Join two different active directories in one
Hi,I have two different domains and the CIO is thinking to join both domains in one, with a different name of these.I would like to know the advantages and disadvantages of this and, how to do the...
View ArticleSPN management of Managed Service Accounts
Hi, Managed Service Accounts has two main benefits, first, simplified password management (so clear), and the second one, SPN management. Exactly (an overview description will be enough), what are the...
View ArticleUpdate AD-User Group-Membership for "offline" Notebooks
The Environement: I have a notebook in active directory and a domain user. The connection to DC is only available after the login process (when the WLAN-connection is established). This give us some...
View ArticleForest Wide DNS Zone
If I make a DNS Zone forest wide, would all the DC in the forest be able to edit the DNS zone.
View ArticleBitlocker - permission for deleting computer with bitlocker key
Hello, I'm in process of delegating permissions in our Active Directory. I found problem when i try delete computer with bitlocker key using non-Domain Admin account. It's not possible, I got error...
View ArticleClik here to view.
adprep /domainprep error 0x208d
Hi,I need to replace my current DC with new one and I want to degrade current DC to backup (second DC).My current DC is: - Windows 2003 SP2 x86, language: PL - Domain functional Level: 2003 - Forest...
View ArticleClik here to view.
Moving from 2008DC to 2012DC
Hello, have a few questions regarding moving from a 2008DC to a 2012DC. This is my first time adding/replacing DCs, so trying to make sure I have taken care of everything.What I've done so far:Built...
View Articledcpromo remove domain controller 2008 R2 fails - could not transfer the...
Most Domain Controllers are now Windows 2012 Forest and Domain functional level is Windows 2008 R2---Trying to dcpromo a Windows 2008 R2 domain controller down to member server and during dcpromo got a...
View ArticlesIDHistory for groups
In Microsoft Forum, They Put SID for Groups object will not change. If it is so, why they included sIDHistory attribute in the groups properties?Reference:...
View ArticleThe security database on the server does not have a computer account for this...
This problems exists in the below Environment ForestA, has been around awhile, has one domain Called DomainQ ForestC, is new, has one domain called DomainR ForestC has a one way transitive trust to...
View ArticleAD site to forest ws 2012
Hello,I have one new forest and site up and running.this single site has one DC (ws 2012) with AD, DHCP, DNS, file, AC CA. Direct access and vpn (wizard walkthrough and working) with subnet 10.10.0.0 /...
View ArticleAD LDS windows principal fails to authenticate with ADSI Edit
I have created and LDS standalone instance (on a box not in a domain) and am able to authenticate LDS native users with a simple bind using ldp.exe 3.0 or my app. Now I have added windows principal...
View ArticleNetlogon and sysvol folder share error
Hi,We have a domain, and 3 domain controllers. and all DCs are Windows Server 2012 OS.DC01 and DC02 are in one site and DC03 is in another site. DC02 is a role box on DC03 we are getting below error...
View ArticleDNS on 2008 r2
Have creatd a standalone server , added a couple of primary zones, but I can't get this to reslove anything but 'A' records. Nothing like MX records come back. All that is returned are a list of root...
View ArticleChild Domain vs Trust Relationship
So here is the scenario- We are in the process of centralizing IT to a data center in a single location. I currently have 12 different operating companies that need a shared security and exchange...
View ArticleActive Directory questions
What happens when an active directory server were to get turned off by accident for 6 months. After 6 months the DC get turned back on and it is out of sync from the other DCs. Since it is passed the...
View ArticleEvent ID 1168, ActiveDirectory_DomainService Any suggestions?
Internal error: An Active Directory Domain Service error has occurred.Additional DataError value (decimal):-1032Error value (hex):fffffbf8Internal ID:160207ceTask Category: Internal ProcessingThe error...
View ArticleHow to Enable the Check box "Allow inheritable permissions from parent to...
I have to enable the Check Box in Active Directory 2008 R2, "Allow inheritable permissions from parent to propagate to this object" on all Users of about 300.We have about 50 OUs.I try to apply the...
View ArticleProblems creating a child domain - Verification of outbound replication failed
Hello,I have seen other threads relating to this issue, but nothing has yet solved my problem.All my servers are Windows Server 2012So far, I have a DC for Domain.co.ukI am trying to create the child...
View ArticleServer 2012 restrict active directory dynamic ports
Hello,Has anyone encountered issues with restricting the Active Directory dynamic ports for Netlogon and NTDS in Server 2012? I have followed the added the typical registry entries as described below...
View Article