Question on location of SYSVOL folder after migration from FRS to DFS and 2008 to 2019
Hello, We recently demoted a Server 2003 DC in an environment running Server 2008 domain controllers. We raised the functional level to 2008. We then migrated from FRS to DFS, so we could add Domain Controllers running Server 2019. After the…
After session disconnected services/Application should keep running
application requirement is when a session is in a disconnected state, running programs should keep active even though the user is no longer actively connected. we have done below GPO setting for it. but after some days/months, servers generated event id…
Remove-ADComputer for remote server on a different domain
Hi I'm trying to delete the "testserver" AD object via PowerShell. This works if the "testserver" is on the same domain as my laptop where I'm running my script from (dmn1.contoso.local). However, if the "testserver" is on…
Azure AD Connect - block users that are members of a group, instead of changing attribute?
We are syncing to Azure and have different OUs selected and a couple of additional rules to block users with specific attributes, like being disabled, etc. I am trying to find out if there is a way through the rules editor to simply have a group in AD…
Active Directory Forest Trust
Hi, Would a forest trust between a child domain and another forest possible? We have a domain a.com, its child b.a.com and then another forest c.com. I understand i can have forest trust between a.com and c.com , but is it possible to have forest…
Domain Controller per location
A customer wants to consolidate several domains (7) in one single domain and forest in a single location. At this point, all domains share a Trusted Relationship with each other and communicate under a provider’s MPLS. Each domain supports around 30…
Difference between "Computer" and "User" objects in Active Directory. Application of the GPO rules to this objects.
I have close to zero experience with Active Directory, so some/all of my questions may sound stupid and obvious for someone more experienced than me. But I have been "awarded" with the right to completely reinstall Active Directory server in my…
Is it safe to rename and remove an OU?
Hi, I have Windows 2012 DC. I need to rename an OU. I wonder if it is safe to rename it. Will it impact anything? I also need to remove a parent OU. For example, I have Computer OU, under Computer OU I have Workstation OU, under Workstation OU I have…
Migrate FSMO from PDC to BDC
Hello, I have an SRV1 server with Windows Server 2012 R2 that works as a Domain Controller, since it is starting to have hardware problems I also considered it appropriate for greater security to put on another SRV2 server always with Windows Server…
Windows 2019 Domain Controller - WINS services
Hello All, We are upgrading our Domain controller from 2012 r2 to win 2019 and current 2 DC has WINS services installed. would like to if win2019 supports WINS services? regards Aamir Masthan
How do I open the Global Address List (GAL) on Windows Server Essentials?
I am trying to find the Global Address List on our server. We are running Windows Server Essentials which I am not that familiar with. My research so far has shown that you need to open Exchange Management Shell to Get the Global Address List (i.e…
Delegating Control for Managing Membership of a Group
Hello, I am looking for solution to delegate permission only for addition and removal of users from security group at OU level. Regards Bhavesh Khare
Computer Account Logon
Hi, i have a quick question. How often does a "computer account" (not to confused with a user logon) logon against a DC? I've been reviewing security logs and i've noticed quite frequent computer account logins (4624). Those logon events do not…
The primary DNS of domain server is configured as local IP, unable to access the website
The domain server is 2012 R2 datacenter The IP of the domain server is 10.10.8.254/24, the gateway is 10.10.8.1, and the primary DNS is set to 127.0.0.1 or 10.10.8.254. Both of them have been tried, but the standby DNS is not configured. In this case,…
migrate-frs-to-dfsr-sysvol
Hi, What's the prerequisite to migrate the FRS to DFSR for sysvol replication? Source link: https://social.technet.microsoft.com/Forums/windowsserver/en-US/432d60fb-db6a-41b7-a2f3-d588d80f16f3/migrate-frs-to-dfsr-sysvol?forum=winserverDS
rename-old-2008r2-dc-and-give-new-2016-dc-the-old-ones-name-certificate
Hello, I am planning to upgrade a domain that has DCs running 2008R2 to 2016 this weekend. One of the DCs has an TLS /SSL certificate and I want to keep using this cert that has the FQDN of the old DC on one of the new 2016 DCs. My plan is to rename…
DNS _sites shows entries of demoted sites and DCs
Hi all, I've demoted several 2003 Servers during the last few months in our customer AD, moved subnets and succesfully deleted sites under ADSS. So far, so good, but in DNS I can still see entries under _sites and nameserver domain properties tab. …
Convert-a-global-group-to-local
Hi, I'm unable to convert a global group to local? Should I create new group? Source link: https://social.technet.microsoft.com/Forums/windowsserver/en-US/e7a8eea2-9611-4b42-adf7-e1c3143c5f95/convert-a-global-group-to-local?forum=winserverDS
Impact in Active Directory Certificate Service - upgrade domain and forest functional level
Hi, May i know if there will be any impact on AD CS (which is installed on a different server, domain joined. Certs are being used for Exchange Server) if i will upgrade the domain and forest functional level? Currently my functional levels are Windows…
removing-write-all-properties-from-ou-security-permissions
Hi all I faced an issue recently which the Domain users on my domain can delete, enable and disable other users when I investigated the issue I found that the authenticated users group on the targeted OU had the following permission: 1: List all…