LDAP over SSL ... enabling support.
Hello,I have to enable support for LDAP over SSL and it requires a cert.I can't buy 3rd party since domain is .local ...I was planing to use following guide, any concerns about it .... how minimize...
View ArticleMove ISTG to another DC
Hi,We have to demote the current ISTG and replaced it by new domain controller.what's the best practice to perform this migration without any issue on replication topology
View ArticleAdditional Domain Controller is not authenticating when Primary Domain...
Hi,I have a Primary Domain Controller and Secondary Domain controller. The problem is that when Primary Domain Controllers goes down, Secondary Domain Controller does not authenticate the users.I've an...
View ArticleDFS and roaming profiles and home folders
Guys,When in a DFS environment, how should i create roaming profiles and home folders ? Anyone who has a decent tutorial for that?I dont think it would be wise to let the profiles be synced. The...
View ArticleDelegation for user
3) Take the security group "TestGroup" and add it to the created OU "TestOU". The only security rights i want "TestGroup" to have is the following: Create User Objects Delete user Objects Apply to:...
View ArticleDemote a PDC to CDC without breaking trust relationship between clients and DC
I have a network in which there is 1 PDC, 2 clients in a virtual environment. I want this PDC to become CDC of another DC in different forest without breaking any trust relationship between clients and...
View ArticleKerberos Error after remote Cluster-Aware Updating
I installed a Window 2012 R2 Failover Cluster in order to virtualize servers with Hyper-V. Both physical servers of the cluster are namedSRV-SAN01 and SRV-SAN02 and were installed usingWin2012 R2...
View ArticleUpgrade AD
Hi,We have One domain and which has 10 DC with mix of windows 2008r2, windows 2012 and windows 2016. The current domain functional level is windows 2008 r2. All FSMO rolls are on windows 2008r2 server....
View ArticleAD domain consolidation\Restructuring.
Hi Team,We are in the process of AD domain consolidation\restructuring, I want to know from first to last what are the things that I need to consider, any response would be of great helpThanks in...
View ArticleRename a Domain Joined Computer
i've created an OU higharcy and delegated access to a group with full control over all objects and descendant objects. Why cant a member of the group with delegated access rename a domain joined...
View ArticleAD lookup not using domain in 1809
Most of my users upgraded to 1809 in the last week or two and now they are having issues with network resources. The symptom is an active directory user (Scanner) can no longer access their shared...
View ArticleDistinguished Name limit ??
Greetings,First of all, sorry, english is not my mother tongue.In my company, we are currently preparing an AD migration from a domain to another. The other domain is available and i'm preparing the...
View ArticleChange NTDS and sysvol path
Hi, We have to move the sysvol and ntds file to new location on some domain controllers to have the same path. what's the best practice to achieve the target new path?
View ArticleFSMO Transfer Roles automatic
Hi All,I have 3 Domain controller under ABC.COM. All the five roles in DC1, DC2,DC3 additional domain controller. My requirement and query is when the DC1 is down due some failure. All FSMO roles need...
View ArticleUpgrading from Windows Server 2008 r2 to Windows Server 2016
Hi,I know you can't do a direct upgrade from 2008 to 2016 so it will be a step upgrade via 2012. However do i need to purchase a full version of 2012 for the sake of a couple hours or can i use the...
View ArticleForest migration and O365 users
Hi all,So here's my question.Forest A = Current forest which is connected to O365Forest B = Forest of the new company.We had a new acquisition recently so the idea is to move users from forest B to our...
View ArticleConnecting to an AD LDS SSL defined host remotely using LDP.exe
I have configured a Windows 2016 system with an AD LDS role, SSL enabled it and am trying to do some additional verifcation of the environment. I have a defined account within the directory that is...
View ArticleWindows domain controller taking about 60 minutes to logon when powered on in...
We replicate a number of vital PROD servers to our DR site and are having a major issue. In the DR site, there is a domain controller (not the PDC) which syncs with the domain controllers in the PROD...
View ArticleWindows Server Applocker blocks google chrome
Hi. I have created AppLocker rules. the rule constitute 4 rules all allow published apps by adobe, WinRAR, Microsoft and googlechrome. Actually all apps works as expected except google chrome. Although...
View ArticleUser can edit object on RODC server
I new install RODC. then assign to UserA.This RODC do not enable DNS and GC.When I access to RODC via UserA. In ADUC can change DC to RWDC. then UserA can modify "member of".if ADUC connect to RODC,...
View Article