External trust and SSPi error
Hi All,we have an external trust between domain A and B. Users from Domain B are trying to access via SQL Studio manager an SQL 2005 server in domain A and receive the dreaded sspi error cannot...
View ArticleNewbie Question. Joining domain Error 1355
First of all, I want to thank you all in advance for your patience and any assistance. I am not a corporate IT manager, nor do I work in the IT field anymore. I used to do software development years...
View ArticleADFS SSL certificate replacement
Hi guys,Not sure if I have the correct forum, but I have a simple ADFS question. We have ADFS working with Office365 and we need to replace our public SSL certificate for fs.contoso.com. When we...
View ArticleUnlock sign in account
Hello.I would like to know if I can simply go into my account without providing a password. Is this possible?
View ArticleAccount is Disabled attribute - Immeditate replication (?)
Is the "Account is Disabled" attribute a part of the immediate replication attributes? If not, can it be added? How?
View ArticleFSMO Roles Seize
My primary domain controller is down completely and i sezied FSMO roles to Additional domain contoller but then onwards my DNS, DHCP and Active directory services are not working. Please help me on this.
View ArticleADWS Event 1005
I have a Windows 2003 AD domain that I just installed ADWS in. The install went well and after server restart, ADWS starts up fine. I get the normal events that is has started and that is is...
View ArticleTrust relation ship between workstation and domain failed
After seizeing the FSMO roles, i am getting error as trust relation between workstation and domain failed.
View Articlereplication error
This server is the owner of the following FSMO role, but does not consider it valid. For the partition which contains the FSMO, this server has not replicated successfully with any of its partners...
View Articleremovelingeringobjects not work
Hello everybody! I try to remove lingering objects from my envirement. I have 1 root domain contoso.com. And couple of child domains sub1.contoso.com, sub2.contoso.com ... sub10.contoso.com On two...
View ArticleGive user AD rights to change personal info
I want to give a user rights to change personal AD information.(i have found a solution: http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/5422b189-93af-406b-9a0e-b884fe12b960)but is...
View ArticleDomain controller DNS registration
We have migrated all our domain controllers from Windows Server 2003 to Windows Server 2008 R2 and reduced tthe total number of domain controllers from 5 to 3. All domain controllers use AD integrated...
View Articledomain PREP returns 0x13 error during domain prep
While attempting to run ADPREP from the Server 2008 R2 CD, ADPREP returns an error message after attemting to modify the base domain object. The error looks like this: Adprep was about to call the...
View ArticleAD user token bloat and Web App. access
Hello to all, I'm finishing a cross-forest migration project and users on target forest still have their source SIDs on SIDHistory attribute (they will cleaned up, but not now). For this reason some...
View ArticleDuplicate user ids in DC
HI,DC is windows 2008R2 sp1 and windows 2003r2 sp2 environment - a total of 10 DCs across multiple offices.recently noticed that in dsa.msc, it appear that there are duplicate user...
View ArticleAD subnet definition in hosted environment
I am wondering what is the best practice when defining subnets for machines in a commercially hosted environment (in our case Rackspace).Each time a new machine is created it gets a widely differing ip...
View ArticleSecurity Issue: Active Directory distinguishes between wrong user name and...
Hi,It seems that Active Directory gives a different error message if a user attempts to login using LDAP using an invalid user name verses trying to login with an invalid password. This is a security...
View ArticleLDAP authentication from a Linux app to cover several AD domain ? Your...
Hi,we have an application running on a Unix server and we would like to use authentication of our several Active Directory domains (in the same forest).The application is compatible with LDAP...
View ArticleSteps to Add an Attribute to the RODC Filtered Attribute Set
Hello,This articlehttp://technet.microsoft.com/en-us/library/cc772331(WS.10).aspxdiscusses modification of the searchFlags value of the attribute that you want to add to the RODC filtered attribute...
View Articleany advantage is separate AD sites for co-located child domains?
I inherited management of an AD forest some time ago, and as there were never any issues with authentication or other AD-dependent services (which weren't operator error), I never made any changes....
View Article