Hi There
I'm new to ADFS. If I only need internal users on my network accessing an app on a 3rd party's Federation site do I need the Account Federation Server Proxy role by necessity or can I just let comms between both sides on the trust speak via a tight rule on the firewall?
Cheers
C
Hibs Ya Bass!
Hi,
I have Active directory installed on windows server 2008 R2
I want to transfer the Active directory to another server with different server name,
what are the ways to do it?
thanks
Greetings,
How do I find all accounts in AD that are still using the old LANMAN HASH? I enabled the GPO to clear lanman hash on next password change for entire domain, but it looks like we still have AD accounts that have the old LAN HASH (according to auditors), so i need to identify which accounts, not why they can't just give us the accounts names. Any ideas?
Hi Everyone,
I would like to have a series of computers auto login when they are booted.
Each machine will need to have a different username that is logged on with.
I do not have the passwords for the users, but the system needs to boot start up some applications, and then lock itself.
The machines are all part of a domain, but i need them to log in with thier passwords.
I understand this might be a security risk, but the managers are ok with this. so i'll try to give them what they ask for.
I have looked at some different methods, but it seems that this cannot be accomplished, so i am asking with hat in hand,
is there a way to use the local stored login and password to fill in the required information?
The primary goal is to have some applciations preload as soon as the machine boots - but i want it to run the applciations when the computer starts... i have the computer starting through the BIOS at a determined time. I am hoping this will reduce the time i spend waiting for the system to start up.
thank you
tony
Hi Experts,
I want to upgrade Domain Controller from Windows Server 2003 Standard 32 Bit Edition to Windows Server R2 Standard Edition.
I have some query . pls help me out on these.
Balwan Singh
Hi Folks,
I have a wee problem; my client has 400 users who all have "Password Never Expires" checked. Now they want to implement a password policy of 30 days. The AD is functional level 2003 running on 2008 R2. There are 400 users, separated geographically by OU.
I can select each geographic location OU and bulk remove the "Password Never Expires" option, however, in testing this, forced the password to immediately expire (as it was over 30 days old) and the user had to change immediately.
I really don't want all users having to change their password at the same time, so I wondered if it is possible to use the "PwdLastSet" timestamp by changing it to 15 days prior to current. This way, when I remove the PNE tickbox, the users will start to be notified of impending expiry. Sounds like a great plan till I read on blogs and forums and there seems to be a lot of confusion on this, so, is it possible ?
thanks,
Chris.
Hello,
Looking for some help on how to best join a remote location to my existing 2008 domain controller (HQ). This remote location currently has a server 2003 domain controller but I would like to scrap it and have everything run off one AD. I understand I will need to open ports and create a VPN tunnel what I'm wondering is if it's best to give them the same subnet I use at my HQ or keep their existing setup?
My 2008 AD (HQ) network is 10.1.2.0/23 (255.255.254.0) and the remote location is 192.168.70.0/24.
There are only 15 clients at the remote location and I have around 100 at HQ.
Would they be able to join my existing domain or would I have to create a new domain for them?
Would I have to use sites and services or what is the best approach for this?
The remote location is 3000 miles away, anybody know what sort of latency is expected with such a distance?
Never done anything like this before so any help would be appreciated.
Thanks in advance.
Dear All,
I have a active directory on Windows server 2008 in hyper-v before some days everything was fine,
but now from some days when i register any windows xp sp3 client with domain it gives message "A duplicate name exists on network"
i have tried unregistered the client changing Net-bios name rejoin the domain same problem exists, i can access network resources but same comes up on every reboot.
Here is the ipconfig/all of my domain server.
C:\Users\Administrator>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : PDC
Primary Dns Suffix . . . . . . . : pcrwp.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : pcrwp.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Ada
pter
Physical Address. . . . . . . . . : 00-15-5D-75-02-00
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4dee:9543:8c6a:919b%11(Preferred)
IPv4 Address. . . . . . . . . . . : 196.xxx.xxx.x(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IPv4 Address. . . . . . . . . . . : 196.xxx.xxx.xx(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 196.xxx.xxx.xx
DHCPv6 IAID . . . . . . . . . . . : 234886493
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-79-C5-D4-00-15-5D-75-02-00
DNS Servers . . . . . . . . . . . : ::1
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{70322E33-A5FE-4F84-9C1E-70B57F75E631}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter 6TO4 Adapter:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:c46f:7401::c46f:7401(Preferred)
IPv6 Address. . . . . . . . . . . : 2002:c46f:7514::c46f:7514(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : ::1
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Disabled
Note: It is only happning with Windows XP sp 3 computers.
Please get me out from this problem.
All is Well
i am not able to connect via SSL LDAP
i am using server 2008 R2
i have tried lot of stuff and failed can any one help me on this it will a great help
below is the scenario
server A- dc
server B- member of dc with lds instace installed and CA installed
i am trying to connect to lds instance from server B which is itself in server B.
i am able to connect without ssl but in ssl i have tryied most of things .
please help
Hi,
I need to make a backup plan for our windows 2003R2 SP2 x64 active directory in order to recover these :
1. Active Directory Forest
2. DNS
3. Lost or Deleted Users and Objects
4. SYSVOL
what kind of backup and which files to back? in order to completely restore the above 4 services. also of it possible the procedure to recover them back.
Hi,
We have two DHCP Administrator groups in the domain, it seems that one of them comes from a replication conflict.
The one I think comes from a replicaction conflict has the value "$DUPLICATE-eea1" for the Group name (pre-Windows 2000).
I'm a bit confused as the as this group was created before the first one. May be this is normal, I don't know how AD deals with replication confilcts in these cases. I've always seen the replicated objects with the GUID as a suffix, but never with that string in the SAM-Account-Name.
Should I delete the duplicated group?
Any further actions are needed/recommended?
Thank you.
I am logged in with and Enterprise admin account who is also a member of Schema admins.
I have a Windows Server 2012 DC that passed all the DCdiag tests.
I have a Windows 2008 server that I am trying to install Lync2010 onto.
I have remote management and remote registry enabled on the DC
When I "run" the "prepare schema" action from the installation CD I get the following error...
> Prepare SchemaInstall-CSAdServerSchema -Confirm:$false -Verbose -Report "C:\Users\bwilson\AppData\Local\Temp\Install-CSAdServerSchema-[2012_12_03][10_56_03].html"Creating new log file "C:\Users\bwilson\AppData\Local\Temp\Install-CSAdServerSchema-b4c29a05-c369-4130-af43-b824f9e0e2b5.xml".Modify the Active Directory schema to support Lync Server 2010.Creating new log file "C:\Users\bwilson\AppData\Local\Temp\Install-CSAdServerSchema-[2012_12_03][10_56_03].html".Warning: Install-CSAdServerSchema failed.Warning: Detailed results can be found at "C:\Users\bwilson\AppData\Local\Temp\Install-CSAdServerSchema-[2012_12_03][10_56_03].html".
When I view the logfile I get this...Command execution failed: Specified cast is not valid.
| Action | Action Information | Time Logged | Execution Result | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Hello All,
So far this is what I've come up with
dsquery * "OU=Workstations,OU=XXX,OU=XXX,OU=XXX,OU=XXX,DC=XXX,DC=XXX,DC=XXX,DC=XXX" -filter "(&(objectCategory=computer)(objectClass=computer))" -limit 0 -attr sAMAccountName lastLogon operatingSystem
But I am trying to also add the user who was last logged into these computers, by chance would anyone have an idea as to what I should add to the search critera in order to also display the last logged on user?
Dear Expt,
Where i can i find ActiveDirectory support tool for windows 2008 32 bit
Support@Mytechnet.me