Domain Join Machine with RODC
Hi,We have on prem DC and we are thinking to deploy RODC in Azure using VPN connection.We will be deploying some VMs in Azure so I want to confirm that Can we domain join our Azure VMs with RODC?
View ArticleCross forest certificate enrollment Server 2012 R2 - cannot copy templates
I have attempted to setup Cross Forest certificate enrollment in a Test environment. I am using the document AD_CS_Cross_Forest.pdf. from the Technet article...
View ArticleClik here to view.
Options Value missing from Inter-Site Transports under Configuration
I think I have a big problem. I was looking to enable Quite AD Replication using intersite communicationshttp://pctechgo.blogspot.com/2014/03/active-directory-intersite-replication.htmlI am missing...
View ArticleDelegated access for specific users to add and remove users from a group and...
Hi,I have setup a new group in AD and added a number of other groups as its members. On the new group, under security, advanced, I have added a test user and selected the properties read members and...
View ArticleClik here to view.
Do I remove IP or IP and SMTP in my bridgehead under Sites and Services.
Hi,We have three Windows 2012 R2 Domain Controllers. We had Microsoft assessed our environment and recommended to us to remove Bridgehead. As per their comment:"Bridgehead servers are domain...
View ArticleModify granular permission on Active Directory Deleted Objects container
I'm looking to grant the following permissions to the "Deleted Objects" container in AD for JUST child computer objects:List the child objects of the objectRead a propertyWrite to a propertyNormally...
View ArticleOrphaned fSMORoleOwner entry for DomainDnsZones
I have a very strange situation/issue. We've been having some oddities with replication and mostly demotions of domain controllers. The error messages lead us to do some digging and here is what I...
View ArticleAccount & Resource Domain Setup.
Hi All, DomainA Users/Computers are migrate to DomainB. Keep all the servers in DomainA. Users are login to DomainB DC01 but Computers are getting the DHCP form DomainA -DC01. DomainA DC01 -...
View ArticleRoot CA migration from DC to DC
I am following the link below for our root CA migration. The current CA is on a DC and I am going to migrate to on an another DC. This case the new DC will have the same name as the old. My question,...
View ArticleCA migration from Windows 2008 to Windows 2012
We are planning to migrate windows 2008 R2 root CA to Windows 2012. We have a basic configuration in which CDP and AIA are pointing to the default location. The migration procedure is basically backup...
View ArticleShared Folder For Domain Users
Dear All,How can i allow domain users to share their own folder "created by them"on their PCs. I did disable UAC but didn't work. Is there any group policy i can configure to let domain users to share...
View ArticleClik here to view.
Some subsidiary domain member computers get policy exceptions
Hi,Found some domain member computers, their configuration is: The ip address is located in the local site. Both nltest /dsgetsite and nltest /dsgetdc show the corresponding site and intra-site domain...
View ArticleNew 2008 DC on 2003 domain - workstation trust relationship issues.
Greetings,We added a 2008R2 DC to our 2003 domain, which consists of two 2003R2 servers; we are planning to upgrade the domain once I am happy that things are stable. Unfortunately I have had one...
View ArticleActive Directory "User must change password at next logon" takes 2 log off's...
Active Directory "User must change password at next logon" takes 2 log off's before prompts for password change.How do i set it that it forces the user to change password after 1 log off?
View ArticleHow to use msds-memberoftransitive with multi-domain forest?
Hi all,Have a multi-domain forest: acme.com and child.acme.com. For users in this forest, would like to get direct and transitive(nested) group membership using LDAP interface. After looking at...
View ArticleWindows Security Log Event ID 4776 on DC
I have a 2008 R2 DC with Windows 7 client.When I login to client PC using local account instead of domain account several event logs are getting logged onto DC as shown below.What is causing this...
View ArticleWrong Logon Server
On a new site we have created all of the clients get a logon server for a different site. BIn ADSS the subnet is setup and assigned to the correct site.I looked through DNS and everything seems to be...
View ArticleRestrict AD object Deletion to specific group or User
Trying to see if there is a way to restrict the deletion of AD objects to either a group or one user. The AD objects are already set to protect but it is only a check box. Issue is that someone...
View ArticleFilter OU from Active Directory site replication
Hey Everyone, Quick question :)is there a way to filter an OU or a group of objects from replication to all the DCs in my forest ?basically i want to create 100 000 contacts on one DC but dont want...
View Article