsoft Software Key Storage Provider, so you have to reissue a cert using Microsoft RSA SChannel Cryptographic Provider as the provider.

I did this by going through the web cert enrollment and using the Web Server template.  Then I assigned the new certificate to the SSL sites in IIS.

The solution is over here.

Read More

Started a new job a few weeks ago and now that the new team is all done with training, we’re going through and trying to fix things we’re coming across.  One of the errors that showed up on every single domain controller is 8194 and has to do with Group Policy Registry happening every 5 minutes .  The fix for this is pretty simple.  Look up the ID of the GPO in the event log.  Navigate to c:\programdata\microsoft\group policy\history.  You may have to show hidden folder or system folders if they are not visible.  If you drill into the problem directory, you should come across a Registry.xml file that is 0Kb.  Rename the ID folder to <original name>_old.  The errors should stop.

It seems that for whatever reason or another, that policy gets corrupted and needs to be recreated.

Read More

1) Add machine2 as an administrator to machine1

2) Create a batch file with the following 3 lines:

C:\Windows\System32\netsh.exe -r machine1 nps export filename=”c:\npsexport.xml” exportPSK=”YES”
c:\windows\system32\netsh.exe nps import filename=”c:\npsexport.xml”
del /F /Q c:\npsexport.xml

3) Create a scheduled task


Read More