How to check for LDAP problems? (logs, events etc)
We have many applications in our company that use LDAP binding to authenticate and authorize users. Most often these applications are sitting on non-windows systems, but there are windows servers as...
View ArticleDomain Admin
Hi, We have 10 Desktop Engineers, Everybody having Domain Admin right. Because, daily they need to join/dis-join desktop/Laptop PC's to Domain. Is there anyway i can restrict these engineers to only do...
View ArticleDFSR with Static port
Hello All, I read an article http://blogs.technet.com/b/askds/archive/2009/07/16/configuring-dfsr-to-a-static-port-the-rest-of-the-story.aspx to configure DFSR with static EPM port. I read about...
View ArticleAdvice for tree consolidation
Hi, I have 4 domains: contoso.com, eu.contoso.com, us.contoso.com and ap.contoso.com, each of which has up to 15 sites except contoso.com which is empty. There is no real reason for this design and it...
View ArticleThe directory service is missing mandatory configuration information, and is...
We are in the process of removing a child domain from the forest and are down to two DCs. These are both Server 2008r2 sp1 servers, one physical and virtual (PDC). When I try to remove a DC (not the...
View ArticleSchedule tasks/ Account lock out/ Powershell/
Hi, we have a few accounts that keep getting locked out. we have 6 DC's, 2 of which are server 2008 R2 the rest are server 2008. i have created a scheduled task on the 2 R2 servers to look for event ID...
View ArticleWindows Server 2008 DNS server lost _msdcs. records
We have a single AD domain controller running Windows Server 2008. Late last week, I could no longer add any more clients to the domain and started to get this error: - The DNS SRV records required...
View ArticleMinimal elevation to query AD
Hi I have an application that needs to access Active Directory. The application uses the logged in account on the Windows computer to access Active Directory. I would rather not log it in as a domain...
View ArticleShow disabled accounts in group with many accounts
I have a security group in Active Directory wich contains 3100 user accounts. 107 accounts are disabled. If I open the members of the group I can't see if the user is enabled or disabled. If I open a...
View ArticleAD Users Disabled Date
I have around 200 disconnected AD users from their mailboxes. I want to delete these mailbox disconnected AD user Accounts which are older than one year. I checked the Object tab of these...
View ArticleMoving Primary site to a data center
I'm looking for the most recommended solution here. Here's the task. We are moving our current HQ site to a datacenter and the current site will then become more like a branch office. I trying to...
View ArticleParent-Child AD Replication Broke for 3 Years
I have a child domain hanging off our root domain and unfortunately the AD replication between the two has been down since 2009, whoops. I was wondering if anyone had successfully recovered from this...
View ArticleClik here to view.
NTLM authentication failed
DCs: Windows Server 2008 R2 File server: Windows Server 2008 R2 Clients: Windows 7/Windows XP/Non-Windows OS Clients are able to access the file server by name, but unable to access by IP address. I...
View ArticleHide mobile attribute for all Domain Users
Is it possible to hide the mobile (mobile number) attribute for all Domain Users? We don't want that all user see the mobile number in GAL.
View ArticlePublic access computers and user profiles
We're looking to set up a public access in an area where the physical networking is rather sub-par. Between being open to the Domain Users group and having slow networking, we really don't want the...
View ArticleClik here to view.
Sub-OUs not listing in Alphabetical order
This is happening when using AD remote Admin tools for Windows Server 2003 from Windows 7, or Windows 2008 server. When directly on a Windows 2003 DC, they display as expected. Console version is...
View ArticleUser profiles on two domain controlers
Hi all, I have two branch offices A and B, each of which have dedicated domain controller. There are users in each office who have set up their profiles on appropriate domain controller. Now, I have...
View Article"Trust relationship between this workstation and primary domain failed"
We are in the process of deploying Windows 7 and started getting this error: ""Trust relationship between this workstation and primary domain failed". FYI - We started getting this error after our...
View ArticleNETLOGON Error 5783 on Exchange Server 2010 to Server 2008 R2 Domain
We have a simple domain, single forest and only one site. I recently upgraded my DCs to Server 2008 R2. We also have a single Exchange 2010 Standard server running on Server 2008 R2. DC1 -...
View ArticleUser Admin Locked Out Every Night
I have one admin that is getting locked out every night. When I look in the logs I see pre-authentication failures for the user. Failure Reason = 0x18. If looked up documentation and I've check that...
View Article