Need an ADUC Custom Query for thumbnailphoto = null
I need to find a way to query AD for users who's thumbnailphoto attribute is blank and then output this to a report. I'm sure I could do this with a custom ADUC query but the following string doesn't...
View ArticleActive Directory 2008 R2 Disaster Recovery Fail
Hi,I am trying to recover one of our Active Directory 2008 R2 Servers for DR purposes. I need to be able to restore Active Directory to different hardware.I have 2 x 2008 R2 AD servers on my network,...
View Articlesource NTP DC name in windwos 2003
I am running below commands in wndows 2003 to get the sourc NTP server name but not gettng source dc name of remote server aslow32tm /query /sourcenet time /querysntp
View ArticlePDC emulator force transfer
Suppose we are talking about Win 2008 R2.Suppose DC1 is running as PDC emulator.I turn off DC1.I start DC2. In DC2, I open ADUC. Then I do a force transfer of role PDC emulator to DC2.How do I transfer...
View ArticleName changes in AD not updating in ADUC?
Hi, Why is it that changing a users last name for example from within its properties does not reflect in ADUC immedaitely but using the 'rename' process reflect that change. Thanks
View ArticleAutomatically Add Users to a Security Group
Hi!Is it possible to automatically add current and new domain users from a particular OU to a security group in windows 2003 Domain?Thanks.
View ArticleWhat is the difference between replication of Sysvol and NTDS.dit database
Hi,What is the difference between Sysvol replication and NTDS.dit replication? I assume sysvol uses FRS/DFS to replicate GP, logon scripts etc between DC's and i can see that NTDS replication occurs...
View ArticleTrying to locate the last Logged on User of a computer within a domain...
Hello All, So far this is what I've come up with dsquery * "OU=Workstations,OU=XXX,OU=XXX,OU=XXX,OU=XXX,DC=XXX,DC=XXX,DC=XXX,DC=XXX" -filter...
View ArticleADSS site servers container corruption
Hi,I recently demoted a troublesome 2003 SP1 DC from AD. There was left a 2008 R2 DC in the same site, however, when i go to ADSS and into that one specific site from any DC now, i get the error "Data...
View ArticleActive directory changes back over night
I have this problems, that i change the user’s password, but the next day it have change back to the old password.I remember that i have this problems early on some other systems, but can’t seem to...
View ArticleCertificate Authentication using SASL EXTERNAL connection via SSL fails
We are integrating an OpenSSL JAVA application with Active Directory 2003 Ent SP2. The connection method we are attempting to use is SASL with the authentication method being set to EXTERNAL. Our...
View ArticleAD one-time use password
Is there a function in AD 2003, or 2008, to allow one-time use passwords for admins to log into machines as a specific user without changing that users password? There are many times I need to log in...
View ArticleAuthentication issues after DCPromo of the first 2008r2 server?
Hi,I am in the middle of the 2003->2008r2 upgrade. Creating new VMs for new DC but keeping the same forest and child domains.Already forestpreped and domainpreped everything. Installed DCs in the...
View Articlehow to split domains
Hi all,I've a forest with two domain, let's say DOM_A and DOM_B. Is it possible to split the forest so I've two separate single-domain-forest?
View ArticleDomain Controller not replicating and unable to open ADUC/ADsite/DNS MMC console
We got strange errors on one of our W2K8R2+SP1 domain controllers. The DC had been up and running over a year. It stopped AD replication yesterday and ADUC/ADsite/DNS consoles were unable to open...
View ArticleActive Directory Extended Attributes
Hi,I have created new extended attributes in Active directory and linked them with user class, however from my c# code I couldn’t be able to access them. Here is the snippet of the code. Do I need to...
View ArticleClik here to view.
User's failed to login after setting "user must change password at next logon"
Hi: In our Active Directory environment, any new AD user who has "user must change password at next logon" , cannot login to the domain, the strange thing is when the AD user attempted to login ,...
View ArticleActive Directory Domain Design
We need to create a Windows domain/tree/forest that can/will utilize the following:4 different secure rooms (Room A, Room B, Room C, Room D)1 to 3 servers (2003 R2) that can be utilized (if needed or...
View ArticleActive Directory issues demoting Domain Controllers
Hi, i have a Forest with 1 root Domain and several child Domains.I administer 2 of the child Domains and i can't demote any DC on this Domains.When i try to demote them i got the error:Active...
View ArticleDomain controller: LDAP server signing
Hi,It is possible to know exactly the impact when enabling the following option in the Default Domain GPO:- Domain controller: LDAP server signingThanks
View Article