All servers/PCs either have trust domain issues or cannot contact a DC
I was helping a friend who has a small business. The guys that upgraded her server really did a bad job. The new DC that was supposed to be the primary and only DC had a lot of errors. I fixed a lot of...
View ArticleIdentify Root, Child & Tree Domain
Recently I got a document on an existing Ad Infra. In that it is told, Ad consists of single forest - one root domain and 2 child domain.How can I verify this from Ad consoles,
View ArticleAllocating static ports & restricting RPC port range
I want to allocate static ports for Netlogon and FRS, but also want to allow for administrator-defined static ports for other apps running on domain controllers. If we allocate a random high port to be...
View ArticleQuery on Group Managed Service Accounts creation
Hi,Can anyone please clarify my query.I have to create GMSA in the name of "account123$"The above said gMSA account need to be configured onserver A& Server B.I have crated a group called "Test...
View ArticleCopy ADLDS entry with password
Hello,As I am aware that we can't export userpassword (not even hash) from ADLDS.Is Microsoft provide any API/solution so we can copy ADLDS entry to another ADLDS instances (Including user...
View ArticleChanging AD DC & Exchange IP addresses
Hi,I am looking out for proper steps to change AD Domain controller & Exchange server IP addresses.Regards.
View Articlerename AD user property Assistant
Hi I need help in modifying existing AD user properties in AD. At present AD user attribute Assistant is blank n we have requirement to modify this AD attribute with display name as "Category".Is it...
View ArticleReplication
hi All,From last few days I am observing a below line after completing the replication. We are promoting our Domain controllers from Windows 2008 r2 to Windows 2012 r2.58 -...
View ArticleWhat causes a lastlogontimestamp attribute upate on an expired account ?
Hello, I saw this question / issue several time but couldn´t find the explanation. User needs to change their password every 30 days (no Fine-Grained Password Policy). I have an user object with an...
View ArticleChange Username Displayed at Logon from sAMAccountName to userPrincipalName /...
Hi,This is related to WebsitePanel, but I guess the configuration changes are in AD for this issue, so I hope you can help me out...In WebsitePanel, when a Username Format is configured with OrgID,...
View ArticleAttribute missing from some AD users and does not show for any new users created
I have several user accounts in AD that are missing the 'proxy address' attribute and any new user created does not get that attribute. We are in a Windows 2008 R2 domain. This attribute was present...
View ArticleMultiple Domains with different subnets in the same forest
Is is possible to have two domains in one forest that have different subnets?For examplea.local (10.20.0.1/24) b.local (10.30.0.1/16)Thanks
View ArticleACtive Directory Security Structure
I work in a large organization and in the process of re-designing our Active Directory Security. I was hoping to get a few ideas on what has worked well and what has not worked well within other large...
View ArticleSMTP site link - AD sites and services
Hey everyone,Does deleting an SMTP site link from AD sites and services break anything. I know DCs use IP site links and I'm not sure how the SMTP site link got created. If I delete it and something...
View ArticleDomain Controller Continually Stopping and Restarting Time Service Advertising
I have a domain controller which stops and restarts advertising as a time source four times a day. The Event ID 142 (stopping) is immediately followed by a Event ID 139 (starting). The PDC is located...
View ArticleuidNumber and gidNumber - Dependency
Hi All,Any information related to uidNumber and gidNumber usage in Active Directory is much appreciated. Thanks in advance for your help!Here are my queries1. Are there any known applications/products...
View ArticleDCDIAG - LDAP Error 0x5e (94) - VerifyEnterpriseReferences
Hello,We are preparing to run ADPREP against our Windows Server 2008 R2 domain in preparation to allow Windows Server 2012 R2 domain controllers.In the process, I discovered this from our DCDIAG...
View ArticleSites and services over VPN / File access
Hello allThank you for reading my post firstly.I am working on a very simple site setup. One head office, one branch, connected with a site to site VPN. Networks (HO 192.168.1.0/24) (BO...
View ArticleCreating local groups on clients using security groups from different domains
I have two domains - Domain A and Domain B. Domain A trusts Domain B. This is a one way trust.Users from domain B can log into client machines that are in Domain A. This works fine.I have a requirement...
View ArticleError: DNS server: Broken delegated domain
Hiin a Windows 2012 environment on all DCs, I ran dcdiag/test:dns and I get these delegation errors.......Running partition tests on : JSSResearchRunning enterprise tests on : JSSResearch.localStarting...
View Article