Microsoft Reduce Customer Effort Center

Our team drives product feedback based on solid data, it drives proactive issue prevention and ultimately, drives improvements around products based on customer feedback.

September, 2006

  • Install WSUS SP1 with WMSDE

    This article will guide you to install WSUS SP1 with WMSDE step by step: ▪ Prerequisite ▪ Backup the existing WSUS ▪ Install WSUS SP1 with WMSDE
  • Configuring a Highly Available Print Server Cluster

    This guide provides step-by-step instructions for creating and configuring a highly available print server on Microsoft Windows Server 2003 Enterprise Edition and Windows Server 2003 Datacenter Edition operating systems. These print servers use a typical, single quorum device, multi-node server cluster that uses a shared disk.
  • Desktop lockdown in a domain or non-domain environment

    Locking down desktops is becoming more and more prevalent in today’s corporate environment. Malware, viruses and malicious users are putting the pressure on IT staff to remove users as local admin’s and lockdown systems. In order for this to be successful, administrators need a delivery mechanism to install software and hot fixes to users machines. Here is some of our experiences in locking down desktops as a very import step in securing your infrastructure. Specifically, we focused on locking down desktop via Group Policy and how to leverage that in an Active Directory environment.
  • DFS namespace permissions

    This is a common topic in the DFS_FRS field. Customers often describe how some users are unexpectedly denied access to targets in the namespace while other users can access the targets without problems. Customers also ask whether there are DFS permissions somewhere that must be adjusted. The answer is that DFS clients will respect the combination of NTFS and share permissions set on the particular target the client is trying to access.
  • Easy ways to query hot fix information

    Many of customers request information on querying hot fix information. They need a report on what hot fixes have been patched and what hot fixes they do not have installed. This article explains several ways to find this information.
  • How to block IM on ISA

    Excessive non-business IM during business hours could adversely affect users' productivity. The use of P2P may consume enough network bandwidth to leave noticeable impact on the network and operation of legitimate programs. This article describes how to block IM/P2P by using HTTP Signature, a new feature of ISA 2004. For the sake of simplicity, only the blocking of MSN Messenger is discussed; however, the same concept applies to Live Messenger, Yahoo! Instant Messenger, etc.
  • Anti Spam on Exchange

    We received some requests on how to set anti-spam and also some incidents of issues caused by incorrect setting of anti-spam. Here is a good article on Exchange team blog. The article describes what we can do on Exchange server to set anti spam in...
  • MOM Availability Reporting Management Pack

    MOM: The Availability Reporting Management Pack has been re-released For background information on what has been fixed please see
  • Hot issue Errors related to Kerberos authentication

    Kerberos is the default protocol for network authentication in Windows Server 2003. The Kerberos authentication protocol provides a mechanism for mutual authentication between a client and a server, or between one server and another, before a network connection is opened between them. It is more flexible and efficient than NTLM, and more secure. However, if Kerberos authentication fails between computers in a domain, we may encounter problems in DC replication, sharing resources, logon or other operations.
  • Virus crash svchost without MS06-040

    Viruses may crash svchost.exe/services.exe on servers that do not have MS06-040 installed. If your server encounters any of the symptoms listed in this article, check for MS06-040 (KB921883). If you do not have it installed, doing so will fix the problem.
  • CA eTrust Antivirus mistakenly remove LSASS.exe

    Microsoft has received customer reports that the system cannot boot up due to LSASS.EXE being erroneously removed. The Lsass.exe file in Microsoft Windows Server 2003 is being identified as an infected file and is being quarantined by Computer Associates (CA) eTrust Antivirus signature 303.3.30.54. This behavior may cause the computer to display a gray screen when the computer restarts. The computer may appear to stop responding.
  • Automatic Update Scan Issues

    Microsoft is aware, through recent customer feedback, that some enterprise customers have been experiencing Unexpectedly high cpu utilization or system unresponsiveness issue when they apply Microsoft updates to certain workstations or servers. Customers are experiencing this when they use Microsoft System Management Server (SMS) 2003 Service Pack 1 (SP1) or a later version together with the Inventory Tool for Microsoft Updates (ITMU). Customers also experience this issue on computers that are running the Windows Update Agent (WUA).
  • Outlook Crash after move mailbox to Exchange 2003 SP2

    CSS have received a lot of cases recently of Outlook crashing following a mailbox move to Exchange 2003 SP2. The crash occurs due to a discrepancy in the replid map in the memory on the server and the replid map in Jet. Such issues are common due to the GRM (Guid/replid mapping) cache being on by default in SP2 (whereas in SP1 it was turned off by default).
  • MS updates may affect Exchange mail flow

    You may experience unable to send e-mail in Microsoft Exchange 2000 Server or in Microsoft Exchange Server 2003 due to access being denied or not having permission to do so. You may also receive NDR. See more for how these happen.
  • Microsoft Will Continue to Support IE6 after Release of IE7

    Christopher Vaughan mentioned in IEBlog that Microsoft will not terminate the support of IE6 to encourage customers to upgrade to IE7.
  • Optimize MOM 2005 Agent installation

    To implement MOM functions, we must deploy MOM agents on all monitored servers efficiently. In MOM 2005, we can remotely push out MOM agent from MOM Administrators console. However, since the productive environment is complex, the remote push installation may be failed due to various reasons.
  • Forcefully demote a Windows Server 2003 domain controller

    Under some circumstances, a domain controller cannot be gracefully demoted due to the required dependency or operation failing. These include network connectivity, name resolution, authentication, Active Directory service replication, or the location of a critical object in Active Directory. As a last resort, we can perform a forced removal of a domain controller from Active Directory to avoid having to reinstall the operating system on a domain controller that has failed and cannot be recovered. When a domain controller can no longer function in a domain (that is, it is offline), you cannot remove Active Directory in the normal way, which requires connectivity to the domain. Forced removal is not intended to replace the normal Active Directory removal procedure in any way. It is virtually equivalent to permanently disconnecting the domain controller.
  • Error code 0x1391 while installing Terminal licenses

    Recently, you may fail to install Terminal licenses using the “Automatic” or “Web Browser” connection method and receive the error message below:
  • How to implement SQL 2005 on SMS 2003 and MOM 2005

    Both SMS and MOM require SQL server as a data store solution. As SQL 2005 is released for several months, you may have request to implement SQL 2005 for SMS and MOM. To prevent all potential upgrade issue and ensure the productive SMS and MOM work well after SQL 2005, I listed the pre-requirement list and the common issues.
  • Hot Security issues after installing Windows 2003 SP1

    Windows 2003 Service Pack 1 makes some significant changes to security including start up account for services, DCOM security and etc. Services such as RPC and DCOM are integral to Windows Server 2003, but they are also an alluring target for hackers. By requiring greater authentication for RPC and DCOM calls, Service Pack 1 establishes a minimum threshold of security for all applications that use these services, even if they possess little or no security themselves. Since SP1 has stronger defaults and privilege reduction on services, it may result in some issues after installing SP1.
  • How to Accurately Read Microsoft Security Bulletins

    Every second Tuesday of the month (US Time), also called Bulletin Release Day, Microsoft will release monthly security updates to public. Simultaneously, the detailed descriptions of these security updates will be published on Microsoft public website, which is called Security Bulletins. This article will provide you a guidance on how to accurately, efficiently and effectively read the security bulletins, and realize high-quality patch management.
  • Product Support Lifecycle

    ▪ Microsoft Support Lifecycle Homepage ▪ Notify customers on the end of Windows XP SP1 and SP1a support ▪ SQL 2000 SP3a support extended until July 10, 2007