Set the default Organisational Unit for New Computers in Windows Server

Once you have your domain and group policies set up, it can become frustrating to constantly have to remember to move a new computer into the correct OU.

Luckily in Windows 2003 and above, you can set a default OU:

<code>redircmp ou=ComputersOU,dc=mydomain,dc=com</code>

Remember to replace the path with your own domain’s OU path. Also, your domain has to be running in at least Windows Server 2003 native mode – otherwise you will receive an error:

Error, unable to modify the wellKnownObjects attribute. Verify that the domain functional level of the domain is at least Windows Server 2003:
Unwilling To Perform
Redirection was NOT successful.

To change this:

  • On the server go to Administrative Tools > Active Directory Domains and Trusts.
  • Right-click on your domain name, and click on Raise Domain Functional Level.
  • Set the domain level to at least 2003

Now you should be ready to go!

Getting that SQL Server 2008 to Work out of the box

I had to set up a new SQL Server database, which I haven’t done in a while as I tend to focus my efforts on mySQL. Nevertheless I needed to get grip on a new site to migrate.

After setting most things up, I managed to get to a point where the database wasn’t starting.

Microsoft OLE DB Provider for SQL Server error ‘80004005’

[DBNETLIB][ConnectionOpen (PreLoginHandshake()).]General network error. Check your network documentation.

I really love unhelpful messages. Anyway, after some head scratching I foundĀ an article on on the Microsoft Forums from a chap with a similar issue.

To fix the problem, I loaded up the SQL Server Configuration Manager, and expanded SQL Server Network Configuration. Under Protocols for MSSQLSERVER (this is the instance name of the server), I enabled TCP/IP. The error went away. Tada!

I suppose it would help to read the documentation thoroughly – but I got to where I needed to be anyway. I imagine that it makes sense to disable TCP/IP connections until you’re happy that the server is secure. Even so, I was making connections from the localhost, so I would have expected it to work.

Trouble installing Sharepoint on a fresh Windows Server 2003 SP2

When installing Sharepoint 3.0 Service Pack 1 onto a fresh Windows Server 2003 installation, you can sometimes fall foul of Sharepoint complaining that 2 is not installed:

“This product requires ASP.NET v2.0”

I found the solution over at Sharepoint Blogs. Run the following command on the server:

<code> C:\Windows\\Framework\v2.0.50727\Aspnet_regiis.exe -i </code>

This will register .NET 2 with IIS and you should be able to use Sharepoint properly from that point on.

Don’t hide my announcements!

I’ve been playing with the different views in Sharepoint, trying to sort out the Intranet homepage over at St. Peter’s.

The problem they have is that they don’t want announcements to appear on the main screen, but they also don’t want to have to click through to read the announcements.

I set up a new view using just the headers and the creation date, which seemed to be fine until Jason posted an announcement to say that the front page had been changed. Humorously, this didn’t actually appear.

After emailing me, I discovered that if I set the view to not show posts that have expired, I automatically exclude posts with no expiry date. Somewhat of a nuisance as the there is nothing in sharepoint that allows you to check for null dates.

A quick Google later, and I found This Much I Know, which pointed me in the direction of creating a calculated column and then putting some code to place a new date in, if the expiry is blank.

=OR([Expires] = "", [Expires] >= [Today])

After a bit of to-ing and fro-ing, I found where you create those columns and set it up. I reset the view on the front page, and voila! It worked.

Office 2007 Deployment Computer Startup Scripts

Now that MS Office 2007 is doing the rounds, I suppose it’s time to lookat some of its shortcomings.

It has a few when it comes to deployment. The biggest nuisance being deployment.

You have four options:

  • Install it on a PC manually (not great)
  • Deploy through group policy with no customisations
  • Use a deployment system such as SMS
  • Use a computer startup script

You may as well just say “no” to the first one. Anything more than a handful of PCs and you have a tedious task.

Group Policy has always been my method of choice. Most of my clients have less than 100 PCs, so Group Policy deployment is ideal. But as pointed out in the list, you cannot customise the installation with any defaults.

SMS is out. It’s not worth explaining to clients why it’s a good idea to buy software that makes my life easier. Even though the effort and management might simplify things somewhat.

So we’re stuck with computer startup scripts. Another method I hate – but if you want to control Office Deployments, then this is the way to do it. Thankfully, Aaron Parker has posted some startup scripts to help with this using the MSP method.

If you are using a network with WSUS, then updates become a non-issue, and I think that the only time to need to redeploy is if you decide to change the application packages that you want. At which point, you could check that executables of the programs exist or record your own registry entries that you can check for.

It’s not a great method (I’ve managed to avoid having to use ANY computer startup scripts in 2000-based networks) – but there’s no reason why it shouldn’t work. Especially if you make sure to use the quiet options in the Setup /admin tool.

Office, eh?

Active Directory Recovery Guide

I’ve been having numerous errors in the event log appearing on one of my servers from the ESENT service:

Event Type: Error
Event Source: ESENT
Event Category: Database Corruption
Event ID: 467
Date: 18/05/2007
Time: 09:33:06
User: N/A
Computer: SERVER123
ntfrs (5660) Index GChangeOrderGuid of table OUTLOGTable00002 is corrupted (0).

For more information, see Help and Support Center at

These errors are appearing regularly, and contain various tables with problems.

After scouring and the Microsoft support site – I eventually found a very useful Powerpoint presentation that outlines various methods of recovering poorly or corrupt active directory databases.

Although not a specific answer to the problem, it does provide useful guidelines in the best practices for repairing or reinstalling and domain controller, as well as some useful advice such as carrying out a metadata cleanup.

I’ll be following the guide to try and resolve the database errors on this server, and hopefully it will work out nicely.