Close

Not a member yet? Register now and get started.

lock and key

Sign in to your account.

Account Login

Forgot your password?

Windows 2008  // Windows 2008

Home » Windows 2008

04 Apr Posted by tim in Active Directory | Comments

Moving the Infrastructure Master Role of an NC

Moving the Infrastructure Master Role of an NC

Since Microsoft didn’t pay much attention to the “health” of those NC IM roles (there’s no mechanism that protects the role nor do they write any messages into the eventviewer or check for it on updates), IM role owners of those NCs may get lost. This wasn’t much of a deal until Server 2008 and...

Read more...

03 Apr Posted by tim in Active Directory | Comments

User Cannot Change password setting

User Cannot Change password setting

The basic problem was that some of their users weren’t able to change their passwords. They received an error message: “You have no permission to change your password.” I was pretty sure that the problem behind was the checkbox in those users’ properties that says “User Cannot change password” is checked and password change was...

Read more...

02 Apr Posted by tim in Active Directory | Comments

Logon types in Windows Server 2008

Logon types in Windows Server 2008

Here’s a list of the logon types you may find in Windows’ security event log when auditing: 2 – Interactive Console Logons basically. 3 – Network This logon happens when you’re accessing file shares using SMB for example. 4 – Batch This is used for scheduled tasks. 5 – Service This is used for services...

Read more...

02 Apr Posted by tim in Commands | Comments

Netsh – Manage Windows Network Settings With Netsh

Netsh – Manage Windows Network Settings With Netsh

Netsh is a powerful command-line tool that is installed by default on Windows 2000, XP, Vista, and recent Server editions. It lets you view and change TCP/IP, authentication, firewall, and other network settings. The beauty is that you can configure multiple computers by using a logon script or other means, such as a batch file....

Read more...

01 Apr Posted by tim in Active Directory | Comments

Fsmo Role

Fsmo Role

By default, in a fresh domain, all five FSMO roles are held by the first DC in the forest/domain. This is until you move (either transfer – that is the more friendly method – or seize them – the more forcefully method) the roles to another DC. Reasons for that can include: •hardware/software failure and...

Read more...

30 Mar Posted by tim in Active Directory | Comments

Add an additional attribute to Active Directory

Add an additional attribute to Active Directory

How can I add an additional attribute to Active Directory Users and Computer’s default view? This is a classic but I thought I’d outline the steps below. I’ll keep this relatively short as you can find tons of information out there on how to do that. What we’re going to do is tell Active Directory...

Read more...

29 Mar Posted by tim in Active Directory | 1 comment

Restoring Users and Groups from a Server 2008 R2 Recycle Bin

Restoring Users and Groups from a Server 2008 R2 Recycle Bin

Server 2008 R2 brings the Recycle Bin feature for Active Directory. You can think of it as the recycle bin in Windows you move your documents and spreadsheets in – just for Active Directory. With the recycle bin enabled (note: you’ll need Server 2008 R2 forest functional level enabled) objects deleted from a partition aren’t...

Read more...

28 Mar Posted by tim in Active Directory | Comments

The “Return deactivated links” control in LDAP

The “Return deactivated links” control in LDAP

I’ve blogged about the Recycle Bin feature in Server 2008 R2 and was wondering how group membership of users was stored, when groups were deleted (or vice versa). In general, forward- and backlinks are stripped of an object once it becomes a tombstone (gets deleted without the recycle bin feature). In Server 2008 R2, this...

Read more...

27 Mar Posted by tim in Active Directory | Comments

How to check whether changes to an NC have replicated to a DC

How to check whether changes to an NC have replicated to a DC

You made changes (accidentally or not) to a NC on a DC and want to check whether these changes have replicated to a specific DC? One possible solution here is repadmin /showrepl: repadmin /showchanges. For me, it becomes: repadmin /showchanges dc3 0471c1d5-9e2c-47c8-847a-f002a1d023ce DC=intern,DC=frickelsoft,DC=net. I want to check whether changes made to intern.frickelsoft.net on dc1 (whose...

Read more...

26 Mar Posted by tim in Active Directory | Comments

How to Build an AD Replication Delay (Lag) Site

How to Build an AD Replication Delay (Lag) Site

To prevent having to restore objects from Active Directory due to accidentally deleting an object, you can have a remote DC which only sends/receives replication on a limited basis. You also want to prevent users from authenticating against, as well as services being used by other machines, since the metadata on this DC is aging...

Read more...

Categories

Archives

Love your site, it's helped me out more than once.

Jordan

Recent Posts