Clear Printer Queue

a)   Click on Windows Vista/Windows 7 Start orb and type Command in start menu search field.
b)   From the list select and right-click Command Prompt and select Run as administrator.
      (This will give you an elevated command prompt).
c)    Type “net stop spooler” into command prompt window without the quotes and
       then press Enter.
       You should get a confirmation that the print spooler is stopping.
d)   Then type “del %systemroot%\System32\spool\prtiners\* /Q” without the quotes
       then press Enter.
e)   Then type “net start spooler” without the quotes and then press Enter.
f)    Type exit and press Enter to exit the elevated command window.

User profile service 1530 Warning

Symptom

==========
Customer has user profile service 1530 Warning in application log. Customer would like to know what is the reason of this issue.

Cause
======

This behavior occurs because Windows automatically closes any registry handle to a user profile that is left open by an application

Resolution

===========
This behavior is by design. 

Getting event ID 64 with the event source CertificateServicesClient-AutoEnrollment

Event Source:  CertificateServicesClient-AutoEnrollment

Event ID:  64

Description:  Certificate for local system with Thumbprint [CERTIFICATE THUMBPRINT] is about to expire or already has expired.

Cause

========

It appears that the CA that issued the Server certificates had been removed from the network and these expired certificates where left in the local computer certificate store.

Resolution

===========

1.  Logon to the Server.

2.  Type in:  MMC

3.  Click on File menu option and select Add/Remove Snap-in.

4.  Select Certificate and click the Add button.

5.  Select Computer account, then Next.

6.  Click on Local Computer and click on the Finish button.

7.  Click the OK button.

8.  Once the certificates MMC is click on:  Certificates (Local Computer)\Personal

9.  Delete all the expired certificates. 

Getting event id 1008 for missing .NET Performance counters

Confirmed that some .NET counters were missing in Performance monitor

Applied the following steps to re-register the missing .NET Performance counters

- Ran command prompt with elevated privileges

Cd C:\Windows\Inf\.NETFramework

lodctr corperfmonsymbols.ini

Cd C:\Windows\Inf\.NET CLR Data

lodctr _DataPerfCounters.ini

Cd C:\Windows\Inf\.NET CLR Networking

lodctr _Networkingperfcounters_v2.ini

Cd C:\Windows\Inf\.NET Data Provider for SqlServer

lodctr _dataperfcounters_shared12_neutral.ini

Cd C:\Windows\Inf\.NET Data Provider for Oracle

lodctr _DataOracleClientPerfCounters_shared12_neutral.ini

Need to know the impact of remoe Domain users group from Local users Groups

When we join a computer to a domain, the Domain Users group will be added to the local users group of the computer automatically. Besides, the local users group also includes the other two groups: Authenticated Users group and INTERACTIVE group.
Even you delete Domain Users group from local users group, Domain Users group still belongs to Authenticated Users group, which means Domain Users group is still a member of local users group due to inheritance. You may also delete Authenticated Users group from local users group, however, when you logon by a domain user interactively, the domain user is a member of INTERACTIVE group, thus it is also a member of local users group. If you even delete the INTERACTIVE group from local users group, the domain users won’t be able to logon to this computer interactively. And I believe to delete these 3 groups from the local users group is a big change, and can probably cause a lot of potential issue. 

Domain Users
===============
This group contains all domain users. By default, any user account created in the domain becomes a member of this group automatically. This group can be used to represent all users in the domain. For example, if you want all domain users to have access to a printer, you can assign permissions for the printer to this group (or add the Domain Users group to a local group, on the print server, that has permissions for the printer).

Users (Local)
===============
Members of this group can perform common tasks, such as running applications, using local and network printers, and locking the server. Users cannot share directories or create local printers. By default, the Domain Users, Authenticated Users, and Interactive groups are members of this group. Therefore, any user account created in the domain becomes a member of this group.

Permission: Access this computer from the network. Allow log on locally; Bypass traverse checking.


Impact of removing the domain users from "Local users and group\Groups\Users"  of a member server.

1: None of the domain users can access that computer until unless you grant permission to the specific user on  the computer. 
2: None of the domain users can access the sharers of that computer, until unless you grant them permission explicitly. 

As the requirement was to remove the domain users group permanently from access list  ( should not get read and execute permission) and not to remove the permission explicitly, while you share a folder, you can go and remove the domain user group from the “local users and groups\groups\users” group. 

NOTE: Please make sure that, you add the specific users and grant permissions explicitly,  who should have access to that computer. Please do not remove the “domain users” from the users group of the local computer if it’s a Domain controller. 


Articles
========
Default Domain Groups: http://technet.microsoft.com/en-us/library/cc756898(WS.10).aspx
Default Local Groups: http://technet.microsoft.com/en-us/library/cc785098(WS.10).aspx