Users able to logon with a wrong or no domain name
Users are able to logon without specifying domain name or specify foo domain name. It defaults to our actual domain name. We checked that the defualt domain policy is disabled.How do we change AD...
View ArticleInitial build of forest/domain on 2012 server - However No DNS records under...
Hi this is my first windows 2012 domain controller and I am creating a new domain, new forest (both 2008 R2 functional level)- it promotes ok , There are no member servers as they cannot join as there...
View ArticleAuthentication Timeout on Invalid Password
Hi, We have a problem with a couple of our DCs that are no longer returning the correct error message on an invalid password attempt (invalid username is fine). Working DCs are returning...
View ArticleWhere Is NT AUTHORITY\Network Service
I need to add NT AUTHORITY\Network Service to a security group. However, I can't find NT AUTHORITY\Network Service anywhere. On SBS2008 I am looking in all foders for "Active Directory Users and...
View ArticleERR3:7438 No NTUser.DAT file for User was found
ERR3:7438 No NTUser.DAT file for User was found in \\server\profiles$\User. The roaming profile cannot be migrated. Notes for myself or anyone else who runs into this specific issue: I was running an...
View ArticleAll RODCs do not apply 'User Rights Assignment' part of Default Domain...
Hi, I noticed that all of our RODCs (all on Windows Server 2012 R2) do not apply the 'User Rights Assignment' part of the Default Domain Controllers Policy. They all have the state that was valid...
View ArticleFacing issue while creating AD Federation test lab
I am facing some issues while creating AD Federation test lab on Windows server 2012 R2.I am following the below link for establishing my test...
View ArticleStrange SYSVOL and replication issue
Hi, I just recently started a new job and as a first project i got was to fix a DC problem they have had for quite some time. The environment is a pretty simple one where they have 3 DCs, one old with...
View ArticleVMWare SSO and ADFS
Can I safely use the SPN Identity option for VMware SSO to ADFS 2.0 Vcneter 6.0 to AD windows server 2008r2Will setting the spn for VMware user affect the spn set for adfsThe tests comeback ok but I am...
View ArticleFacility to let users reset their passwords
Hi,Is there a way to which users can reset their password like conventional website account? I was thinking if there was like a Forgot password? option. Verification will be done against their AD...
View ArticleServer 2012 R2 password expiry notification not showing, and password GPO...
Hi,We have a domain running on two 2012 R2 domain controllers. We had a password and account lockout policy set in our default domain policy, which had some basic password settings, and no lockout...
View ArticleAzure Active Directory Connect need a user part of the enterprise admins group
I just upgraded the dirsync utility on my server 2008 R2 to the new Azure Active Directory Connect tool. Going through the setup which i have done successfully with the old tool, I get to the part...
View ArticleDC Weight and Priority
Hi, I'm currently trying to unpick a DC configuration in my environment as we introduce new 2012 DCs.We currently have 4 2003 DCs and we are replacing these with 4 2012 DCs.One 2003 DC is a VM and has...
View ArticleRetrieve Interactive Logon and Logoff Entries from Event Viewer
Hello,I'm trying to write a script that will pull the interactive logon/logoff entries for a specific user in Event Viewer via powershell. I've tried several scripts like the one below, but they are...
View ArticleRemote registry access with an admin account from a different domain
Our forest has multiple domains. I'll call them Domain1 and Domain2. I have a domain admin account from Domain1 and it is in the administrators group on a server in Domain2. It seems I can do...
View ArticleRODC or Domain trusts?
Hi,we would like to have user Domain authentication on untrusted third party company's network. We would not like to limit network access from third party company's network to our network. Ideally we...
View ArticleADMT 3.2 download not working
Every time I attempt to download ADMT 3.2 from the connect.microsoft.com site I get the following message:"Page Not FoundThe content that you requested cannot be found or you do not have permission to...
View ArticleADMT 3.2 Download
Hi,Does anyone know where to download ADMT 3.2? The link they have provided (Microsoft) seems broken.https://connect.microsoft.com/site1164Thank You
View ArticleRPC port 135 being filtered, all steps to rectify have failed
Hi all,I have two 2k8 r2 DCs on my network. I noticed they stopped replicating and started investigating. Error 1722 listed many times in the event logs. When I tried to force replication I get RPC...
View Articledns zone replication in active directory
I have looked at the links below but I do not see clearly the benefits of changing dns zone replication in active directory, can anyone explain the benefits and why this would/ should be...
View Article