Microsoft
Software
Hardware
Network
Question : Server 2008 R2 DC File Permissions
Hi,
I am building a Server 2008 R2 domain controller (custom build with select computer components) and was making pretty good progress. OS, hardware, drivers, Active Directory, Certificate of Authority, DHCP, DNS, WINS, Print Management, some patches, and a couple apps were installed and configured. She was bluescreening routinely and I finally traced it down to one bad DIMM out of four (quality Corsair memory no doubt !). I probably suffered 8-12 bluescreens before finally tracing the issue. No file fragments or orphaned files or anything similar. File structure is good.
After replacing the bad dimm there were no further bluescreens and everything seemed solid. Then one day I installed a couple more updates and rebooted upon which chkdsk wanted to do a consistency check. It then did the "replacing invalid security id with default security id for file number" for thousands of files. This has never happened to me in my career. I would then boot up to a black screen with only the mouse working and nothing else.
After some troubleshooting I finally pulled out my trusty older Winternals CD and changed the file permissions on all files to Everyone for Full Control. It probably uses xcalcs. I added the System account at Full Control as well. This worked. I booted up and it is once again working.
However, I know that this is not what Microsoft intended so I want to restore the default NTFS file permissions as well as anything else that should be restored back to the default. I am trying to get some ideas on the best way to do this ? Secedit and import certain security templates ?
Should I also disable chkdsk from future consistency checks ? This sounds like a bug that was present until Server 2003 SP2.
One thing I notice is that I have a GPO that automatic updates is supposed to work only for admins not domain users and it does not appear to work for anyone right now. Thank you !
Answer : Server 2008 R2 DC File Permissions
If you have a backup of the files youc an restore the security data but without a backup then you will not be able too.
On the system files you can run sfc /scannow.
Random Solutions
Delphi manupliate string return only integer part
How can i implement the same desktop back ground image on all the computers on my domain
How to Truncate Body Text in SharePoint 2007 RSS Viewer Webpart
Interview Question & Answer for Windows Server 2008
Link between Windows 7 activation and Windows 7 Experience Index
nokia e72 gprs maps not working fine in london
Dropdownlist - add value
SQL
How to diagnose and fix a messed up keyboard
Can't Uninstall Exchange Server 2007 SP1 from 2008 server R2