Quantcast
Channel: Directory Services forum
Viewing all 31638 articles
Browse latest View live

prefix of email addresses appears in CAPS. How do I make it in lower case,

November 25, 2018, 1:33 am
$
0
0

I have a client who have this strange not causing any issues with services yet a problem. All the users email addresses have prefix in capital letters for instance USER@contosso.com and need it to be user@contosso.com. I am well aware that email addresses are not case sensitive but still need it in lowercase. 

I've checked in AD, OWA mailbox policy and Email address policy in office 365 but I couldn't find anything helpful.

Everything appears to be in place but still prefix of the SMTP address appears in CAPS.

Any help is appreciated.

Search

How to run specific application like IIS without administrator rights

November 26, 2018, 12:42 am
$
0
0

Hi

We have setup AD DS and apply GPO.

Users systems are joined to domain also.

There are some application like IIS which are currently running as administrator.

I dont want to run IIS or like applicatiions as administrator.

How I create a GPO so that domain users can run these type of applications without administrator rights.

Also I don't want to give users Domain Admin rights.

AD Cloud deployment guidance.

November 28, 2018, 3:45 am
$
0
0

Hi Guys,
Bare with me I won't be as technical as even a fraction of you here.

I am looking at deploying a completely new windows environment DC/AD etc. There is currently no infrastructure setup and I have been looking at different deployment possibilities. Would be looking at setting this up for multiple sites in the UK, NY & LA

I am looking at possibly a hybrid solution (On-Prem & Cloud) via AWS or Azure. Firstly as I haven't been exposed to a windows domain environment hosted in either, does anyone have any recommendations or insight into either they could share? 

Secondly, I was wondering if there was a purely cloud-based option using VM's in either AWS or Azure? I am obviously opposed to setting up such an environment due to low guaranteed availability & bandwidth constraints of everything using the IGW.

The business would like the possibility explored and there are multiple DaaS which don't offer GPO, which is a deal breaker.

Users:

UK - 70, NY - 15, LA - 8

No existing domain or windows services currently running (Except DNS)

If you need to know anything to get a better feel of our need please ask.

Windows Server 2016 out of its domain not allowing anyone to log in to it neither AD users nor local users.

November 27, 2018, 8:56 am
$
0
0
This morning the server was preventing users from logging in so I went to check and according to the attachments I will post down below It appears online and responds to ping requests, but on its screen it does not have any available network connections and does not allow Administrator log on neither AD users to log in to the network nor access the folders because it says something is wrong with their credentials, which in fact is not. Somehow the server left the domain and maybe it's on a private network I suppose.

What has already been done:

Start with the last valid configuration (not resolved)

Log in safe mode (starts in protected mode and does not let the administrator do anything)

What was not done:

Exploit to Reset Password with Vulnerability CVE-2017-0213_x64
Other Hacking Methods ...

Frequently Asked Questions:
Is the server licensed? Yes, It is.

What is the Server Version?
Windows Server 2016 Standard

Does the server have UserCals and Are they properly registered and enabled?
Yes.

Is the network cable connected to the server?
Yes

Is the Switch Connected to Computers?
Yes

The network cables have signal?
Yes

Am I on the same server network?
Yes

Am I entering my credentials incorrectly?
No

LINKS from the GOOGLE DRIVE folder once the screenshots are hosted:
NOTE: MSDN site is not hosting images at the time of this post.

LINK safe for pictures.
https://drive.google.com/open?id=1rYDardwkLOBfIjqzG-aKenjsw9y6pT9-

Duplicate UPN Suffixes shows in Windows 2012 AD Domain and Trust.

November 19, 2018, 11:37 pm
$
0
0

Hi,

I have AD 2012 environment where for my couple of trusted domain i could find Duplicate UPN Suffixes. I am not aware if those are legitimate or can be removed safely.

Cancel AD DS Promotion on Windows Server 2016

November 26, 2018, 8:04 am
$
0
0

On one of our servers, somebody (who probably only was supposed to install the AD Management Tools), instead decided to install the AD DS Role on one of our Windows Server 2016 boxes!

At the moment, it displays (in Server Manager):

"Post-deployment Configuration:

Configuration required for Active Direct Domain Services at <servername>

Promote this server to a domain controller"

Can we just remove the AD DS Role, or do we have to continue with the promotion to a DC and then demote it afterwards?

Many thanks.

new RODC in other site: LDAP Error 81(0x51): Server Down

November 27, 2018, 7:22 am
$
0
0

Hi,

I installed a new RODC in an other site and when I know try to do the replication from one of my existing DC in my site:

Repadmin /showrepl DC

    LDAP Error 81(0x51): Server Down
    Server Win32 Error 0(0x0):
    Extended Information:

Repadmin /bind

LDAP Error 81(0x51): Server Down
Server Win32 Error 0(0x0):
Extended Information:

I'm able to start the replication from the RODC through Sites and Services, but not from my local DC.

I got the error rpc Server not available.

Conflict in domain name between two containers Users and Builtin

November 27, 2018, 11:52 am
$
0
0

We have windows server 2016 installed with ADDS running on it. Last year they have upgraded the server from Windows 2008 R2 to Windows 2016 during this process they have renamed the server name eg:test (old server name) to test1. Now in our ADDS if  groups inside "builtin" container are added in NTFS permission on a folder shows new domain name eg: test1\Users,but when Domain Admin group in "Users" container added to NTFS shows test\Domain Admins(olddomain name).But the members of Domain Admin group are not able to access the folders though the group as full previledges on the folder. When same user added to Users group inside the Buildin container the  members are able to access it. I predict this is because of the naming conflict between the two container and I am not really aware of the process they have taken during the migration.Please provide your valuable advice and  on how to approach this issue.



Search

User rights to download

November 6, 2018, 1:02 pm
$
0
0
The Users in my Domain only have User rights. However some of our users needs rights to be able to download files from the Internet and open them. They cannot do that with user rights. They get prompted for an Admin login everytime. What group can I add them to that will still restrict them from doing anything malicious but yet allow them to download and execute files??

Support analyst

Active Directory extensible match

November 19, 2018, 12:00 am
$
0
0

Hello, All!

How i can found users in some OU in domain in case when bindDN it is a root of domain?

As far as i understand i must use https://ldapwiki.com/wiki/LDAP_MATCHING_RULE_DN_WITH_DATA for this.

I'm stuck at creating filter. My variant is:

(Common-Name:1.2.840.113556.1.4.2253:=S:4:myou:dc=td,dc=local)

What i must use at place where "Common-Name"?

What i must use at place where "S:4:myou"?

Will be glad for any information related to this issue.


Active Directory services error

November 19, 2018, 1:13 am
$
0
0

Dear Team,

This is sateesh here, whenever we are trying to do changes on group policy on windows server 2008R2 we are getting below message error popup on screen.

Error Popup : Unhandled exception has occurred in a component in your application if you click continue. the application will ignore this error and attempt to continue. 

the process cannot access the file because it is being used bye another process (Exception from HRESULT :0X80070020).

Note : after clicking continue also policy is not getting applied please help me to resolve this. 




Between Forest & child domain maximum latency

November 23, 2018, 10:43 am
$
0
0

Dear Team,

please give me best suggestion. 

forest domain PDC is in mail  office.

child domain pdc in in branch office.

both ip ping response TTL 60 to 100,  it is ok ?

we will deploy like this ?

then what is the maximum TTL will support ?

Regards, Pradhap P

powershell active directory module for windows server 2008

November 29, 2018, 4:37 am
$
0
0

Dear Team,

please help us to install powershell active directory module for windows server 2008.

Regards, Pradhap P

New DC's in an old broken environment

November 29, 2018, 5:11 am
$
0
0

I've had a look at other topics on this but none seem to answer my query completely.

We have two DC's that have multiple profile problems so after a lot of thought and planning we've decided to build two new ones. 

The current DC's are on server 2012 R2 but have the 2008 configuration as they were moved over in a "as is" state. They are VM's sitting on the local Hyper-V hosts. The site has a cluster environment complete with several VM's including a 2016 Exchange server. 

The new DC's will be Server 2016 Standard VM's also sitting on the 2 HV hosts. 

I need a little guidance on what is the best way to introduce the two new servers - add a new domain or bring in the new one to the broken domain?

Adding the new DC's to the existing domain will just copy all the problems across with it won't it? 

A tidy up will be completed but I can't see doing it like this would be beneficial. AD will be cleaned up after this removing old users etc and new profile (Roaming) locations on the new file server will be created. User data will then be moved to the new File server.

The other way is to create a new domain, enable a trust between them and build AD from scratch. However, this is a cluster environment so not sure how this would work when it comes to demoting the old DC's. What if we lose connection completely? We'll obviously need to manually add in PC's to the new domain but it's the cluster and current setup I'm concerned about.

Having said that I think having a new domain is a better option so it doesn't pull the rubbish over but I don't know enough about it to make a decision.

The time line is to complete before the end of this year so any help here would be greatly received.

Many thanks

Azure AD Connect Microsoft PolicyKeyService Certificate Authority

August 14, 2017, 12:11 am
$
0
0

Dear All,

Since a few weeks (after some adjustments in SCOM) we receive several alerts on Azure AD Connect Servers (different tenants) regarding a certificate warning.

Apparently Azure AD Connect uses/generates this certificate. Certificate information:

Issuer: Microsoft PolicyKeyService Certificate Authority
Validity Period: 2 years
Hashing algorithm: SHA512

On the Certification path tab it shows "The issuer of this certificate could not be found", which causes the SCOM alerts. I presume this is a self signed certificate, since it's the only item in the chain on the cert path tab.

If somebody could enlighten me with what purposes this certificate is serving, and how to resolve the warning?

Thanks in advance!

Nichola


Search

No NETLOGON or SYSVOL Shares in New Domain Controller

November 29, 2018, 7:03 am
$
0
0

I have a Server 2016 functional level AD with 2 DCs.  Couple months ago I installed the second DC and only recently realized it lacks the NETLOGON and SYSVOL shares.  Last night I demoted the DC and removed the ADDS role.  Then re-added the ADDS role and promoted the server to a DC.  This was all done with no 3rd party firewall and the windows firewall off, and being logged on as a Domain Admin.  DCdiag throws errors about replication not working.  I have been unable to get to the root cause of those errors.  What do I need to do to make this DC healthy?  Below are some interesting parts of dcdiag /v.  Thanks.

Doing primary tests

   Testing server: Default-First-Site-Name\DC2
      Starting test: Advertising
         Warning: DsGetDcName returned information for \\DC1.1roof.club, when we were trying to reach DC2.
         SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
         ......................... DC2 failed test Advertising
      Test omitted by user request: CheckSecurityError
      Test omitted by user request: CutoffServers
      Starting test: FrsEvent
         * The File Replication Service Event log test
         Skip the test because the server is running DFSR.
         ......................... DC2 passed test FrsEvent
      Starting test: DFSREvent
         The DFS Replication Event Log.
         There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL
         replication problems may cause Group Policy problems.
         A warning event occurred.  EventID: 0x80001780
            Time Generated: 11/28/2018   20:36:24
            Event String:
            The DFS Replication service failed to update configuration in Active Directory Domain Services. The service will retry this operation periodically.

            Additional Information:
            Object Category: msDFSR-LocalSettings
            Object DN: CN=DFSR-LocalSettings,CN=DC2,OU=Domain Controllers,DC=1roof,DC=club
            Error: 2 (The system cannot find the file specified.)
            Domain Controller: DC1.1roof.club
            Polling Cycle: 60
         A warning event occurred.  EventID: 0x80001A94
            Time Generated: 11/28/2018   20:36:24
            Event String:
            The DFS Replication service has detected that no connections are configured for replication group Domain System Volume. No data is being replicated for this replication group.

            Additional Information:
            Replication Group ID: 7FD194A9-775D-449E-8B3B-A13EDD301AFC
            Member ID: 5B54B1BE-2BDE-4856-8383-57F93F2BB38A
         A warning event occurred.  EventID: 0x800008A4
            Time Generated: 11/28/2018   20:36:26
            Event String:
            The DFS Replication service has detected an unexpected shutdown on volume C:. This can occur if the service terminated abnormally (due to a power loss, for example) or an error occurred on the volume. The service has automatically initiated a recovery process. The service will rebuild the database if it determines it cannot reliably recover. No user action is required.

            Additional Information:
            Volume: C:
            GUID: CD07C860-FCA5-4A6A-99E7-CDC872CE475C
         A warning event occurred.  EventID: 0x80001906
            Time Generated: 11/28/2018   20:36:26
            Event String:
            The DFS Replication service detected that the local path of a replicated folder (domain) in its database does not match the newly configured local path (C:\Windows\SYSVOL\domain) of the replicated folder. The service will replicate the new path, and the old replicated folder path in the database will no longer be tracked as a replicated folder. This event is expected if the local path of the replicated folder has been changed.

            Additional Information:
            Replicated Folder Name: SYSVOL Share
            Replicated Folder ID: 24487360-94DD-469F-BCBD-1F083B58CDC8
            Replication Group Name: Domain System Volume
            Replication Group ID: 7FD194A9-775D-449E-8B3B-A13EDD301AFC
            Member ID: 5B54B1BE-2BDE-4856-8383-57F93F2BB38A
         A warning event occurred.  EventID: 0x80001206
            Time Generated: 11/28/2018   20:36:26
            Event String:
            The DFS Replication service initialized SYSVOL at local path C:\Windows\SYSVOL\domain and is waiting to perform initial replication. The replicated folder will remain in the initial synchronization state until it has replicated with its partner DC1.1roof.club. If the server was in the process of being promoted to a domain controller, the domain controller will not advertize and function as a domain controller until this issue is resolved. This can occur if the specified partner is also in the initial synchronization state, or if sharing violations are encountered on this server or the synchronization partner. If this event occurred during the migration of SYSVOL from File Replication service (FRS) to DFS Replication, changes will not replicate out until this issue is resolved. This can cause the SYSVOL folder on this server to become out of sync with other domain controllers.

            Additional Information:
            Replicated Folder Name: SYSVOL Share
            Replicated Folder ID: 24487360-94DD-469F-BCBD-1F083B58CDC8
            Replication Group Name: Domain System Volume
            Replication Group ID: 7FD194A9-775D-449E-8B3B-A13EDD301AFC
            Member ID: 5B54B1BE-2BDE-4856-8383-57F93F2BB38A
            Read-Only: 0
         A warning event occurred.  EventID: 0x80001780
            Time Generated: 11/28/2018   20:41:24
            Event String:
            The DFS Replication service failed to update configuration in Active Directory Domain Services. The service will retry this operation periodically.

            Additional Information:
            Object Category: msDFSR-LocalSettings
            Object DN: CN=DFSR-LocalSettings,CN=DC2,OU=Domain Controllers,DC=1roof,DC=club
            Error: 2 (The system cannot find the file specified.)
            Domain Controller: DC1.1roof.club
            Polling Cycle: 60
         An error event occurred.  EventID: 0xC00004B2
            Time Generated: 11/28/2018   22:00:04
            Event String:
            The DFS Replication service failed to contact domain controller  to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.

            Additional Information:
            Error: 160 (One or more arguments are not correct.)
         A warning event occurred.  EventID: 0x80001780
            Time Generated: 11/28/2018   22:44:32
            Event String:
            The DFS Replication service failed to update configuration in Active Directory Domain Services. The service will retry this operation periodically.

            Additional Information:
            Object Category: msDFSR-LocalSettings
            Object DN: CN=DFSR-LocalSettings,CN=DC2,OU=Domain Controllers,DC=1roof,DC=club
            Error: 2 (The system cannot find the file specified.)
            Domain Controller: DC1.1roof.club
            Polling Cycle: 60
         A warning event occurred.  EventID: 0x80001A94
            Time Generated: 11/28/2018   22:44:32
            Event String:
            The DFS Replication service has detected that no connections are configured for replication group Domain System Volume. No data is being replicated for this replication group.

            Additional Information:
            Replication Group ID: 7FD194A9-775D-449E-8B3B-A13EDD301AFC
            Member ID: 350D2A4F-F654-4797-8578-39E348E1A9F2
         A warning event occurred.  EventID: 0x80001906
            Time Generated: 11/28/2018   22:44:33
            Event String:
            The DFS Replication service detected that the local path of a replicated folder (domain) in its database does not match the newly configured local path (C:\Windows\SYSVOL\domain) of the replicated folder. The service will replicate the new path, and the old replicated folder path in the database will no longer be tracked as a replicated folder. This event is expected if the local path of the replicated folder has been changed.

            Additional Information:
            Replicated Folder Name: SYSVOL Share
            Replicated Folder ID: 24487360-94DD-469F-BCBD-1F083B58CDC8
            Replication Group Name: Domain System Volume
            Replication Group ID: 7FD194A9-775D-449E-8B3B-A13EDD301AFC
            Member ID: 350D2A4F-F654-4797-8578-39E348E1A9F2
         A warning event occurred.  EventID: 0x80001206
            Time Generated: 11/28/2018   22:44:33
            Event String:
            The DFS Replication service initialized SYSVOL at local path C:\Windows\SYSVOL\domain and is waiting to perform initial replication. The replicated folder will remain in the initial synchronization state until it has replicated with its partner DC1.1roof.club. If the server was in the process of being promoted to a domain controller, the domain controller will not advertize and function as a domain controller until this issue is resolved. This can occur if the specified partner is also in the initial synchronization state, or if sharing violations are encountered on this server or the synchronization partner. If this event occurred during the migration of SYSVOL from File Replication service (FRS) to DFS Replication, changes will not replicate out until this issue is resolved. This can cause the SYSVOL folder on this server to become out of sync with other domain controllers.

            Additional Information:
            Replicated Folder Name: SYSVOL Share
            Replicated Folder ID: 24487360-94DD-469F-BCBD-1F083B58CDC8
            Replication Group Name: Domain System Volume
            Replication Group ID: 7FD194A9-775D-449E-8B3B-A13EDD301AFC
            Member ID: 350D2A4F-F654-4797-8578-39E348E1A9F2
            Read-Only: 0
         ......................... DC2 failed test DFSREvent
      Starting test: SysVolCheck
         * The File Replication Service SYSVOL ready test
         The registry lookup failed to determine the state of the SYSVOL.  The error returned  was 0x0
         "The operation completed successfully.".  Check the FRS event log to see if the SYSVOL has successfully been
         shared.
         ......................... DC2 passed test SysVolCheck

Netlogon need permission to perform this action

May 21, 2018, 1:02 am
$
0
0
Hi guys! I have about 20 DC on Windows 2012-2016. In the one site i can't copy file to subfolder Netlogon share (\\domain.local\Netlogon\Site), i get error: need permission to perform this action. But on this folder "Site" i have Full Control permissions for domain group.

Error with dcdiag and no possibility to change the membership to a domain

November 29, 2018, 9:06 am
$
0
0

Hello,

i have a HP ProLiant ML110 G6 with Microsoft Server 2008 R2 and want build up a active directory network with the server as pdc. The installation process was'nt with problems, but after that the pdc isnt reachable by clients and i cant change the membership from local workgroup to domain membership. Here are the error messages. Can someone help me please?

Directory Server Diagnosis


Performing initial setup:

   Trying to find home server...

   Home Server = HINTERHAIN

   * Identified AD Forest. 
   Done gathering initial info.


Doing initial required tests

   
   Testing server: Default-First-Site-Name\HINTERHAIN

      Starting test: Connectivity

         The host 1bf39b6c-b9b1-4fee-a676-1695072797bc._msdcs.lw25.local could

         not be resolved to an IP address. Check the DNS server, DHCP, server

         name, etc.

         Got error while checking LDAP and RPC connectivity. Please check your

         firewall settings.

         ......................... HINTERHAIN failed test Connectivity



Doing primary tests

   
   Testing server: Default-First-Site-Name\HINTERHAIN

      Skipping all tests, because server HINTERHAIN is not responding to

      directory service requests.

   
   
   Running partition tests on : ForestDnsZones

      Starting test: CheckSDRefDom

         ......................... ForestDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... ForestDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : DomainDnsZones

      Starting test: CheckSDRefDom

         ......................... DomainDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... DomainDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : Schema

      Starting test: CheckSDRefDom

         ......................... Schema passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Schema passed test CrossRefValidation

   
   Running partition tests on : Configuration

      Starting test: CheckSDRefDom

         ......................... Configuration passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Configuration passed test CrossRefValidation

   
   Running partition tests on : lw25

      Starting test: CheckSDRefDom

         ......................... lw25 passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... lw25 passed test CrossRefValidation

   
   Running enterprise tests on : lw25.local

      Starting test: LocatorCheck

         ......................... lw25.local passed test LocatorCheck

      Starting test: Intersite

         ......................... lw25.local passed test Intersite


Windows IP Configuration

   Host Name . . . . . . . . . . . . : HINTERHAIN
   Primary Dns Suffix  . . . . . . . : lw25.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : lw25.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : HP NC107i PCIe Gigabit Server Adapter
   Physical Address. . . . . . . . . : 68-B5-99-E3-4F-14
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2003:d0:70d:bc53:f485:e00e:3c6c:d6c1(Preferred) 
   IPv6 Address. . . . . . . . . . . : fd21:2203:9ba8:1:f485:e00e:3c6c:d6c1(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::f485:e00e:3c6c:d6c1%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.1(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fd21:2203:9ba8:1::1
                                       fe80::1%11
                                       192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 241743257
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-23-87-88-02-68-B5-99-E3-4F-14
   DNS Servers . . . . . . . . . . . : fd21:2203:9ba8:1::1
                                       2003:d0:70d:bc83:f485:e00e:3c6c:d6c1
                                       192.168.1.1
                                       127.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{2B1573AD-01B1-4D18-A12E-36159AD81470}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Thank you for your patience.

Best Regards

Marko Petsch

Transfer Schema Master Role to Child Domain

January 15, 2015, 4:26 am
$
0
0

Hi, our current set-up in our AD Forest is:

Parent Domain - Domain1.local - DC1 hosts all roles:
Schema master role
Domain Naming Master
PDC Emulator
Infrastructure Master
RID Master

Child Domain - Child.Domain1.local - 2 DC's, host between them:
RID Master
Infrastructure Master
PDC
However the following:
Schema Master and Domain Naming Master roles are on forest root domain, above - DC1

We want to install an Exch 2010 server in child domain, setup complains of schema master role being in different domain (parent domain). Is it possible to transfer the schema master role to a DC in child domain?

Thanks

Sarah



Global Groups vs Universal Groups vs Domain Local - Differences in brief?

July 1, 2009, 6:31 am
$
0
0
Hi folks.  I'm working on my 70-640 test prep and I'm running into the differences in the different types of groups and I'm getting a little confused.  I've always just used universal groups and never had any problems and was wondering why use something like a global group instead of a universal group.  Also, what is the piont of the domain local group?  I've never used it and I'm having a hard time based on what I've read in telling the differences.  Thanks.
Viewing all 31638 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>