Microsoft Supportability e-Newsletter

Windows XP and Windows Server 2003 provide many enhancements in the area of data protection— especially Encrypting File System (EFS). This article provides some common issues and file recovery practices to prevent encrypted files being inaccessible. We Read More...

Some of the fun we have in product support is that, once a new product is released nowadays, we get to navigate the uncharted waters of new security settings interoperating with our customers’ real world environments. With Windows XP and Server 2003 we Read More...

A temporary user profile is issued each time an error condition prevents the user's profile from loading. Temporary profiles are deleted at the end of each session, and changes made by the user to their desktop settings and files are lost when the user Read More...

The secure channel is used to validate the member servers or workstations membership in the domain, based upon its hashed password. This discrete communication channel helps provide a more secure communication path between the domain controller and the Read More...

A while back we got involved in a weird issue where a network user encountered network share access problems. The symptom or the error message might be different in some scenarios: 1. Domain controller’s share folders cannot be accessed by the NETBIOS Read More...

Windows 2000 and 2003 both contain protected groups , called AdminSdHolder . AdminSdHolder is used to control the permissions of user accounts that are members of the built-in Administrators or Domain Administrators groups. Protected Groups are groups Read More...

Kerberos is the default protocol for network authentication in Windows Server 2003. The Kerberos authentication protocol provides a mechanism for mutual authentication between a client and a server, or between one server and another, before a network connection is opened between them. It is more flexible and efficient than NTLM, and more secure. However, if Kerberos authentication fails between computers in a domain, we may encounter problems in DC replication, sharing resources, logon or other operations. Read More...

Windows 2003 Service Pack 1 makes some significant changes to security including start up account for services, DCOM security and etc. Services such as RPC and DCOM are integral to Windows Server 2003, but they are also an alluring target for hackers. By requiring greater authentication for RPC and DCOM calls, Service Pack 1 establishes a minimum threshold of security for all applications that use these services, even if they possess little or no security themselves. Since SP1 has stronger defaults and privilege reduction on services, it may result in some issues after installing SP1. Read More...