執行Regedit
在HKEY_LOCAL_MACHINE/System/CurrentControlSet/
新增機碼StorageDevicePolicies
新增Data Type:DWORD, Value Name:WriteProtect, Value為1
執行Regedit
在HKEY_LOCAL_MACHINE/System/CurrentControlSet/
新增機碼StorageDevicePolicies
新增Data Type:DWORD, Value Name:WriteProtect, Value為1
Symptoms
From cluster setup log(ClCfgSrv.log)
2008-10-14 16:11:38.873 [ERR ] S01: 正在檢查所有節點都可以存取仲裁資源... (hr=0x800713de, {EBC8AEFF-10C3-4D5B-AC17-FC0F4C3871B7}, {B8C4066E-0246-4358-9DE5-25603EDD0CA0}, 0, 3, 3), (null)
2008-10-14 16:11:38.952 [ERR ] S01: (null) (hr=0x800713de, {FDC75680-7DBB-42CA-8003-E4CDB01FF062}, {EBC8AEFF-10C3-4D5B-AC17-FC0F4C3871B7}, 0, 8, 8), (null)
From UI
Solution︰
Use Advanced (minimum) configuration to pass the verification
Cluster setup may not work when you add nodes
Issue:
======
Remote Assistance does not allow control - Imaged machines only
Not able to remote control a remote assistance session.
PROBLEM:
=======
You were unable to “Take Control” of a Remote Assistance machine, after establishing a connection to the Windows XP SP2 machine. This issue only occurs on Windows XP machines that were part of your standard image.
RESOLUTION:
===========
We finally discovered that there were missing registry keys on the Novice machine, thus preventing us from Taking Control of the machine.
The following steps corrected this issue:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\RDP_KBD
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\RDP_MOU
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\RDPDR
To fix this, follow these steps:
1. Export the above keys from a working machine
2. On the failing machine, make sure you have permissions to write to the above keys
3. Import these keys to the failing machine
4. Reboot
PROBLEM:
========
Cache file is occupying all available space
CAUSE:
======
Momcache.mdb file is growing up without control for any of the users that uses your OpsMgr console.
RESOLUTION:
==========
workaround
Try start the console with the /clearcache switch 
or
Delete C:\Documents and Settings\<user>\Local Settings\Application Data\Microsoft\Microsoft.Mom.UI.Console\momcache.mdb
發生原因 :可能為大量建立帳號或是使用非正常方式還原DC導致,原來RID pool序號應該每台是根據RID Master發出的序號
如何看DC RID Pool是否正常可以由Dcdiag /v log找到以下
客戶在在AD2上是可以建立帳號的,因為pool ID 正確
Starting test: RidManager
* Available RID Pool for the Domain is 5111 to 1073741823
* ads.pglamer.com.tw is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 4611 to 5110
* rIDPreviousAllocationPool is 4611 to 5110
* rIDNextRID: 4611
......................... AD2 passed test RidManager
而AD1的下一個要發的 ID是 4610 目前Pool值已經空了
Starting test: RidManager
* Available RID Pool for the Domain is 5111 to 1073741823
* ads.pglamer.com.tw is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 4111 to 4610
* rIDPreviousAllocationPool is 4111 to 4610
* rIDNextRID: 4610
* Warning :Next rid pool not allocated
* Warning :There is less than 0% available RIDs in the current pool
此問題通常由程式建立大量帳號DC來不及跟RID要取500 ID pool,或是這台DC曾經做過system states的還原
解決方式
請在AD1上執行以下步驟
a-1. Please add the following registry value on the domain controller MERCURY. (If your OS is Windows 2000)
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow System Only
Change
Type: REG_DWORD
Value: 0x1
a-2. If OS is Windows 2003 server, please install support tools from Windows 2003 source CD
It will be there <CD-Rom Driver>:\SUPPORT\TOOLS\SUPTOOLS.MSI
After install support tools, please following below steps.
1. Start LDP.exe and go to Connection and choose Connect. Then go to Connection and choose Bind to the DS server that you want to modify. Make sure that you are a schema administrator.
2. After you connect to and then authenticate your computer that has the selected Lightweight Directory Access Protocol (LDAP), locate the Browse menu. Then, select the Modify option.
3. Leave the DN blank. Then, type "schemaUpgradeInProgress" (without the quotation marks) in the Attribute field. In the Values field, type "1" (without the quotation marks).
4. Select the "Add" operation, and then press the ENTER button. Note When you press the ENTER button, you add this command to the entry list.
5. Select Run. Note You will receive a "Modified" message when you have finished.
b. Don't reboot the server. We can modify the RID pools attributes now.
We can see DCDIAG Log
Starting test: RidManager
* Available RID Pool for the Domain is 5111 to 1073741823
* ads.pglamer.com.tw is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 4111 to 4610
* rIDPreviousAllocationPool is 4111 to 4610
* rIDNextRID: 4610
* Warning :Next rid pool not allocated
* Warning :There is less than 0% available RIDs in the current pool
c. Please set the values as below:
We will ignore the 4611 to 5110 pool, and start it from 5111 pool. The number of the RIDs added is 500.
The NextRID should be: 5111.
The ridallocationpool should also be: 15EA000013F7 (24094766535671) 5111-5610 新的<--------(5111+499=5610)
15EA=5610
13F7=5111
15EA000013F7=24094766535671
The ridpreviousallocationpool should be: 12020000100F (19799799238671) 4111-4610 舊的 <--------
1202=4610
100F=4111
12020000100F =19799799238671
d.Use Adsiedit.msc midify value:
1. Open Adsiedit.msc on the domain controller ADS.
2. Expand to Domain NC -> OU=Domain Controllers -> CN=AD1.
3. Go to the right pane, and right click CN=RID Set.
Example:
Choose properties.
4. In the Attributes tab, choose Mandatory for the type, and then in the property
field, choose the above 3 attributes in color:
rIDAllocationPool: 24094766535671 <-----------------5111-5610
rIDNextRID: 5111
rIDPreviousAllocationPool: 19799799238671<-----------------4111-4610
5. Set their value the same as listed above in color. Click the Apply button to make the resetting successful.
6.After changing the three attribute values, let's expand other object:
Domain NC Partition,DC=pglamer,DC=com,DC=tw,CN=System.
On the right panel, you can see the object CN=RID Manager$.
Example:
Right click on it, choose Properties.
7. Locate the attribute rIDAvailablePool. Make sure its value is Then change the value to 4611686014132425719 (5111 to 1073741823).
5111 to 1073741823
5111=13F7
1073741823=3FFFFFFF
3FFFFFFF000013F7=4611686014132425719
rIDAvailablePool=4611686014132425719
8.Reboot machine
d.change the value back:
a-1. Please add the following registry value on the domain controller MERCURY. (If your OS is Windows 2000)
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Allow System Only
Change
Type: REG_DWORD
Value: 0x0
a-2. If OS is Windows 2003 server, please install support tools from Windows 2003 source CD
It will be there <CD-Rom Driver>:\SUPPORT\TOOLS\SUPTOOLS.MSI
After install support tools, please following below steps.
1. Start LDP.exe and go to Connection and choose Connect. Then go to Connection and choose Bind to the DS server that you want to modify. Make sure that you are a schema administrator.
2. After you connect to and then authenticate your computer that has the selected Lightweight Directory Access Protocol (LDAP), locate the Browse menu. Then, select the Modify option.
3. Leave the DN blank. Then, type "schemaUpgradeInProgress" (without the quotation marks) in the Attribute field. In the Values field, type "0" (without the quotation marks).
4. Select the "Add" operation, and then press the ENTER button. Note When you press the ENTER button, you add this command to the entry list.
5. Select Run. Note You will receive a "Modified" message when you have finished.