Delete Windows.Old Folder. Windows 10 update removed option to delete previous versions of Windows using Disk Cleanup

Essentially, it is necessary to take ownership of the Windows.old folder before you can delete it. It is currently owned by “System”.

Right-click on the “Windows.old” folder and click on “properties”.

Then click on the “Security” tab.

Select “Advanced”

Then click “Change”

Type in “administrator” or your current user. Then click “OK”.

Checkmark “Replace owner on subcontainers and objects”

There is another checkbox for having all explicitly set permissions to inherit from the parent object. Checkmark that as well.

Now you can go back to the folder and permanently delete the Windows.old folder by highlighting it and pressing shift+del. This will fully remove the Windows.old folder from your system.

Set Windows Clock to Match the Time of Another Host

Open an elevated command prompt.

w32tm /stripchart /computer:<target> /samples:<number> /dataonly

Then enter the host that you want to imitate in <target> and the number of samples that you want the target computer to return for <number>.

(Optionally) You may choose to sync with a manual peer list.

To do so:

w32tm /config /manualpeerlist:<peers> /syncfromflags:manual /reliable:yes /update

<peers> Specifies the list of DNS names or IP addresses for the NTP time source with which the PDC emulator synchronizes. (This list is referred to as the manual peer list.) For example, you can specify time.windows.com as the NTP time server. When you specify multiple peers, use a space as the delimiter and enclose the names of the peers in quotation marks.

Source: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731191(v=ws.10)

I had an issue with the DC not having the correct time. It was off by about 4 minutes and as any IT pro would well know that a clock that is off can wreak havoc on your network. Everything relies on synchronized clocks.

Logged on to the domain controller server and went into the date and time settings advanced panel. Ensured that the time was correct there.

Then to ensure that one of the remote clients was force updated I used this command:

net time \\<DC_name_or_IP> /set /y

Then the time was set correctly.

The DC is the main master clock for the network and it can be set manually or synchronized over the Internet using the Network Time Protocol (NTP). I was synchronizing with the time.windows.com but it was still off when I had run

w32tm /stripchart /computer:time.windows.com /dataonly

to see what was wrong. It was showing that the DC was off by 214 seconds. I readjusted the clock manually in the Date & Time settings.

Now I’m just waiting for propagation to the remainder of the network to get the correct time from the DC.

Unable to Set AD Security Group Permissions on Server after Recent domain Join

I had joined a workgroup file server to a domain. However, when I went into the security tab of a folder that I wanted to grant an AD security group to there had been no option of selecting any user or group from AD. Only local security groups or users could be selected.

Simply, by rebooting and waiting this issue corrected itself. I’m uncertain as to why but felt the need to document it. Hopefully, this helps someone else that had the same issue.

Also, please note that some users may lose their connection to the server. If they don’t already have duplicate security groups and users in AD (with assigned permissions to those same folders…How would they? They haven’t been added yet!) you will need to ensure that they access the mapped drives and saved “network locations”. To do this ensure that they are still using the local user on the server by using the username structure “<servername>\<username> and then the password of the local user account that has the access. This will help ease any migration pains.

Essentially, you can authenticate against the local users or Active Directory.

I wanted to give this an update where you may run into an issue that I have run into. If you have a domain-joined PC connecting as the Local User if it has the same credentials it will work but when the server is joined there will be a connection issue and will have to delete and re-add the mapped drive to the user settings.