Why I can't install a new domain in a new forest?
I try to install Active Directory & DNS on Windows 2003 in silent mode.I want a new domain in a new forest. the win2k3 will be the DC, it is the root node. My answer file...
View Articlehow do I find "delegated rights" assigned to Groups and Users
Hello,I have been asked to manage a customer domain and document the rights/permissions assigned to users and groups. I could gather the information which are pretty straight forward such as Users in...
View ArticleMultiple A records for Domain Controller on AD integrated DNS Zone
Hi All,We have two domains and single forest for our clients. Both the Forest and Domain functional levels are 2008 R2. Both the parent and chield domains are with AD integrated DNS zones. More then...
View ArticleView delegate report & revoke back?
Greetings all,I'd like to check for delegation permission for user/group in AD.Let say previous admin has assigned delegate permission to security group HelpDesk to reset user password.I would like to...
View ArticleLogon Scripts and AD 2008r2
I just migrated an old 2000 AD to 2008r2 and it turns out there was a logon script which mapped a bunch of drives and loaded explorer automatically pointing to the company intranet. Users...
View ArticleActive Directory Web was unable to determine if the computer is a global...
My my domain, only the Win2008 R2 is a DC. Now has the problem mentioned in title.in Event log, can see Event ID: 1206, Source: ADWS.How can fix it?Thanks,yxh
View ArticleAdmins sporadically getting "You do not have sufficient privileges to delete...
We've been getting a handful of calls lately from our Network Admins complaining that they can't delete computer accounts.The get an Active Directory dialog box that states that they are a loser..."You...
View ArticleLDAP search capabality attribute error
Hello, I have the following problem. We are using a server 2008R2 this server has the follwing roles/features installed:Directory services DNS Exchange serverThe servers IP is 172.20.x.x, in the past...
View ArticleActive directory changes back over night
I have this problems, that i change the user’s password, but the next day it have change back to the old password.I remember that i have this problems early on some other systems, but can’t seem to...
View ArticleRun adprep32.exe /forestprep never finnish, never display any output
HI, everyone i read a lot of articles having the same problem and they could correct all their problems. but i can't.i execute schupgr and i got this:C:\WINNT\Profiles\mlopez>schupgr Opened...
View ArticleIs an Event ID for a completed Domain Controller promotion logged on the PDC?
Hello,Does an Event ID for the successful promotion of any Domain Controller into the Forest/Domain get logged in the Security/System/Application event log on the PDC FSMO role server? If so, what is...
View ArticleAD snapshot or Backup?
Hi AllWith regards to protecting my ad settings I wondering what the most effecient & easiest way is.Im concerned that if AD goes spastic for some weird reason or if another user does something...
View ArticleCustom ADUC MMC
Hi i have created a custom MMC so users can add or remove users from groups.The problem is that when they open the AD group, they can also double click on the user and see all his settings (not change...
View ArticleForest Trust / External Trust - Which one to choose?
Hello,I've two individual forest level domain named "Domain A" and "Domain B". I deployed SCOM 2012 on "Domain B". I created a Stub-Zones on both Domains. Both forest domains are in two different...
View ArticleIs it safe to move Active Directory objects when there is no gpo linked to...
Hi! I have a real mess in one Active Directory. I have distribution groups, security groups (domain local, global, universal), security groups with email address associated with it, users, users for...
View ArticleMultiple Active directory issues.
I have 4 sites in my domain.Out of 4, 2 sites are ghost sites which don't have any DCs. But in 2 sites I have 9 domain controllers.My concerns are below:1: what is ghost site and what is use of...
View ArticleIs it possible to SAML enable Sharepoint 2010 without ADFS or custom code?
I would like to integrate my IdP with Sharepoint 2010 using SP's native support for WS-Fed. When I look at the SSO from ADFS to SP it seems like its just a SAML assertion wrapped in a WS-Trust...
View Articlenested group membership design question
I have several divisional file shares. Within each of those file shares is a folder for every department. I want to make a security group for accessing each department folder. I also have a divisional...
View ArticleAccessing shares across non-trusted domains
Workstation 1 is in domain A Server is in domain BThere is full network connectivity between both just no domain trust. UserA has the exact same username and password in domains A and B and can access...
View Articleuse adaminstall and install from dsdbutil backup file
I am using adaminstall.exe with advanced switch'adaminstall.exe /adv' to install a adlds replica from a backup.the backup is a dsdbutil backup ( ifw create new backupfile )I want to verify that the...
View Article