Trusts and Kerberos AES Encryption
We have Active Directory with Domain/Forest-Functionallevel "Windows Server 2008 R2". Now we have seen that there are a Option in the Trust Properties Tab called "The other domain supports Kerberos AES...
View ArticleServer 2012: Increased LDAP traffic to domain controllers since installed
About three months ago, we installed a new server running Windows Server 2012 (Std.) at a branch office. The server is running the following roles: File Services (including File Server Resource...
View ArticleAdding Multi-value Field to AD Schema
Hello,My app/dev team has requested that I add 2 multiple-value (string) fields to our AD schema. This will house job titles. I have a 2003 AD environment (adding 2008 AD soon).Is it possible to add...
View ArticleSPN duplicate name Error on DC
Good day! I have one problem, which repeating regularly. That error write into system log on both domain controllers more 1000 time in month: The KDC encountered duplicate names while processing a...
View Articlea few duplicate SPN questions
Hi all,Sorry to write in on what is clearly a routinely covered topic but I didn't see anything that covered my specific questions. They are:Issue one:HOST/fileserver2.blah.com is registered on these...
View ArticleProtecting group from accidental deletion.
Hello forum,I am currently working on a Server Core (Windows 2008R2) and I have an OU called 'Groups'. In this OU I have several Global and Domain Local groups that I want to protect from accidental...
View ArticleForce password to expire for testing
Is there a way to forcibly have a password expire in AD so I can test the OWA password expiration form?
View ArticleStartup script
Startup scriptHello everybody,Ineed helpfora problem a little strange.I set upa script torun wheneverthe workstations(Windows 7), initialize.Computer Configuration-Windows Settings -Scripts(Startup...
View Articleusing non MS DNS for active directory
We are considering moving our AD namespace to a non MS DNS server (infoblox). what are everyones thoughts on this? and what about dynamic updates? Thanks! -Nex6
View ArticleRENDOM - Error during step 7 (rendom.exe /prepare)
Hi All, I'm trying to do a domain rename, but I'm getting errors during the "rendom.exe /prepare" step. The forest has a root domain, with 7 child domains. I'm just trying to change the DNS name of the...
View ArticleSPN, netbios, DNS, and name truncation?
I recently started managing the domain for a company thats been around for 15 years- over the years, AD has been beaten up a bit and I'm trying to clean things up.Currently, I'm getting an event ID 11...
View ArticleSingle domain controller, 2 locations
Hello,Looking for some help on how to best join a remote location to my existing 2008 domain controller (HQ). This remote location currently has a server 2003 domain controller but I would like to...
View ArticleUsers from trusted domain turn into SIDs in local group
I have been seeing a problem that tunrs logins from a trusted domain into SIDs in a local windows group. Whan I add a login from domain "PROD" to let say the Administrators group on a server in domain...
View ArticleNo Global Catalog server is up in the local site 'xxx'
Exchange Active Directory Provider will use the following out of site global catalog servers: xxx.123.com xxx.1234.com xxx.132.comLloyd
View ArticleHow to Ad user Account in windows server 2008 R2
Hello One of my top managment user account got deleted from active directory.When i tried restoring it is not allowing me to restore and gives me below error message Restore-ADObject : Illegal modify...
View ArticleDomain Name will be .com not .local in Window Server 2012
Hi Friends,Tell me .local (Domain Name) is the unique domain name in Server 2012. I want change Domain Name from .local to .com in Window Server 2012.
View ArticleAuto logon question
Hi Everyone,I would like to have a series of computers auto login when they are booted.Each machine will need to have a different username that is logged on with.I do not have the passwords for the...
View Articledemote 2008 R2 after bringing up another 2008 R2 DC
i had server crash issue and i had to create a new AD domain on 2008 R2 (DC1)on one of my server now i got a new server installed 2008 R2(DC2) joined the existing AD domain then transfered the FSMO...
View ArticlememberOf Query with DirectorySearcher through One Way Trust
Hola!We are looking to split our domain in two for security reasons. Internal users in domain internal.local and external in external.local.We have set up a one way trust between the two where users in...
View ArticleActive Directory Resource Domains
what technology has replaced Active Directory Resource Domains.If I want to integrate a service like back up solution between 4 organisations to save money and reduce costs what am i going to...
View Article