Welcome to Dirteam.com/ActiveDir.org Blogs Sign in | Join | Help

Browse by Tags

Tuesday, May 14, 2013 6:58 AM

How to Build an AD Replication Delay (Lag) Site

To prevent having to restore objects from Active Directory due to accidentally deleting an object, you can have a remote DC which only sends/receives replication on a limited basis. You also want to prevent users from authenticating against, as well as
Posted by Paul Bergson | 0 Comments
Tuesday, May 14, 2013 6:54 AM

How to Build an AD Replication Delay (Lag) Site

To prevent having to restore objects from Active Directory due to accidentally deleting an object, you can have a remote DC which only sends/receives replication on a limited basis. You also want to prevent users from authenticating against, as well as
Posted by Paul Bergson | 0 Comments
Thursday, April 25, 2013 6:53 AM

Upgrading AD from 2003 to 2008

Upgrading Active Directory from 2003 to 2008 --- (Note: This is a copy from another site and at this time my snapshots are missing)--- · Microsoft’s Preupgrade check list · Before upgrading AD verify all current applications are compatible o Verify you
Posted by Paul Bergson | 0 Comments
Wednesday, January 02, 2013 2:21 PM

Preventing Spoke DC’s from Advertising in the Hub Site for Authentication Availability

If you have a hub and spoke site topology, it may not be a good idea for certain (Or all) spoke dc’s to be advertising, via dns services, the ability to provide authentications services. If you have a remote site with a dc that fails it is usually best
Posted by Paul Bergson | 1 Comments
Wednesday, July 25, 2012 7:01 AM

How to Decommission a Domain Controller

Decommissioning a dc requires all domain services that currently reside on a server need to be moved to other dc’s . You need to move any fsmo roles from this dc to another dc (KB255960) To learn where the roles reside run the command netdom query fsmo
Posted by Paul Bergson | 0 Comments
Tuesday, July 03, 2012 5:04 PM

Create A Test Domain (Old Style)

This document was prepared for the building of a copy of the production Active Directory. Following these steps will define how to rebuild the entire Microsoft Active Directory for a test domain. *** Be careful *** The first set of steps is to get a good
Posted by Paul Bergson | 0 Comments
Tuesday, May 15, 2012 1:39 PM

Windows 2000/2003 Replication through a Firewall

Configuring Domain Controller Ports To establish secure communications between DC’s defined and variable ports (High Ports) need to be able to communicate. In the scenario defined below the internal dc’s have no outbound restrictions, inbound is restricted
Posted by Paul Bergson | 0 Comments
Thursday, May 03, 2012 6:51 AM

How to Remotely Promote Server Core to a Read Only Domain Controller (RODC)

If you would like to promote a Windows 2008 server core o/s to a RODC but the server is at a remote location, you can run into multiple road blocks. Firewall ports need to be opened, remote management needs to be enabled plus you need configuration information
Posted by Paul Bergson | 1 Comments
Tuesday, May 01, 2012 8:48 AM

External Forest Trust Configuration with a Firewall - Windows 2003 and NT4

An external forest trust relies on NetBIOS name resolution, dns is not involved. All trust communication traffic flows between the Windows 2003 PDCe and the PDC. It doesn’t matter how you have your LMHosts table setup or your firewall setup the trust
Posted by Paul Bergson | 0 Comments
Monday, April 23, 2012 7:04 AM

User Account Lockout Troubleshooting

Do any of these symptoms sound familiar? · A users account keeps getting locked out, even though they haven’t even had to enter their credentials except to maybe unlock their screensaver · A scheduled task quit working, such as a night backup job · Services
Posted by Paul Bergson | 1 Comments
Thursday, June 30, 2011 9:21 PM

Configuring IPv4 as Default over IPv6

Starting with Windows Vista and Server 2008, IPv6 is the default over IPv4. This can be annoying if your enterprise network isn’t prepared to support this. You can modify this default behavior by OR’ing and registry setting on your machine. The registry
Posted by Paul Bergson | 0 Comments
Wednesday, April 27, 2011 9:29 PM

How to Create an Active Directory User Provisioning System

This blog will detail how I created an Active Directory (AD) user provisioning tool with PowerShell. It probably won’t be what you expect; the amount of front end entry is almost non-existent. The key to consistency within your enterprise is to take as
Posted by Paul Bergson | 2 Comments
Wednesday, April 06, 2011 9:01 PM

Active Directory Replication Types

I find myself quite often trying to keep straight all the different replication activities that can occur within an Active Directory (AD) domain. There is: · Intrasite Replication · Urgent Replication · Intersite Replication · Intersite Change Notification
Posted by Paul Bergson | 3 Comments
Tuesday, March 08, 2011 3:23 PM

Preventing Lingering Object Replication in Active Directory

One thing you want to prevent in Active Directory is an Islanded DC, one in which you have lost connectivity to. If a DC is disconnected beyond its "Tombstone Lifetime" it will begin to accumulate Lingering objects. This isn't something you ever want
Posted by Paul Bergson | 0 Comments
Monday, January 31, 2011 7:48 AM

Windows 7/Vista clients require elevated privileges to install or update a print driver

Our Help Desk support staff was really perplexed. They were getting hammered by phone calls whenever a print driver was updated and the Windows 7 clients attempted to upgrade the print driver. Windows XP clients had no problems upgrading, so obviously
Posted by Paul Bergson | 1 Comments
More Posts Next page »