Hello Team,
I am facing one problem with my windows 7 desktops.The windows 7 local user account getting locked after adding the system to domain .Getting the same problem in 10 or more computers...I have tried to unlock the machine but with few Milli seconds its again getting locked.
Domain controller is win 2008 r2 Ent edition
Thanks
Anurag
Thanks & Regards Amit Kumar | EDP Dept.| Indus Weir Industries Limited | FF-42 | 3rd Floor | Mangal Bazar Road | Near V3S Mall | Laxmi Nagar | Delhi-92 | M +91 8010477243 E-Mail singhamit1993@hotmail.com
Hello
I have a domain with 70 users, server 2012 DC with server 2012 secondary DC, internet connection is by web proxy of ISA Server 2004.
I cannot do nslookup or ping from any of DC or user comp. But there is normal internet connection!!!
C:\Windows\system32>nslookup google.com
Server: dc.energinst.am
Address: 192.168.1.1
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to dc.energinst.am timed-out
....................................................................................................
C:\Windows\system32>ping www.google.com
Ping request could not find host www.google.com. Please check the name and try again.
i'm new in system administration and maybe i am douing something wrong, please help me!
hi i need ur help...........
i need to add alias for my user login name of the domain.
example i have a user name = steve.jones@abc.com
now i want to add alias = s.jones@abc.com
so that both names can be used to login to the domain.
what is the way to do so kindly help.
i tried with user account properties but didint find any alias option to add............
istiaq
I had trust relation problem.
If we try to validate trust relationship , is there possibility that validation task automatically fix broken trust relationship ?
Hello,
At first I thought this was an IIS problem, then I thought it was a File Server problem, now I have narrowed it down to being a problem transferring data between the Parent domain and Child domain.
I have:
1 Parent DC (W2k12, domain.co.uk, *.*.1.0/24 subnet)
1 Child DC (W2k12, int.domain.co.uk, *.*.2.0/24 subnet)
1 Web Server (W2k12, domain.co.uk, *.*.1.0/24 subnet)
1 File Server (W2k12, int.domain.co.uk, *.*.2.0/24 subnet)
All servers above are Hyper-V VM's
1 Hyper-V Host (W2k12)
Routing is done via RAS (Static routes) on the Host
I first noticed the problem when I made a web page, and the images appeared corrupt when shown on the web page.
So I tried accessing the File Server (On Child domain) from the Web server (Parent domain) and I noticed that the images were corrupt (But still view-able to some extent).
Then, deciding to figure it out some other time, and got to coding some pages, I noticed that these pages were also becoming corrupt (Very small defects, about 3 characters in a 200 line page)
Are there any tools that someone could recommend to get to the root of the problem?
Many thanks,
Chris
Hi
I was pulling a report from AD, I can see last logon date as month of 7 and Password expiration on month of 6 . Ideally password should have been changed after month of 6 and new expiration date should show month of 9 . IS this any replication issue ?
Last Logon Date Password Expiration Date Password Last Changed
7/18/2013 6:40 6/28/2013 23:43
4/29/2013 23:43
I am just new to AD setups . Could you please help here ?
If trust relationship was broken , how could we fix that ?
To remove trust and create new trust is only way to fix broken trust relationship or is there other way to fix it ?
Is it possible to change the password complexity settings for accounts in Server 2008R2? I have found how to turn the requirement off completely but that's not really what I am looking to do, I just want to be able change it.
Need only below three:
English uppercase characters (A through Z)
Best Regards
Khaja Hameed
Khaja Hameed
Hi,
We want to implement IBCM 2012 in DMZ network so want to understand which are the ports required to join DMZ machine to internal domain and to maintain connection with domain and to CA server for certificate authentication.
So please help with ports details.
Hello Everyone,
I am a software developer using Microsoft products with a BS in Computer Science, so I have a decent background. I am capable, but relatively new to server management. Let me say thank you in advance for any input.
I have a physical Server 2008 R2 Domain Controller that I have set up over a year ago, and with the occasional hiccup, it has been running fine. It also provides DHCP and DNS services. Lately it has been flaking out a little (internet connection drops on all of my computers, assuming that it is not providing DNS for some reason) and requires a restart to start working again. I am not trying to troubleshoot this right now.
I am setting up a development environment on my home network, to get into some more of the advanced deployment scenarios that I am researching for work. As a side note, this will be revolving around SQL, Sharepoint, numerous application ideas that I want to test, TFS, and TFS's Automated Build/Deploy (Most important to me). I am doing this at home, because security at work is preventing me from exploring all avenues, and it like waging a war getting things to change there. I can do it quicker at home, and that is perfectly acceptable for my research. I just need to provide an informed assesment of the technology to my managers.
I have added a Windows Server 2012 virtual Domain Controller to my network and set it up to share the Active Directory, DHCP, and DNS roles. My network is now working with these in tandem, and everything is fine as long as one or the other is running.
On to my question.
I would like to upgrade my Server 2008 R2 to Server 2012. I know that this is not necessary, but I may end up looking into one of the new features that is available in the 2012 functional forest level, and I cannot raise the forest to that level as long as it contains a 2008 R2 server, if I understand correctly. Since the 2008 R2 server was there first, and the domain was set up using that server, are there any considerations that I must look into before I upgrade the 2008 R2 server? It appears that it is possible to do an in place upgrade from 2008 R2 to 2012. Will that destroy the domain on that server? Do I need to "transfer" anything to the 2012 server before I do the upgrade?
Thanks in advance for any help.
Hi,
How to change all existing workstation shares in our network to read only on GPO or via script.
(only workstation shares not servers)
Thanks,
85
I was redirected to this forum from a Microsoft moderator at the Office 365 forum. My question is about ADFS, specifically the ADFS Proxy component.
With activated Single Sign-On on an Office365 tenant is it possible to transfer the entered username onhttp://mail.office365.com/ to the username field of the ADFS proxy to which the user is redirected? It is inconvenient to enter the username twice, especially when the username is long in addition to the domain name. Of course it is possible to direct users straight to the proxy using a CNAME DNS record like mail.domain.com IN CNAME mail.office365.com, but anyway it would be good if redirection worked.
I saw this happening for the Office 365 subscriber kent.edu (Kent State University Ohio) at mail.office365.com. The username gets transferred to the username field on the proxy authentication page. Just entertest@kent.edu at mail.office365.com and you'll see what I mean. How can I enable that too? The ADFS proxy runs on Windows Server 2012.
Thank you in advance.
Hi All,
I am experiencing replication errors, which I am working on resolving, doing all the usual remedial steps such as checking repadmin and dcdiag, confirming DCs can see each other (ping/nslookup).
However, in this process, I have come across 2 strange errors. Below is a screenshot of this:
The first issue - this DC does not hold the PDCe role, so it should be advertising as a time server, anyway? My other DC is the PDCe and is syncing the time with no issues (time on both DCs is the same).
My time sync architecture is like this:
External time source (atomic clock etc) <> Time server on my network <> DC1 PDCe <> DC2 (this is where the screenshot above is from)
The last error regarding the security database/trust I have never seen before. I guess this is a broken trust between that member server and my DCs? And I should verify/reset this.
EDIT: So there are no replication errors, verified by repadmin /replsum. I dropped the member server from the domain and added it again and can now login with domain accounts (not possible pre-domain drop). Though I think I have read somewhere this is not the right way to fix this type of issue.
Hello,
Has anyone encountered issues with restricting the Active Directory dynamic ports for Netlogon and NTDS in Server 2012? I have followed the added the typical registry entries as described below but I still see my RDS gateway in the DMZ trying to communicate to my internal DC over other ephemeral ports (49158). I have rebooted the DC after the registry changes and still no effect. Are the reg entries the same in 2012? Any help would be appreciated. Thank you
Registry key 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
Registry value: TCP/IP Port
Value type: REG_DWORD
Value data: 49152 (This value needs to be specified in decimal format)
Registry key 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Registry value: DCTcpipPort
Value type: REG_DWORD
Value data: 49153 (This value needs to be specified in decimal format)
Eddie Espino | Secure Data Solutions | Miami, Florida | Microsoft Partner
Hi experts,
In my environment (win2k8 R2) i'm performing the first stage of dfsr migration (ie PREPARED). Only in one of the DC migration status is showing "MYDC001 ('Waiting For Initial Sync') - Writable DC".
When i check the event log i found the event id - 4102 so i have restarted the DFS replication service still initial sync is not working on this DC. I have completed this PREPARED state in other domain without any issues and this is the last domain to complete PREPARED state.
I checked the replication using repadin /showrepl and found no issues
Is there any troubleshooting steps to resolve this issue ? or do i need to revert this state to normal ?
Regards, Nidhin.CK
My exchange server got tombstone out of the domain which I am trying to get back. I am trying to use Repadmin but a little confused as to how this works and where exactly to run the commands. I have 3 other domain controllers which are all replicating
properly between them the exchange is the 4th.
my 3 good domain controllers are logging 2042 errors and the exchange server is logging 1988 errors.
Running Repadmin
repadmin /removelingeringobjects <DestDCName> <SourceDCGUID> <LDAPPartition>
Do I run repadmin from each domain controller against the exchange server meaning DestDCName> is the Exchange server and the SourceGUID would be the guid of each domain controller? Once all lingering object have been removed I will run repadmin /regkey<hostname> +allowDivergent. Is this command to be run on the exchange server or each domain controller?
GY
Hi techies,
My scenario is Forest1.com having a two-way forest trust to forest2.com.
If i have a child.forest2.com child domain, do I still need to create a trust between forest1.com and child.forest2.com.
If forest1.com has a child domain child.forest1.com, do I also need to set a trust between child domains?
Thanks!