The security database on the server does not have a computer account for this...
The issue is the client get an error when user attempts to login in. The error message is "The security database on the server does not have a computer account for this workstation trust...
View ArticleProblem adding Windows Server Standard 2008 R2 box as a Domain Controller
I'm attempting to replace a Windows Server 2003 Standard R2 domain controller with a Windows Server 2008 Standard R2 box. My current domain controllers are:Windows Server 2008 Standard R2 (Global...
View ArticleCreating a trust relationship using hosts file instead of DNS ?
Could a hosts file on a DC be used for establishing a trust relationship if nothing else in DNS zone was required ? there are network restrictions in place which only allows certain DCs to talk so...
View ArticleLingering Object deletion ?
Hi Team,In my domain I am facing the replication issue and when I looked into the event viewer, found events are getting filled with 1988 replication error.repadmin /removelingeringobjects ServerName...
View ArticleWorkStation Account Password Changes
Hi all,<o:p></o:p>I'm sure you have been asked very similar questions to this one, so I hope this will be a quick one for you. <o:p></o:p>We are using VMware view 5.0 in a...
View ArticleDoubt about Software Policy Restriction
Hi everybody.I'm with a doubt about software restriction policies. One of my clients asked for a SRP that allows users to remove programs but doesn't allow them to install. As far as i know, that's not...
View ArticlePassword complexity message
Is there a way to change the message when users do not meet the length and complexity requirement when they change their password. All computers are Windows 7 Pro.sp1, and joined to our domain. The...
View ArticleHow to restore default permissions to Account Operators group?
Hello,We have this DEV domain and when looking through it we notice that "account operators" does not have full control over many user objects. This tells me that someone prior was playing around with...
View ArticleUPN Login restriction
Is it possible to set AD to only accept UPN logins and not the down level (domain\username), especially when using Exchange (OWA, EWS, Outlook Anywhere) and Sharepoint using Forms base Auth.
View ArticleHow to Query LDAP with a list of names for specific properties
I have a list of user names given to me, that I need to query Active directory to see the following:- Account is a valid account in domain x, y or z- Account has the property altsecurityidenties (pki...
View ArticleRODC does not remove zones
Hi,We have one RODC in our domain. Replication works fine and all our zones are updated. The problem however accurs whendelete a zone from one of our writable AD integrated DNS servers. These zones are...
View ArticleADFS 2.0 and SiteMinder
We are planning for ADFS 2.0 implementation to provide a single sign on experiance to "internal" users for an application hosted by vendor. The vendor provides SSO through CA SiteMinder Federated SSO....
View ArticleChanging IP Address of DC and Sites
Hello,We have a healthy 2008 R2 AD environment running. We have multiple AD sites with one DC running in each site. These DC's also serve as DNS servers. We need to change the IP scheme of some of our...
View ArticleUser keeps getting locked out
A user keeps getting locked out of there account every morning when they come to work, I have to go into our DC and unlock there account. The user is not typing the incorrect password. Please let me...
View Articlenltest /finduser
Very useful command for finding an user when I have multiple trusts , multiple child domainsnltest /finduser:testuserI have testuser in multiple trusted domains but that command shows only one user. I...
View ArticleCannot query users from child domain
Hi,I am almost sure that I have a problem with DNS server, but unfortunately I am not able to clarify where exactly. I have a root domain and three child domains. Problem exists only in one site in one...
View ArticleFailed to create two-way trust between server 2008 R2 and server 2003
we are trying to create a two-way forest trust between us (server 2008 R2, v.local) and our solutions provider (server 2003, s.com).DNS zone is created, we are able to ping their domain name, nslookup...
View ArticleSchema Upgrade +DC upgrade+P2V of DCs
Hello,I am planning to upgrade my AD infrastructure from 2003 R2 to 2008/2012My current setup is :Root Domain: 4 root domain WW and schema Version is:44Child domain: there are 4 different child domains...
View ArticleReplace DC, same name/IP
There are lots of threads on this topic, but none seems to quite apply to me.I've got a "new" 2008 R2 server "ready" to replace THE old 2003 server. The new one is already been promoted to a DC and...
View ArticleAD does not update
Hello.Iam having a strange issue.I noticed this first when i added some users to a group and then i did run a powershell command that lists all users in a group and he command dident output the new...
View Article