Disable Strict Name Checking

Allow proper network access to a server using a DNS alias:

See 281308 Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name

Or copy out the codes below into a .REG file and import it.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters]
"DisableStrictNameChecking"=dword:00000001

---

Also may need to disable Loopback checking:
926642

DisableLoopbackCheck registry entry in the KEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa registry subkey to 1. To set the DisableLoopbackCheck registry entry to 1, follow these steps on the client computer:
- Click Start, click Run, type regedit, and then click OK.
- Locate and then click the following registry subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

- Right-click Lsa, point to New, and then click DWORD Value.
- Type DisableLoopbackCheck, and then press ENTER.
- Right-click DisableLoopbackCheck, and then click Modify.
- In the Value data box, type 1, and then click OK.
- Exit Registry Editor.
- Restart the computer.

Windows 2008
It still works for Windows 2008.

Windows Server Black Logon Screen

VERY strange problem
Hit ctrl-alt-del to logon console or rdp to server. Just get a black screen with difficult to see underscores where the logon fields should be. We were able to tab around on the screen and enter logon name and password and get logged on. (or input logon credentials into RDP before connecting.) Once logged on, everything was normal.

We had two servers, both of which happened to be print servers, both experienced this same issue at the same time. Windows 2003 R2 SP2 running as ESX3.5 virtual machine.


Cause
As strange as the problem is, it's root cause is strangely simple.
The display colors for the default user have all been changed to black.
After a tedious internet search we learned about someone elses experience with this exact problem: http://www.flyhpr.com/blog/2005/02/windows-2003-black-login-screen.htm.
They said they called Microsoft and this is a known problem but supposedly they didn't get enough calls about it to make it a KB article. (???that is also a very strange answer, by the way.) The article goes on to say Microsoft told them this issue was caused by the system drive running out of space.


Solution

Change the colors back to normal. copy the clipped lines below
and save a .REG file. Run it on the server with the problem.
-------------------------------------------------------
Windows Registry Editor Version 5.00

[HKEY_USERS\.DEFAULT\Control Panel\Colors]
"ActiveBorder"="212 208 200"
"ActiveTitle"="10 36 106"
"AppWorkSpace"="128 128 128"
"Background"="102 111 116"
"ButtonAlternateFace"="181 181 181"
"ButtonDkShadow"="64 64 64"
"ButtonFace"="212 208 200"
"ButtonHilight"="255 255 255"
"ButtonLight"="212 208 200"
"ButtonShadow"="128 128 128"
"ButtonText"="0 0 0"
"GradientActiveTitle"="166 202 240"
"GradientInactiveTitle"="192 192 192"
"GrayText"="128 128 128"
"Hilight"="10 36 106"
"HilightText"="255 255 255"
"HotTrackingColor"="0 0 128"
"InactiveBorder"="212 208 200"
"InactiveTitle"="128 128 128"
"InactiveTitleText"="212 208 200"
"InfoText"="0 0 0"
"InfoWindow"="255 255 225"
"Menu"="212 208 200"
"MenuText"="0 0 0"
"Scrollbar"="212 208 200"
"TitleText"="255 255 255"
"Window"="255 255 255"
"WindowFrame"="0 0 0"
"WindowText"="0 0 0"
-------------------------------------------------------

Good article: Storms RIP the Net

This is an informative recounting by Laura Chappel of the investigation and repair of network traffic issue crippling a network. Nothing could stay connected even long enough to do a "normal" packet capture.
She had them setup a quick packet capture outside the GUI to allow for getting on and getting the capture before being bumped off.

tshark -c 100 -w gen1.pcap

The -c parameter indicates the number of packets to capture. The -w parameter is
used to define the name of the trace file to create.

Looking at the 100 packets the fact that the IP Identification field matched for every packet indicated that this was a looping condition rather than some kind of denial of service from a single host.

A switch loop is easy to create and often hard to troubleshoot, unless you are looking for this exact condition. And often the opportunity to create a loop is made available to the masses with proliferation of workgroup switches to avoid spending a couple hundred bucks on having another jack installed. ("Gee, here's an end of a cable coming out of a big tangle under my desk. It must need plugged in...")

Separating broadcast domains into several VLAN's, like one per floor or some other logical separation, can limit the scope of a problem due to a switch loop. At least only one VLAN will be down and you have a narrower search area for the loop -- check the log on one or two switches instead of 20-30.

Computer Browser Won't Start

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters]

"MaintainServerList"="Yes"


If MaintainServerList is set to No, the service will start and immediately stop with a message on the screen something like "some services only start when they are needed..."

IE7 Restricted Sites

Our enterprise administrators have pushed out the Restricted Sites list in IE somehow.  After upgrading from IE6.x to IE7 this list's behavior appears to have changed.  I am being restricted from a site, but when I go through the hundred or so items on the restricted sites list, I don't find this one to remove it.  It has to be in there, but I can't see it.  I came across this helpful .INF that took care of my problems. ; DelDomains.inf © 11-28-04 | Revised 01-15-06 ; Created by: Mike Burgess  Microsoft MVP ; http://mvps.org/winhelp2002/ ; ; Warning: Deletes all entries in the Restricted & Trusted Zone list ; http://mvps.org/winhelp2002/restricted.htm ; ; Revised to include the EscDomains key ; ; To execute this file: in Explorer - right-click (this file) ; Select Install from the Menu. ; Note: you will not see any onscreen action. [version] signature="$CHICAGO$" [DefaultInstall] DelReg=DelTemps AddReg=AddTemps [DelTemps] HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges" HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges" HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains" ; Recreate the keys to avoid a restart [AddTemps] HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges" HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges" HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains"