Create a subdomaing on active directory
Hello guys. I do not have too much experience on this area, we are using Windows server 2008 Standard, I have an active directory, our domain is xxxx.ed.cr, everything is working fine, mx records are...
View ArticleWhy do machines touch Domain Controllers across the WAN rather than local
In trying to determine cause of slow file transfer (1.0-1.5 meg rate w\~50ms latency on 300 meg pipe), we found that machines were touching domain controllers on the other side of the WAN. How can I...
View ArticleDC Demoted, now issues siezing roles. AD Broken.
Hello, I've taken ownership of yet another troubled network. This time, the issue is that the server 2012 domain controller was expereincing hardware failure. I set up another Server 2012 machine,...
View ArticleNativeObject is not shown in ADSIedit
Why nativeObject propperty is not shown in ADSIedit? It is because I am able to query out the nativeObject property but the result show no value.From some research, can I conclude that NativeObject...
View ArticleLDAP over ssl
After 6/11/2014 Microsoft patch push, my two Windows 2008 R2 domain controllers are no longer allowing LDAP over SSL connections in fact the LDAPs port 636 is not showing up when a netstat -n -p tcp is...
View ArticleActive Vs Passive Authentication (WS Federation vs WS Trust)
Hi All,I have been reading about WS-Federation and WS-Trust for SSO recently and need someone to help make it clear to me please.So far, what I know is that passive clients are those who do not have...
View ArticleDelegate Ad users only installation rights on client Machines.........
Hi Everyone,I want to delegate a Ad user to only install/ Uninstall rights?... Is it possible? Please help....Thanks and RegardsPrasad kambar
View ArticleNetlogon log doesn't log bad password (0xC000006A)
Hello,I have setup my lab with a 2008 r2 DC and Windows 7 client.Enabled netlogon log on both, (nltest /dbflag:0x2080FFFF), restarted both machines.Tested with few wrong password, and then checked...
View ArticleIncorrect site being assigned after link change
Hi,Can anyone help with this please?We have several sites in AD, each physical site has a dc, except for the 'main' site which has gcs & ms. At each site the dc is providing dhcp.Subnets...
View ArticleAD FS Server 2012 R2 Question
HiI have setup ADFS on 2012R2 with a Web Application Proxy Server (WAP). I have published 2 apps. 1. Claims based app - works fine2. Non-claims app - Kerberos in IIS to a standard websiteOn the non...
View ArticleCannot Add/Remove users from unix tab in ADUC due to NIS domain
Recently I noted that one of our universal security groups will no longer allow me to add or remove users from it's unix tab. The error I receive when attempting to do this is:"All the member(s) of...
View ArticleForwarders in DNS error
Hello, We have 2 servers with integrated AD in MS Windows 2008 R2. I am getting an error that more than one forwarding server should be configured. the servers are: dc4 (10.10.250.6) core4...
View Article_msdcs.domain.com ERROR
Hello, We are getting this error:"zone_msdcs.domain.com is an AD integrated DNS zone and must be available"Have only two DC's and both running on MS windows 2008 r2 What can I do to fix this? Thanks.
View Articlemsfve-RecoveryPassword with Get-ADObject
Hi all! I have an odd issue regarding the use of the Get-ADObject Powershell cmdlet to retrieve Bitlocker recovery passwords in AD. I recently wrote a function that outputs some Bitlocker information...
View ArticleForcing replication with Powershell
I'm working on a script that I can run to force replication between all DCs in my domain. The script works great and replicates all of the partitions. What I'd like is to modify the script so will only...
View ArticleEvent id 29, 6 and 13 errors related to RPC server unavailable
HiI have a forest with a child domain. In the forest is our CA and the there is a enterprise subordinate CA on the child domain. I'm trying to get a Domain controler certificate for a DC of the child...
View ArticleDFSR - This member is waiting for initial replication for replicated folder...
Yesterday we were forced to perform a non-authoritative sync of the SYSVOL folder as replication had stopped because one of the DCs had been disconnected from it's replication partner for more than 60...
View ArticleEvent ID 5141 and 4662. DNS entry for DC getting deleted by System
All,Been trying to track down why a static DNS entry in an AD Integrated DNS zone keeps being deleted by the "System".The entry is for the 2nd of two DC's. It is not a FSMO role holder.If I drill down...
View ArticleActiveDirectory_DomainService EventID 1481 Error
Dear All,First of all: please apologize my weak EnglishI had a few strange warnings on internal processing yesterday in the directory service Eventlog on a RODC (2K8) in our branch office. After some...
View ArticleNativeObject is not shown in ADSIedit
Why nativeObject propperty is not shown in ADSIedit? It is because I am able to query out the nativeObject property but the result show no value.From some research, can I conclude that NativeObject...
View Article
