This article describes the Windows Server 2008 read-only domain controller (RODC) compatibility pack for Windows Server 2003 clients and for Windows XP clients. This update addresses compatibility issues that occur with down-level clients that do not support Windows Server 2008 RODC features.

Back to the top

You do not necessarily have to apply this update before you can deploy a read-only domain controller. Sometimes, compatibility issues do not affect your deployment. Or, you may be able to use a workaround instead of applying the update.

The following sections describe the following items:

•	The symptom that is associated with each compatibility issue
•	The RODC deployment scenario in which the issue occurs and the clients that are affected by the issue
•	The issue's influence
•	A workaround for the issue, if a workaround is available

Back to the top

Issue 1

Symptom

If a client can access only read-only domain controllers, Windows Management Instrumentation (WMI) filters that are configured for Group Policy are not applied. Additionally, the Gpsvc.log file contains the following information:

GPSVC(410.8ec) 15:17:45:808 FilterCheck: Found WMI Filter id of: filter ID
GPSVC(410.8ec) 15:18:21:838 FilterCheck: Filter doesn't exist. Evaluating to false
GPSVC(410.8ec) 15:18:21:838 ProcessGPO: CheckFilterAcess failed for <cn=GUID,cn=policies,cn=system,DC=name,DC=name,DC=name,DC=com>. Filter not found
GPSVC(410.8ec) 15:18:21:838 CGPAdminEventInitFailure::Initialize(): FormatMessage failed to look up error code (0x80041002) due to error 317. Can not log error description.
GPSVC(410.8ec) 15:18:21:838 ProcessGPO: The GPO does not pass the filter check and so will not be applied.

Scenario and affected clients

This issue affects clients in a site that has only read-only domain controllers available.

Influence

The Group Policy object to which the WMI filters are linked may not be applied.

Workaround

No workaround is available for this issue.

Back to the top

Issue 2

Symptom

Internet Protocol security (IPsec) policies cannot be applied, and Win32 error code 8219 (ERROR_POLICY_OBJECT_NOT_FOUND) is returned when only Windows Server 2008 read-only domain controllers are available.

Scenario and affected clients

This issue affects clients in a site that has only read-only domain controllers available. Typically, this issue occurs in a branch office scenario.

Influence

Computers that are running Windows 2000, Windows XP, or Windows Server 2003 do not receive IPsec policies that are applied by a read-only domain controller.

Workaround

No workaround is available for this issue.

Back to the top

Issue 3

Symptom

Windows Server 2003 member computers and Windows XP member computers do not synchronize Win32 time with Windows Server 2008 read-only domain controllers.

Scenario and affected clients

This issue affects clients in a site that has only read-only domain controllers available. Typically, this issue occurs in a branch office scenario or in a perimeter network scenario in which a writable domain controller cannot be contacted.

Note A perimeter network is also known as "DMZ," "demilitarized zone," and "screened subnet."

Influence

If the time of services is severely asynchronous, you may receive error messages when you try to access resources on the network.

Workaround

To work around this issue, configure the client computers to synchronize time from another domain controller that is available on the network.

Back to the top

Issue 4

Symptom

Computers in a perimeter network cannot join the domain.

Scenario and affected clients

This issue affects clients in a site that has only read-only domain controllers available. Typically, this issue occurs in a branch office scenario or in a perimeter network scenario.

Influence

Computers cannot join the domain even though the computer account and the password are pre-populated on the read-only domain controller.

Workaround

To work around this issue, create firewall rules to enable a writable domain controller to be contacted.

Or, bridge the perimeter network and intranet networks. Do this only when your organization's policies allow for this operation.

Back to the top

Issue 5

Symptom

In a site that has only read-only domain controllers available, users try to change their passwords on computers that are running Windows 2000, Windows XP, or Windows Server 2003. When the users do this, the password change operation fails.

Scenario and affected clients

This issue affects clients in a site that has only read-only domain controllers available. Typically, this issue occurs in a perimeter network scenario.

Influence

Users cannot change their passwords.

Workaround

To work around this issue, create firewall rules to enable a writable domain controller to be contacted. Or, have the users change passwords by using a computer that is running Windows Vista or Windows Server 2008.

Back to the top

Issue 6

Symptom

Windows Server 2008 read-only domain controllers cannot retrieve or create the public key certificate by using the LsaRetrievePrivateData function or the LsaStorePrivateData function.

The call to the LsaRetrievePrivateData function finishes. However, a NULL value is returned for the private data.

The call to the LsaStorePrivateData function fails, and error code 0xc0000034 is returned.

Scenario and affected clients

This issue affects clients in a site that has only read-only domain controllers available. Typically, this issue occurs in a branch office scenario or in a perimeter network scenario.

Influence

The Data Protection API (DPAPI) on clients that can access only read-only domain controllers cannot decrypt master keys unless these clients previously contacted a writable domain controller and retrieved a public key certificate. Even though a writable domain controller is available, the DPAPI still cannot decrypt master keys if the nearest domain controller is a read-only domain controller.

Workaround

When the DPAPI tries to decrypt master keys, make sure that the client has access to only a writable domain controller.

Note Typically, the DPAPI tries to decrypt master keys during password changes.

Back to the top

Issue 7

Symptom

When you try to publish a printer, the published printer may not work correctly.

Scenario and affected clients

This issue affects clients in a site that has only read-only domain controllers available. Typically, this issue occurs in a branch office scenario.

Influence

If a read-only domain controller receives a request to publish a printer, the read-only domain controller forwards the request to a writable domain controller. The spooler tries to read from the read-only domain controller immediately after the write action is implemented. However, the spooler does this before the printer publish information is replicated to the read-only domain controller. Therefore, the publish operation fails.

Workaround

No workaround is available for this issue.

Back to the top

Issue 8

Symptom

In a site that has only read-only domain controllers available, you use the Find Printer dialog box on a client computer that is running Windows 2000, Windows XP, or Windows Server 2003. When you do this, the Find Printer dialog box stops responding.

Scenario and affected clients

This issue affects clients in a site that has only read-only domain controllers available. Typically, this issue occurs in a branch office scenario.

Influence

Users cannot find printers that are published in Active Directory Domain Services.

Workaround

No workaround is available for this issue.

Back to the top

Issue 9

Symptom

Active Directory Service Interfaces (ADSI) API functions in Windows Server 2003 and in Windows XP always send requests to a remote writable domain controller instead of to a local read-only domain controller.

Scenario and affected clients

This issue affects clients in a site that has only read-only domain controllers available. Typically, this issue occurs in a branch office scenario.

Influence

This issue causes unnecessary network traffic and access latency.

Workaround

Make sure that all clients have connectivity to a writable domain controller when these clients call ADSI API functions. Do this even if the function calls make only read operations.

Back to the top

Issue 10

Symptom

Domain controllers that are running Windows Server 2003 perform automatic site coverage for sites that have read-only domain controllers.

Scenario and affected clients

This issue affects domain controllers that provide automatic site coverage for other branch office sites. Typically, this issue occurs in a branch office scenario.

Influence

A domain controller that is running Windows Server 2003 may register its DNS SRV resource records for a site that contains a read-only domain controller. Therefore, the clients may not authenticate as expected with the local read-only domain controller.

Workaround

To work around this issue, use one of the following methods:

•	Make sure that only domain controllers that are running Windows Server 2008 are present in the site that is closest to the read-only domain controller site.
•	Disable automatic site coverage on domain controllers that are running Windows Server 2003.
•	Configure the weight or the priority of the DNS SRV records so that clients are more likely to authenticate with the read-only domain controller than with a remote Windows Server 2003 domain controller.
•	Use Group Policy settings to configure domain controller locator DNS records.

Back to the top

Update information

The following files are available for download from the Microsoft Download Center:

Update for Windows Server 2003
Download the Update for Windows Server 2003 package now. (http://www.microsoft.com/downloads/details.aspx?FamilyId=9AA16639-81A7-4CB4-B573-063CDE1C6AC3)

Update for Windows Server 2003 for Itanium-based systems
Download the Update for Windows Server 2003 for Itanium-based Systems package now. (http://www.microsoft.com/downloads/details.aspx?FamilyId=79870767-4B4C-4D05-8370-71CCACE66F03)

Update for Windows Server 2003 x64 Edition
Download the Update for Windows Server 2003 x64 Edition package now. (http://www.microsoft.com/downloads/details.aspx?FamilyId=9E20C893-9391-40EC-B47A-632DF6B5CDD1)

Update for Windows XP
Download the Update for Windows XP package now. (http://www.microsoft.com/downloads/details.aspx?FamilyId=7C1CB63F-7447-4DB3-AA3A-4C9DC9547B40)

Update for Windows XP x64 Edition
Download the Update for Windows XP x64 Edition package now. (http://www.microsoft.com/downloads/details.aspx?FamilyId=7A1F33EB-8206-4837-AB04-86A5AC8586B2)

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base: Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Back to the top

Windows XP update information

Prerequisites

To apply this hotfix, you must have Windows XP Service Pack 2 or Windows XP Service Pack 3 installed.

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Restart requirement

You must restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace a previously released hotfix.

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

Windows XP with Service Pack 2, x86-based versions

File name	File version	File size	Date	Time	Platform	SP requirement
Adsldp.dll	5.1.2600.3365	176,128	05-May-2008	11:08	x86	SP2
Adsmsext.dll	5.1.2600.3365	68,096	05-May-2008	11:08	x86	SP2
Dsuiext.dll	5.1.2600.3365	113,152	05-May-2008	11:08	x86	SP2
Gptext.dll	5.1.2600.3365	199,680	05-May-2008	11:08	x86	SP2
Localspl.dll	5.1.2600.3365	343,040	05-May-2008	11:08	x86	SP2
Lsasrv.dll	5.1.2600.3365	727,040	05-May-2008	11:08	x86	SP2
Msv1_0.dll	5.1.2600.3365	132,608	05-May-2008	11:08	x86	SP2
Netlogon.dll	5.1.2600.3365	407,040	05-May-2008	11:08	x86	SP2
Ntdsapi.dll	5.1.2600.3365	68,096	05-May-2008	11:08	x86	SP2
Policman.dll	5.1.2600.3365	92,672	05-May-2008	11:08	x86	SP2
W32time.dll	5.1.2600.3365	175,104	05-May-2008	11:08	x86	SP2
W32tm.exe	5.1.2600.3365	52,736	03-May-2008	10:15	x86	SP2
Wkssvc.dll	5.1.2600.3365	134,144	05-May-2008	11:08	x86	SP2

Windows XP with Service Pack 3, x86-based versions

File name	File version	File size	Date	Time	Platform	SP requirement
Adsldp.dll	5.1.2600.5582	176,128	17-Apr-2008	14:50	x86	SP3
Adsmsext.dll	5.1.2600.5582	68,096	17-Apr-2008	04:50	x86	SP3
Dsuiext.dll	5.1.2600.5582	113,152	17-Apr-2008	04:50	x86	SP3
Gptext.dll	5.1.2600.5582	199,680	17-Apr-2008	04:50	x86	SP3
Localspl.dll	5.1.2600.5582	343,040	17-Apr-2008	04:50	x86	SP3
Lsasrv.dll	5.1.2600.5582	728,064	17-Apr-2008	04:50	x86	SP3
Msv1_0.dll	5.1.2600.5594	132,608	05-May-2008	11:06	x86	SP3
Netlogon.dll	5.1.2600.5582	407,040	17-Apr-2008	04:50	x86	SP3
Ntdsapi.dll	5.1.2600.5582	68,096	17-Apr-2008	04:50	x86	SP3
Policman.dll	5.1.2600.5582	92,672	17-Apr-2008	04:50	x86	SP3
W32time.dll	5.1.2600.5582	175,104	17-Apr-2008	04:50	x86	SP3
W32tm.exe	5.1.2600.5594	52,736	03-May-2008	11:57	x86	SP3
Wkssvc.dll	5.1.2600.5582	134,144	17-Apr-2008	04:50	x86	SP3

Back to the top

Windows Server 2003 update information

Prerequisites

To apply this hotfix, you must have Windows Server 2003 Service Pack 1 or Windows Server 2003 Service Pack 2 installed.

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Restart requirement

You must restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace a previously released hotfix.

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

Windows Server 2003 with Service Pack 1, x86-based versions

File name	File version	File size	Date	Time	Platform	SP requirement
Adsldp.dll	5.2.3790.3123	178,176	21-Apr-2008	07:04	x86	SP1
Adsmsext.dll	5.2.3790.3123	69,632	21-Apr-2008	07:04	x86	SP1
Dsuiext.dll	5.2.3790.3123	119,808	21-Apr-2008	07:04	x86	SP1
Gptext.dll	5.2.3790.3123	235,008	21-Apr-2008	07:04	x86	SP1
Localspl.dll	5.2.3790.3123	348,672	21-Apr-2008	07:04	x86	SP1
Lsasrv.dll	5.2.3790.3123	822,784	21-Apr-2008	07:04	x86	SP1
Msv1_0.dll	5.2.3790.3123	144,896	21-Apr-2008	07:04	x86	SP1
Netlogon.dll	5.2.3790.3123	426,496	21-Apr-2008	07:04	x86	SP1
Ntdsa.dll	5.2.3790.3120	1,525,760	15-Apr-2008	10:20	x86	SP1
Ntdsapi.dll	5.2.3790.3123	73,728	21-Apr-2008	07:04	x86	SP1
Policman.dll	5.2.3790.3123	71,168	21-Apr-2008	07:04	x86	SP1
W03a2409.dll	5.2.3790.3090	29,696	14-Feb-2008	09:41	x86	SP1
W32time.dll	5.2.3790.3123	227,328	21-Apr-2008	07:04	x86	SP1
W32tm.exe	5.2.3790.3123	55,808	17-Apr-2008	11:22	x86	SP1
Wkssvc.dll	5.2.3790.3123	134,656	21-Apr-2008	07:04	x86	SP1

Windows Server 2003 with Service Pack 2, x86-based versions

File name	File version	File size	Date	Time	Platform	SP requirement
Adsldp.dll	5.2.3790.4275	178,688	21-Apr-2008	06:52	x86	SP2
Adsmsext.dll	5.2.3790.4275	69,632	21-Apr-2008	06:52	x86	SP2
Dsuiext.dll	5.2.3790.4275	119,808	21-Apr-2008	06:52	x86	SP2
Gptext.dll	5.2.3790.4275	235,008	21-Apr-2008	06:52	x86	SP2
Localspl.dll	5.2.3790.4275	342,528	21-Apr-2008	06:52	x86	SP2
Lsasrv.dll	5.2.3790.4275	815,616	21-Apr-2008	06:52	x86	SP2
Msv1_0.dll	5.2.3790.4275	143,360	21-Apr-2008	06:52	x86	SP2
Netlogon.dll	5.2.3790.4272	437,248	15-Apr-2008	10:07	x86	SP2
Ntdsa.dll	5.2.3790.4272	1,526,784	15-Apr-2008	10:07	x86	SP2
Ntdsapi.dll	5.2.3790.4272	73,216	15-Apr-2008	10:07	x86	SP2
Policman.dll	5.2.3790.4275	71,168	21-Apr-2008	06:52	x86	SP2
W32time.dll	5.2.3790.4275	227,328	21-Apr-2008	06:52	x86	SP2
W32tm.exe	5.2.3790.4275	55,808	17-Apr-2008	11:39	x86	SP2
Wkssvc.dll	5.2.3790.4275	134,656	21-Apr-2008	06:52	x86	SP2

Windows Server 2003 with Service Pack 1, Itanium-based versions

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Adsldp.dll	5.2.3790.3123	516,096	09-May-2008	08:17	IA-64	SP1	Not applicable
Adsmsext.dll	5.2.3790.3123	208,384	09-May-2008	08:17	IA-64	SP1	Not applicable
Dsuiext.dll	5.2.3790.3123	247,808	09-May-2008	08:17	IA-64	SP1	Not applicable
Gptext.dll	5.2.3790.3123	567,808	09-May-2008	08:17	IA-64	SP1	Not applicable
Localspl.dll	5.2.3790.3123	967,680	09-May-2008	08:17	IA-64	SP1	Not applicable
Lsasrv.dll	5.2.3790.3123	2,163,200	09-May-2008	08:17	IA-64	SP1	Not applicable
Msv1_0.dll	5.2.3790.3123	390,144	09-May-2008	08:17	IA-64	SP1	Not applicable
Netlogon.dll	5.2.3790.3123	989,696	09-May-2008	08:17	IA-64	SP1	Not applicable
Ntdsa.dll	5.2.3790.3120	4,276,736	09-May-2008	08:17	IA-64	SP1	Not applicable
Ntdsapi.dll	5.2.3790.3123	211,968	09-May-2008	08:18	IA-64	SP1	Not applicable
Policman.dll	5.2.3790.3123	258,048	09-May-2008	08:18	IA-64	SP1	Not applicable
W03a2409.dll	5.2.3790.3090	28,672	09-May-2008	08:18	IA-64	SP1	Not applicable
W32time.dll	5.2.3790.3123	578,560	09-May-2008	08:18	IA-64	SP1	Not applicable
W32tm.exe	5.2.3790.3123	139,264	09-May-2008	08:18	IA-64	SP1	Not applicable
Wkssvc.dll	5.2.3790.3123	326,656	09-May-2008	08:18	IA-64	SP1	Not applicable
Wadsldp.dll	5.2.3790.3123	178,176	09-May-2008	08:18	x86	SP1	WOW
Wadsmsext.dll	5.2.3790.3123	69,632	09-May-2008	08:18	x86	SP1	WOW
Wdsuiext.dll	5.2.3790.3123	119,808	09-May-2008	08:18	x86	SP1	WOW
Wgptext.dll	5.2.3790.3123	235,008	09-May-2008	08:18	x86	SP1	WOW
Wmsv1_0.dll	5.2.3790.3123	144,896	09-May-2008	08:18	x86	SP1	WOW
Wnetlogon.dll	5.2.3790.3123	426,496	09-May-2008	08:18	x86	SP1	WOW
Wntdsa.dll	5.2.3790.3120	1,525,760	09-May-2008	08:18	x86	SP1	WOW
Wntdsapi.dll	5.2.3790.3123	73,728	09-May-2008	08:18	x86	SP1	WOW
Ww03a2409.dll	5.2.3790.3090	29,696	09-May-2008	08:18	x86	SP1	WOW
Ww32time.dll	5.2.3790.3123	227,328	09-May-2008	08:18	x86	SP1	WOW
Ww32tm.exe	5.2.3790.3123	55,808	09-May-2008	08:18	x86	SP1	WOW

Windows Server 2003 with Service Pack 2, Itanium-based versions

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Adsldp.dll	5.2.3790.4275	516,096	09-May-2008	08:24	IA-64	SP2	Not applicable
Adsmsext.dll	5.2.3790.4275	208,384	09-May-2008	08:24	IA-64	SP2	Not applicable
Dsuiext.dll	5.2.3790.4275	247,808	09-May-2008	08:24	IA-64	SP2	Not applicable
Gptext.dll	5.2.3790.4275	568,320	09-May-2008	08:24	IA-64	SP2	Not applicable
Localspl.dll	5.2.3790.4275	968,192	09-May-2008	08:24	IA-64	SP2	Not applicable
Lsasrv.dll	5.2.3790.4275	2,165,248	09-May-2008	08:24	IA-64	SP2	Not applicable
Msv1_0.dll	5.2.3790.4275	390,144	09-May-2008	08:24	IA-64	SP2	Not applicable
Netlogon.dll	5.2.3790.4272	989,696	09-May-2008	08:24	IA-64	SP2	Not applicable
Ntdsa.dll	5.2.3790.4272	4,279,808	09-May-2008	08:25	IA-64	SP2	Not applicable
Ntdsapi.dll	5.2.3790.4272	211,968	09-May-2008	08:25	IA-64	SP2	Not applicable
Policman.dll	5.2.3790.4275	258,048	09-May-2008	08:25	IA-64	SP2	Not applicable
W32time.dll	5.2.3790.4275	578,560	09-May-2008	08:25	IA-64	SP2	Not applicable
W32tm.exe	5.2.3790.4275	139,264	09-May-2008	08:25	IA-64	SP2	Not applicable
Wkssvc.dll	5.2.3790.4275	326,656	09-May-2008	08:25	IA-64	SP2	Not applicable
Wadsldp.dll	5.2.3790.4275	178,688	09-May-2008	08:25	x86	SP2	WOW
Wadsmsext.dll	5.2.3790.4275	69,632	09-May-2008	08:25	x86	SP2	WOW
Wdsuiext.dll	5.2.3790.4275	119,808	09-May-2008	08:25	x86	SP2	WOW
Wgptext.dll	5.2.3790.4275	235,008	09-May-2008	08:25	x86	SP2	WOW
Wmsv1_0.dll	5.2.3790.4275	143,360	09-May-2008	08:25	x86	SP2	WOW
Wnetlogon.dll	5.2.3790.4272	437,248	09-May-2008	08:25	x86	SP2	WOW
Wntdsa.dll	5.2.3790.4272	1,526,784	09-May-2008	08:25	x86	SP2	WOW
Wntdsapi.dll	5.2.3790.4272	73,216	09-May-2008	08:25	x86	SP2	WOW
Ww32time.dll	5.2.3790.4275	227,328	09-May-2008	08:25	x86	SP2	WOW
Ww32tm.exe	5.2.3790.4275	55,808	09-May-2008	08:25	x86	SP2	WOW

Windows Server 2003 with Service Pack 1, x64-based versions

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Adsldp.dll	5.2.3790.3123	342,016	09-May-2008	08:17	x64	SP1	Not applicable
Adsmsext.dll	5.2.3790.3123	105,472	09-May-2008	08:17	x64	SP1	Not applicable
Dsuiext.dll	5.2.3790.3123	149,504	09-May-2008	08:17	x64	SP1	Not applicable
Gptext.dll	5.2.3790.3123	326,656	09-May-2008	08:17	x64	SP1	Not applicable
Localspl.dll	5.2.3790.3123	750,080	09-May-2008	08:17	x64	SP1	Not applicable
Lsasrv.dll	5.2.3790.3123	1,566,720	09-May-2008	08:17	x64	SP1	Not applicable
Msv1_0.dll	5.2.3790.3123	260,608	09-May-2008	08:17	x64	SP1	Not applicable
Netlogon.dll	5.2.3790.3123	690,176	09-May-2008	08:17	x64	SP1	Not applicable
Ntdsa.dll	5.2.3790.3120	2,969,600	09-May-2008	08:17	x64	SP1	Not applicable
Ntdsapi.dll	5.2.3790.3123	132,608	09-May-2008	08:17	x64	SP1	Not applicable
Policman.dll	5.2.3790.3123	131,072	09-May-2008	08:17	x64	SP1	Not applicable
W03a2409.dll	5.2.3790.3090	30,208	09-May-2008	08:17	x64	SP1	Not applicable
W32time.dll	5.2.3790.3123	407,552	09-May-2008	08:17	x64	SP1	Not applicable
W32tm.exe	5.2.3790.3123	79,360	09-May-2008	08:17	x64	SP1	Not applicable
Wkssvc.dll	5.2.3790.3123	228,352	09-May-2008	08:17	x64	SP1	Not applicable
Wadsldp.dll	5.2.3790.3123	178,176	09-May-2008	08:17	x86	SP1	WOW
Wadsmsext.dll	5.2.3790.3123	69,632	09-May-2008	08:17	x86	SP1	WOW
Wdsuiext.dll	5.2.3790.3123	119,808	09-May-2008	08:17	x86	SP1	WOW
Wgptext.dll	5.2.3790.3123	235,008	09-May-2008	08:17	x86	SP1	WOW
Wmsv1_0.dll	5.2.3790.3123	144,896	09-May-2008	08:17	x86	SP1	WOW
Wnetlogon.dll	5.2.3790.3123	426,496	09-May-2008	08:17	x86	SP1	WOW
Wntdsa.dll	5.2.3790.3120	1,525,760	09-May-2008	08:17	x86	SP1	WOW
Wntdsapi.dll	5.2.3790.3123	73,728	09-May-2008	08:17	x86	SP1	WOW
Ww03a2409.dll	5.2.3790.3090	29,696	09-May-2008	08:17	x86	SP1	WOW
Ww32time.dll	5.2.3790.3123	227,328	09-May-2008	08:17	x86	SP1	WOW
Ww32tm.exe	5.2.3790.3123	55,808	09-May-2008	08:17	x86	SP1	WOW

Windows Server 2003 with Service Pack 2, x64-based versions

File name	File version	File size	Date	Time	Platform	SP requirement	Service branch
Adsldp.dll	5.2.3790.4275	342,016	09-May-2008	08:24	x64	SP2	Not applicable
Adsmsext.dll	5.2.3790.4275	105,472	09-May-2008	08:24	x64	SP2	Not applicable
Dsuiext.dll	5.2.3790.4275	149,504	09-May-2008	08:24	x64	SP2	Not applicable
Gptext.dll	5.2.3790.4275	327,168	09-May-2008	08:24	x64	SP2	Not applicable
Localspl.dll	5.2.3790.4275	750,080	09-May-2008	08:24	x64	SP2	Not applicable
Lsasrv.dll	5.2.3790.4275	1,567,232	09-May-2008	08:24	x64	SP2	Not applicable
Msv1_0.dll	5.2.3790.4275	260,608	09-May-2008	08:24	x64	SP2	Not applicable
Netlogon.dll	5.2.3790.4272	690,176	09-May-2008	08:24	x64	SP2	Not applicable
Ntdsa.dll	5.2.3790.4272	2,971,136	09-May-2008	08:24	x64	SP2	Not applicable
Ntdsapi.dll	5.2.3790.4272	132,608	09-May-2008	08:25	x64	SP2	Not applicable
Policman.dll	5.2.3790.4275	131,072	09-May-2008	08:25	x64	SP2	Not applicable
W32time.dll	5.2.3790.4275	407,552	09-May-2008	08:25	x64	SP2	Not applicable
W32tm.exe	5.2.3790.4275	79,360	09-May-2008	08:25	x64	SP2	Not applicable
Wkssvc.dll	5.2.3790.4275	228,352	09-May-2008	08:25	x64	SP2	Not applicable
Wadsldp.dll	5.2.3790.4275	178,688	09-May-2008	08:25	x86	SP2	WOW
Wadsmsext.dll	5.2.3790.4275	69,632	09-May-2008	08:25	x86	SP2	WOW
Wdsuiext.dll	5.2.3790.4275	119,808	09-May-2008	08:25	x86	SP2	WOW
Wgptext.dll	5.2.3790.4275	235,008	09-May-2008	08:25	x86	SP2	WOW
Wmsv1_0.dll	5.2.3790.4275	143,360	09-May-2008	08:25	x86	SP2	WOW
Wnetlogon.dll	5.2.3790.4272	437,248	09-May-2008	08:25	x86	SP2	WOW
Wntdsa.dll	5.2.3790.4272	1,526,784	09-May-2008	08:25	x86	SP2	WOW
Wntdsapi.dll	5.2.3790.4272	73,216	09-May-2008	08:25	x86	SP2	WOW
Ww32time.dll	5.2.3790.4275	227,328	09-May-2008	08:25	x86	SP2	WOW
Ww32tm.exe	5.2.3790.4275	55,808	09-May-2008	08:25	x86	SP2	WOW

Back to the top

About WMI filters

You can use a WMI filter to specify criteria that must be met before the linked Group Policy object is applied to a computer. The WMI filter can filter the computers to which you want to apply the Group Policy settings so that you do not have to subdivide your organizational unit.

Back to the top

How to enable logging in the Gpsvc.log file

To enable logging in the Gpsvc.log file, follow these steps.

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:

1.	Click Start, click Run, type regedit, and then click OK.
2.	Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion
3.	On the Edit menu, point to New, and then click Key.
4.	Type Diagnostics, and then press ENTER.
5.	Right-click the Diagnostics subkey, point to New, and then click DWORD Value.
6.	Type GPSvcDebugLevel, and then press ENTER.
7.	Right-click GPSvcDebugLevel, and then click Modify.
8.	In the Value data box, type 0x30002, and then click OK.
9.	Exit Registry Editor.
10.	At a command prompt, type the following command, and then press ENTER: gpupdate /force
11.	View the Gpsvc.log file in the following folder: %windir%\debug\usermode

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

Back to the top