List Naming Contexts

ntdsutil
ntdsutil: roles
fsmo maintenance: ?
fsmo maintenance: select opreation target
select operation target: Connections
server connections: connect to domain XXX.local
 --Binding to \\dc-server.XXX.local..
 --Connected to \\dc-server.XXX.local using credentials....
server connections: quit
select operation target: list naming contexts

trust relationship error

http://technet.microsoft.com/en-us/library/ee849847%28v=WS.10%29.aspx#!

The trust relationship between this workstation and the primary domain failed

http://blog.joeware.net/2012/06/05/2508/

Windows time sync

w32tm /config /manualpeerlist:"0.north-america.pool.ntp.org 1.north-america.pool.ntp.org" /syncfromflags:manual /reliable:yes /update

w32tm /query /peers

net stop w32time

net start w32time

Domain Local, Global and Universal group

To give users access to resources/objects, you could in principle put user accounts directly into the ACL's of the objects (files, printers,...) they need to use.  
  
Because of the number of users and objects in any non-trivial organization this would lead to an administrative nightmare.  
  
That is why security groups were introduced, as a kind of "in-between" between accounts and resources, to be able to organize things a little.  
  
Global Groups might also be called "Account Groups".  
  
They exist in the same domain as the (mostly user) accounts they contain, and can be grouped / nested among themselves (within their domain).  
  
Without forming cycles of course.  
  
(Domain) Local Groups might also be called "Permission Groups".  
  
They are used in the ACL's of all kind of objects (files, shares, printers, ans so on) to offer read, use, fullcontrol, ... access to the object.  
  
They can also be grouped and nested within the same domain.  
  
In order to authorize users to use resources, links (memberships) between Global (User) Groups and Local (Resource) Groups must be established.  
  
1) If there is only one domain involved, this can happen directly: make some global groups member of some local groups, and you're ready.  
  
2) If the users live in another domain than the resources they need, there are 2 possibilities:  
  
* There is sufficient trust between the domains:   
  
Then the global groups from one domain can be member of the local groups of the other domain. Ready.  
  
* There is not sufficient trust (or the trust relations would be to difficult to maintain):  
  
Then you use Universal Groups as the linking pin between globals and locals.  
  
These Universal Groups do not really belong to a specific domain, they live in the forest.  
  
I know Windows does not really enforce the approach described, you can deviate from it in different ways, but as far as I know this is the way it was meant to be used.  

Windows update error code 80072EE2 of Windows 2008 R2 running on Hyper V

Windows 2008 R2 has installed on Hyper V without problem but when trying to do windows update I got an "Windows could not search for new updates, An error occurred while checking for new updates for your computer. Error(s) found: Code 80072EE2" error message


None of these suggestions helped solve the connection problem. Error 0x80072ee2 was displayed after all attempts except one that works on my case.

It's simply to disable Large Sent Offload IP4 on NIC that assigned for VM that has error.

Teaming with Intel Pro/1000 MT Dual port PCX on Windows 2008 R2

Unfortunately Intel has stopped supporting teaming for their own network card Intel Pro/1000 MT Dual port PCX on Windows 2008 R2. Don't know why but they think it is not my business ...hmm
To overcome this issue I found a solution from great internet and would like brief it here for your guys

1. Download the Intel Networking solutions CD v15.3 from here: http://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&ProdId=879&DwnldID=19002&lang=eng
2. Extract the files
3. Use device manager to update the drivers for the Intel Pro1000 MT NICs. I had to do each independently.
4. You can now run the ProSet install from V15.3_CD\APPS\PROSETDX\Winx64\ProSetDX.msi and it will succeed.
5. You will now see the TABS for Teaming etc in the properties of the NIC via Device Manager.

You owe me a beer :-)

Intel stopped this CD for downloaded from their site. Don't know why?????? Try alternative link below
http://dl12.lostmydrivers.com/download/drivers/Intel/Network_Drivers/INTEL-PRO-1000-MT-DRIVER-15.3-WINDOWS-XP-32-64-2003-32-64-VISTA-32-64-7-32-64-WINDOWS-VISTA-WIN20/V15.3_CD.zip

Alternative way was tested and worked fine on my system
1. Download and install WinX64.exe driver from Intel
2. When it says "..no Intel adapter card found..." do not click on OK
3. Search for folder PRO1000. If you run as your domain administrator account it must be in C:\Users\Administrator.domain.local\AppData\Local.....
4. Copy parent folder of PRO1000 which includes other folders such as APPS,....
5. Click OK on the pop up window at step 2
6. Manual update driver for each Intel Pro 1000 MT adapter in Device Manager by using driver in PRO1000\Winx64\NDIS61
7. Run Intel WinX64.exe again and it will work