help with client connecting to virtual DC

July 29, 2016, 5:11 am

≫ Next: Cant run services with UPN in different forest-- Getting Access Denied

≪ Previous: Powershell to update "Manager can update membership list" of AD Group.

Hello

Can someone plz help me out with this....

I have a server which is divided into 3 virtual machines 1. DC(windows server 2012 r2) 2. FE 3. Client....3 are connected using virtual switch VS1

server is connected to physical network switch which in turn connected to router

I have my laptop which i want to connect to virtual DC, I tried to connect a wire in physical network switch and to my laptop but doesnt not ping dc...what is the actual way to do...what should be the confirguration of these....how do I set it up network configuration

i have given fixed ips to all vm's and also my laptop

↧

Cant run services with UPN in different forest-- Getting Access Denied

July 29, 2016, 2:28 am

≫ Next: Password last set is showing Blank in Get-ADUser Report

≪ Previous: help with client connecting to virtual DC

Cant run services with UPN in different forest-- Getting Access Denied

but services can run fine with Domainname\Samaccountname format.

MCSE Certified

↧

Password last set is showing Blank in Get-ADUser Report

July 29, 2016, 1:04 am

≫ Next: Moving servers from Domain B to Domain A. Domain migration for servers

≪ Previous: Cant run services with UPN in different forest-- Getting Access Denied

Hi Guys,

can any one help me I am getting blank in passwordlastset for some users when i run the command Get-aduser.

Get-ADUser -Identity Username -Properties * | select passwordLastset,LastLogonDate

Regards,

Triyambak

Regards, Triyambak

↧

Moving servers from Domain B to Domain A. Domain migration for servers

July 28, 2016, 1:30 pm

≫ Next: The security database on the server does not have a computer account for this workstation trust relationship

≪ Previous: Password last set is showing Blank in Get-ADUser Report

Here's the scenario:-

We owing a Domain A have acquired a new company with Domain B.
We need to now migrate their servers from Domain B to our Domain A.

The catch is new user ID's have already been created for the required users in Domain A for the corresponding users in Domain B.
So now they have 2 ID's one in each domain.
Note that these ID's have been created newly on Domain A & not migrated from Domain B to Domain A

Now I'm just confused how to migrate the servers from Domain B to Domain A without breaking the application or changing the Security permissions.
I believe ideally first all the users/groups should have been migrated from Domain B to Domain A so post that servers can be migrated & that should retain the permissions as is.

But if I migrate the users/groups from Domain B now. It's gonna clash with already created ID's in Domain A.
And If I migrate the servers without first migrating the users/groups, it might break the application or users may loose the access when server is moved to new domain.

So how do I migrate these servers without breaking the application and users loosing the access?

↧

The security database on the server does not have a computer account for this workstation trust relationship

July 29, 2016, 7:27 am

≫ Next: Setup DFS, new AD site

≪ Previous: Moving servers from Domain B to Domain A. Domain migration for servers

My company have 3 Domain Controller: DC1, DC2, DC3. DC1 is root domain controller and Certificate Authority, when i try remote desktop to DC 1 with account Domain Admin recive an error "The security database on the server does not have a computer account for this workstation trust relationship". But i try remote desktop to DC2 or DC3 with the same account Domain Admin succesful. I try connect to DC1 via psexec successful

Please help me to fix error above

↧

Setup DFS, new AD site

June 5, 2016, 12:33 pm

≫ Next: Global Catalog

≪ Previous: The security database on the server does not have a computer account for this workstation trust relationship

Good morning all.

I would like to ask some questions, i am newer to DFS implementation.

I currently have one main site and a branch office, connected via VPN.

The WAN link often goes down or very very slow, so wo wold like to implement a DFS, with a node implemented on the branch office.

I cannot use the branchcache feature because the server in the main site is a 2008, not R2. I would like to know if I am on the right way.

First i will deploy the new server on the main site, join into the domain as a member and synchronize the data between the two servers.

After i will create the new AD site, bring the new server at the branch office, make it a domain controller and create the DFS structure and replication.

Is this procedure correct?

Thanks in advance.

Regards,

Luca

↧

Global Catalog

July 29, 2016, 10:33 am

≫ Next: HOW TO RE INSERT A SECONDARY DOMAIN CONTROLLER AFTER A CRASH

≪ Previous: Setup DFS, new AD site

Why is it recommended by Microsoft to have Global catalog in all Domain controller?

Why do we get the message to import Infrastructure master role in case we do not install Global Catalog in secondary DC?

↧

HOW TO RE INSERT A SECONDARY DOMAIN CONTROLLER AFTER A CRASH

July 29, 2016, 6:30 am

≫ Next: AD Bulk OU Movement

≪ Previous: Global Catalog

Hi Everyone,

Recently i got an issue with my domains controllers. In my compagny we got 2 domain controllers ( 1 is the principal and 1 is the secondary).

DC1 and DC2

DC1 gets all FSMO rôles .

DC2 is the secondary controler .

I got my DC2 got hardware crash and so i have to re install a new machine with windows 2008 enterprise server.With the same Ip adress and the same NETBIOS Name.

SO my questions are :

1)-Is that possible to promote "DCPROMO" this new machine with the same netbios name and the same Ip adress than the broken machine (i mean the second domain controller)?

2)-Do there is a connexion between SSID of the machine and and the domain controler? I mean once a serveur is promote to DC , the site and service active directory will keep the SSID of this machine in his database?

3) What will be the procedure to promote the new machine as a DC? and shall i clean the AD?

Thanks in advance for yours answers .

Kind regards

↧

AD Bulk OU Movement

July 29, 2016, 10:24 am

≫ Next: ADFS Proxy Server Removal

≪ Previous: HOW TO RE INSERT A SECONDARY DOMAIN CONTROLLER AFTER A CRASH

Dear Team,

how to move protected from accidental delation user in other OU in bulk

↧

ADFS Proxy Server Removal

July 29, 2016, 12:04 pm

≫ Next: DFSREvent Error: 5002

≪ Previous: AD Bulk OU Movement

Hello,

We had ADFS Proxy running on 3 Windows Server 2012R2. Recently we have decommissioned one of these server however it still shows in the connected server list. Can someone tell me how to removed this from the list?

In powershell running the Get-WebApplicationProxyConfiguration command shows:

ConnectedServersName: {server01, server, server02}

I would like this to show

ConnectedServersName: {server01, server02}

Thank you for your help!

↧

DFSREvent Error: 5002

July 29, 2016, 12:00 pm

≫ Next: unknown AD user accounts (deleted in past) are showing up as S-1-15-21-579150784

≪ Previous: ADFS Proxy Server Removal

I have been receiving this error every other day. not sure what my be causing it. Currently have a total of 4 DC on the network.

all running Server 2012

Replication has between all 4.

↧

unknown AD user accounts (deleted in past) are showing up as S-1-15-21-579150784

July 29, 2016, 1:37 pm

≫ Next: Windows Server Gurus needed for July!

≪ Previous: DFSREvent Error: 5002

whenever a windows user account is deleted in windows 2008 AD environment ..it still shows as "S-1-15-21-579150784-1645022514" (unknown account) in windows file/folder security .is it possible to translate these weired numbers to orignal AD user name ? as I need to run a report for files/folders this user created in past.. so that I can remove them
OR atleast I can ensure that I am removing right user enterie from folders securities. And would there be a impact of deleting such enteries ? or is there any cleanup utility for AD to cleanup this ?

↧

Windows Server Gurus needed for July!

July 7, 2016, 11:07 am

≫ Next: Any suggestions for a dedicated OU for Security Groups in AD (Role based access)

≪ Previous: unknown AD user accounts (deleted in past) are showing up as S-1-15-21-579150784

Come forth all you technical gurus and word wizards!

It's time to show us what you've got, what you know, what you found out!

Spare your fellow professionals from the same mistake!

Share your revelations and awesome ways of doing things!

All you have to do is add an article to TechNet Wiki from your own specialist field. Something that fits into one of the categories listed on the submissions page. Copy in your own blog posts, a forum solution, a white paper, or just something you had to solve for your own day's work today.

Drop us some nifty knowledge, or superb snippets, and become MICROSOFT TECHNOLOGY GURU OF THE MONTH!

This is an official Microsoft TechNet recognition, where people such as yourselves can truly get noticed!

HOW TO WIN

1) Please copy over your Microsoft technical solutions and revelations toTechNet Wiki.

2) Add a link to it on THIS WIKI COMPETITION PAGE (so we know you've contributed)

3) Every month, we will highlight your contributions, and select a "Guru of the Month" in each technology.

If you win, we will sing your praises in blogs and forums, similar to the weekly contributor awards. Once "on our radar" and making your mark, you will probably be interviewed for your greatness, and maybe eventually even invited into other inner TechNet/MSDN circles!

Winning this award in your favoured technology will help us learn the active members in each community.

June's entries are with our judges right now, but here is a reminder of the previous month's winners.

BizTalk Technical Guru – May 2016

Kjetil Tonstad

Top 10 Tips From a BizTalk Admin to BizTalk Developers

TGN: “I love this, how to help each other. Well done Kjetil!”
JS: “Integration apps are a lot more than coding. Always remember these.”
SW: “Great article. With the current DevOps trend alignment between developers and administers is key!”
Ed Price: “This is a good set of tips, with a few helpful images, and the Reference links at the bottom give more context. Great job!”

Eldert Grootenboer

BizTalk Server: Processing large files (streaming)

Ed Price: “Great mix of code, images, and descriptions. Although the code isn’t broken up much (with explanations of what the code does), all the code comments make up for it and make it super clear! Good to end with the See Also section!”
SW: “Streaming large message can be a challenge with BizTalk. This article provide guidance in that area. Very good!”
TGN: “I love this, well explained and a question that is very relevant to BizTalk”

SMSVikasK

BizTalk Server 2013 R2 Dynamics CRM Online / On Premise CRUD Operations (Part 1)

JS: “Seeing a lot of CRM lately. Good info for anyone who hasn’t worked with it before.”
SW: “CRUD om Dynamics guidance article. Good”
Ed Price: “Great description (I like CRUD) and fantastic use of images, although it would be better with more explanations in the text.”
TGN: “Why did you split these up into to articles? good article though”

Forefront Identity Manager Technical Guru – May 2016

Peter Geelen

FIM2010 / MIM2016: Run profile statistics with PowerShell and Excel Pivot Tables

Ed Price: “I love the code formatting with the scroll bar. Great explanations and use of images!”

Peter Geelen

FIM2010 / MIM2016: Run profile statistics with SQL and Excel Pivot Tables

Ed Price: “It’s great to have the downloads on TechNet Gallery!”

Microsoft Azure Technical Guru – May 2016

Bhushan Gawale

Getting Started with Azure Automation DSC

AS: “Very good and helpful article! Thanks for publishing!”
Ed Price: “Great starting point for learning Azure Automation DSC! Good use of images and code, with excellent explanations!”

Sibeesh Venu

Creating Azure Mobile App With Visual Studio

AS: “Good starting point, but for me all screenshots are broken – none of them is visible. I would find it particularly useful if you just have provided links to a more detailed article(s) on how to configure Visual Studio for windows Mobile development. And probably just show a sample with HTML/JS or UWP (if it is available)”
Ed Price: “What an important topic that’s very well described! The images add a lot of value!”

Sandro Pereira

Azure Logic Apps: Tips and Tricks about the “new” Logic Apps Designer

AS: “A good overview of designer features! I would however also expect to see the less known fact that drop down lists are actually filtered and there is much more to discover when you begin typing into the search field.”
Ed Price: “The images are magnificently assembled to make this process incredibly clear. A very important topic! Great job!”

Miscellaneous Technical Guru – May 2016

Chilberto

Connecting a BitBucket Repository to Visual Studio Team Services

Richard Mueller: “Well explained. We need links/references.”
Ed Price: “Great use of images. This is a fantastic scenario! It could use a See Also section. “

Carmelo La Monica

Manage analog sensor with Raspberry pi2

Richard Mueller: “Grammar needs work and we need links/references.”
Ed Price: “Thorough, and great to have the code and images! But it could benefit from breaking apart the code and explaining what it does more, as well as ending with See Also and References sections. Great to have the TOC.”

SharePoint 2010 / 2013 Technical Guru – May 2016

Dan Christian

How to build a custom report for SharePoint Server lists, libraries or sites

John Naguib: “Great one well done”
Margriet Bruggeman: “Great article with not only text, but also images and videos to make this very user friendly.”
Hezequias Vasconcelos: “Great article. Content technical good. Well detailed, great of attached reference materials. Excellent technical guide.”
Ed Price: “Fantastically thorough, with great images and explanations, and once again, your YouTube videos just blow me away, with how well they help tell the story and are integrated into the article like this! It’s a true art form!”

Waqas Sarwar

SharePoint 2016 How to Change SuitBar’s Text PowerShell

Hezequias Vasconcelos: “Good content new platform SharePoint 2016. great scripts and well distributed in the Shell”
Ed Price: “Short and sweet! Fantastic scenario. It could use more references and links to other Wiki articles.”

Vivek JAGGA

Alternative Solutions to the Deprecated Features in SharePoint 2016

Ed Price: “I love how you’re very clear at the front of this article (as an overview) and then dig deeper into the specifics. Good references at the end.”
John Naguib: “Nice article you can add also the development area”
Margriet Bruggeman: “Useful article with good alternatives. “

Small Basic Technical Guru – May 2016

Philip Munts

Small Basic: Simpler and Cheaper Raspberry Pi GPIO

Michiel Van Hoorn: “This is really Awesome (see also the original article). It opens up Small Basic to the real world. ”
Ed Price: “Building off his Raspberry Pi article, this article does an amazing job of digging deeper and showing you more options, such as Raspberry Pi Zero.”

Nonki Takahashi

Small Basic: Image

Michiel Van Hoorn: “Really cool overview of working with Images (like photos) in SmallBasic. We good topic to inspire programming”
Ed Price: “Very thorough end to end overview of using Images!”

SQL BI and Power BI Technical Guru – May 2016

Greg Deckler

Good Ol’ VLOOKUP – The Ultimate Guide to Lookups in Power BI

PT: “Quite a valuable and well-written article. Thank you for the extensive coverage of various lookup techniques.”
RB: “Interesting comparison of the lookup techniques available within Power BI.”

Anil Maharjan

How to find a Calculated Measure and Calculated Dimension within a particular cube

PT: “This submission a very brief and just mentions a little information that is common knowledge and easily discovered with a simple web search.”
RB: “Interesting tip, a screen dump of the result with all the columns would have been great.”

SQL Server General and Database Engine Technical Guru – May 2016

Chervine

Stretching SQL Server 2016 tables to the Azure Cloud

JS: “Great article, your explanations and samples are spot on.”
Ed Price: “Super valuable scenario! Love the diagram, code snippets, and screen shots!”

Shanky

What Does Fragmentation Means In a Heap Table In SQL Server

Ed Price: “Very thorough! Great references at the end.”

System Center Technical Guru – May 2016

vishwanatham sridhar

SCOM Connector Design prototype

Ed Price: “Great scenario with some helpful reference links!”

Anders Rodland

SCCM 2012 R2 step-by-step: upgrade of SP1 to current branch – Step by Step

Ed Price: “Missing the images. Very thorough steps! Great use of the TOC. Could benefit from references.”

Anders Rodland

System Center Configuration Manager Build Numbers

Ed Price: “Good collection of builds and KBs!”

Transact-SQL Technical Guru – May 2016

Universal Windows Apps Technical Guru – May 2016

Namrah Khurram

Traffic Lights Simulation via LEDs on Raspberry Pi

TGN: “Man this is cool. Good information and well structured. well I’m impresses Namrah!”
Ed Price: “A cool scenario that’s masterfully explained! The code has great formatting. It could benefit from See Also and References sections at the end.”

Manuel Cota

“DrawIndexedInstanced and the Concepts behind a Home-Made Game Engine”

Ed Price: “It could benefit from a TOC at the top and from See Also and References sections at the bottom, but I love how this breaks down the code and explains everything in depth! Great use of diagrams!”
TGN: “I learned a lot from this article. Well done, thanks for sharing!”

Sajid Ali Khan

UWP: Things Required To Do Right After Creation of New Project

Ed Price: “Great use of images and good References section at the end! I love how the code is both on GitHub and MSDN Gallery and how the download links are given!”
TGN: “This can help a lot of people, my favourite this month! Thanks for sharing Sajid”

Visual C# Technical Guru – May 2016

Emiliano Musso

Entity Framework Introduction using C#, part I

Ed Price: “This is a masterful article, It’s thoroughly broken down, and it leverages images, great code formatting, and even a download and an Italian language version at the end!”
Jaliya Udagedara: “Great article with step by step explanation. If you are a newbie to EF, read this one article which will cover most of the basics. And you can download the sample code from MSDN Code Gallery.”
Carmelo La Monica: “Good and very impressive article, it explain in all parts Entity Framework 7, i attend second part “

SYEDSHANU

MVC ASP.NET Identity customizing for adding profile image

Carmelo La Monica: “Very good expression, good images and very detailed in all parts.”
Ed Price: “Very thorough steps! Great scenario!”
Jaliya Udagedara: “Good article explaining how you can manage your profile picture with a ASP.NET MVC application. Sample code is available in MSDN Code Gallery.”

Wiki and Portals Technical Guru – May 2016

Peter Geelen

Wiki: Fixing table layout (table right side off page)

Richard Mueller: “Great information that will help a great deal to fix tables in the Wiki. Good use of Wiki guidelines.”
Ed Price: “This is a fantastic solution from Peter!”

Windows PowerShell Technical Guru – May 2016

Matt McNabb

Office 365: How to Manager User License Lifecycle with PowerShell

Ed Price: “Wow! Great description of these steps, and it ends well with several other links to dig into!”
Richard Mueller: “Good TOC. An excellent idea to code this and overcome limitations. This should be very useful.”

Arleta Wanat

SharePoint Online: Get all checked-out files using Powershell

Richard Mueller: “Good headings and TOC. Good ideas and well explained.”
Ed Price: “Great scenario and use of PowerShell code!”

Windows Server Technical Guru – May 2016

Kia Zhi Tang (Ryen Tang)

Nano Server: Using New-NanoServerImage with Show-Command to deploy Nano Server

Mark Parris: “Excellent article on the deployment of Nano server. ”
JM: “This is an excellent article on building a new Nano Server, thanks for your contribution!”
Richard Mueller: “Good use of Wiki guidelines, with even horizontal rules and Return to top links. Show-Command is a very interesting feature I like a lot. Good references.”

Thanks in advance!
Pete Laker

#PEJL
Got any nice code? If you invest time in coding an elegant, novel or impressive answer on MSDN forums, why not copy it over toTechNet Wiki, for future generations to benefit from! You'll never get archived again, and you could win weekly awards!

Have you got what it takes o become this month's TechNet Technical Guru? Join a long list of well known community big hitters, show your knowledge and prowess in your favoured technologies!

↧

Any suggestions for a dedicated OU for Security Groups in AD (Role based access)

July 29, 2016, 8:11 pm

≫ Next: certificate template could not be loaded. element not found

≪ Previous: Windows Server Gurus needed for July!

I'm trying to think of an easy way without being over-complicated, to organize OU in AD to manage security groups.
Here's what I'm looking at now:

Then other OU's not nested that are for Departments/users/computers.

Does anyone else organize similar to that?
The idea of Groups > Access > File > Servers, would be that I create a security group called something like "ACL_Server1_inetpub_write", and then add that group to have write access to C:\inetpub on "Server1".
Versus giving a user local Admin rights entirely to Server1
Then I could have a Role Group called "Server1 Web Editors", which would be a member of ACL_Server1_inetpub_write.
Am I over-complicating Role Based Access, given this idea, OU structure and naming convention?
I got the idea from this video "Role-Based Management Extreme Makeover for Active Directory"

↧

certificate template could not be loaded. element not found

July 30, 2016, 1:39 pm

≫ Next: GPO -Default firewall policies for desktops

≪ Previous: Any suggestions for a dedicated OU for Security Groups in AD (Role based access)

I try Migrate the CA to a New Host via guide line at https://technet.microsoft.com/en-us/library/cc742388%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

I Restore and change host successful, but i can't to grant permission for Public Key Services (AIA, CDP) Computer CA. When I open Wizard CA access Certificate Template recive error "certificate template could not be loaded. element not found".

Please guide to me fix error!

↧

GPO -Default firewall policies for desktops

July 30, 2016, 6:14 pm

≫ Next: AD Migration using ADMT 3.2 & Dell Quest

≪ Previous: certificate template could not be loaded. element not found

Hi Darren,

I have 2008 r2 DC's and windows 7 and other desktops.

my queries are.

when i create a GPO,found advace firewall policy is not enabled ( i have checked on the dc windows Firewall is service not started) and also on the other dcs too windows firewall service is disabled.

My queries to you.

NB:nvironment is prod.

1. what happens when i enabled windows firewall service on DC where am creating and deploying GPO.

2. what are the affects of starting windows firewall services on the DC.( as environment is already a Producation)

and not sure about what is exisitng n/w firewall etc.

3. is it necessary to start windows firewall policy on all DC to enable GPO for windows firewall default policy to desktops/

4.what exactly are prechange requirements like n/w team.application team before testing on 2 desktops OU which is on production environment.

please let me know you experience on the same and please share it banavalg@yahoo.com

↧

AD Migration using ADMT 3.2 & Dell Quest

July 21, 2016, 12:19 am

≫ Next: ADFS Proxy Configure without DMZ

≪ Previous: GPO -Default firewall policies for desktops

Hi,

I was planing to use ADMT & Dell quest as a migration tool as ADMT 3.1 is not available & ADMT 3.2 does not support server 2000.

& the cost of Dell quest is very high so a balance of both will let me migrate with in the cost limits.

The client will be upgrading server 2000 after migration as project to project bases. I did not find any work around using both the tools & suggestion for migration.

Regards,

Sntsh.

↧

ADFS Proxy Configure without DMZ

July 31, 2016, 3:31 pm

≫ Next: PLEASE HELP!! DC Unable to open Active Directory?? Any Help appreciated.

≪ Previous: AD Migration using ADMT 3.2 & Dell Quest

Hi,

I have setup ADFS in my domain, federated my users to use SSO for accessing Office365, now I need to install/configure ADFS proxy server and expose it to Internet to let my domain users access Office365 from internet, however I need to do this without DMZ.

So can anyone guide through this? I have also heard that you cannot use SSO Externally, is it true?

↧

PLEASE HELP!! DC Unable to open Active Directory?? Any Help appreciated.

July 31, 2016, 3:03 pm

≫ Next: Distribution Group (Accept Messages from - Permission)

≪ Previous: ADFS Proxy Configure without DMZ

Hi,

I currently have 3 Domain Controllers within my Domain. Each is located at a different site with a site-to-site VPN connecting them. DC1 and DC2 are able to replicate their DNS records and AD DS information fine. However, Domain Contoller 3 appears to be unable to do anything other than host DHCP role.

When trying to open DNS MMC it comes up with a console asking me to 'Connect to a DNS Server' and when i click 'this computer' i get a message saying 'access is denied. Would you like to add it anyway?'. If i choose to add it anyway it opens the DNS MMC but DC3 has a red symbol over it looking like a 'no-entry' sign. Trying to do anything else appears to be greyed out and i only have 'Global Logs' and DNS Events under the tree.

In the events log i have error after error saying the following 'The DNS server was unable to open Active Directory. This DNS ever is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that AD is functioning properly and reload it.

When opening Active Directory Administrative Centre i get an error message saying 'Cannot connect to any domain. Refresh or try again when connection is available.'

I have been advised to demote this as a domain controller but when trying to do this i get 'An error occurred. DFS Replication: The target principal name is incorrect.'

Sorry to ramble on but i am really confused with this whole process. I am unable to gain access to the physical site so re-installing server 2012 from scratch is not an option for me. Any help or suggestions would be greatly appreciated.

Thanks in advance

↧

Distribution Group (Accept Messages from - Permission)

August 1, 2016, 12:55 am

≫ Next: Getting "The replication operation was preempted."

≪ Previous: PLEASE HELP!! DC Unable to open Active Directory?? Any Help appreciated.

Hello,

I have a requirement to apply the Accept Messages from permission on few of the distribution groups, but the ask is if the organizational structure is having few nested distribution groups as the members. How can we make sure that the permission shall be applied to the nested groups as well.

Scenario Example-

Distribution Group A - Can accept messages from AA User

Distribution Group B(Its a member of Distribution Group A) - Can accept messages from BB User

When, we send message to Distribution Group A from AA user, it won't be delivered to members of Distribution Group B even if it is a member of Distribution Group A.

Regards,
Manuj Khurana

↧