Jan 05

WinRM would not listen on port 5985

The WinRM was configured to allow remote administration via a GPO but it wouldn’t let us connect with Enter-PSSession. The firewall rule was there passing the traffic on TCP port 5985.

Checking WinRM config showed something strange:

winrm enumerate winrm/config/listener

Listener [Source=”GPO”]
Address = *
Transport = HTTP
Port = 5985
Enabled = true
URLPrefix = wsman
ListeningOn = null

So WinRM was actually configured but wasn’t listening on any network interface. Why?

Continue reading

Dec 20

NTFRS: How to force SYSVOL replication

For those who still use NTFRS – as of KB823230 ntrfsutl can be used to force Sysvol replication:

ntfrsutl forcerepl DST_DC_NAME /r "domain system volume (sysvol share)" /p SRC_DC_FQDN

The replication path will be SRC_DC_FQDN > DST_DC_NAME

In fact ntfrsutl connects to DST_DC_NAME and “tells” NTFRS to pull Sysvol changes from its inbound partner SRC_DC_FQDN.

Feb 07

EFS recovery policy contains invalid recovery certificate

При опит за криптиране на произволен файл, използвайки EFS, получавате съобщение за грешка:


След преглед на System лога попадате на съобщението:

Event Type: Error
Event Source: EFS
Event Category: None
Event ID: 6028
Date:  05.02.2009
Time:  19:33:08
User:  N/A
Computer: XXXXXX
EFS recovery policy contains invalid recovery certificate.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Continue reading