Combine

hi guys, need need transfer users , computer accounts domain. so how go through when user log in,  user still log in same desktop (same wallpaper), same network drive mappings etc.. is there way it? thanks in advance. hi, that's awful position in, first instinct don't panic, not lost. the main concerns i'm taking out of post that: you don't feel can trust server anymore has been badly compromised; you have software issues don't believe can fix. what recommend if backup older than, say, week you: create fresh backup of directory dvd "ntdsutil ifm"; build new server off network - dvd iso preferrably; harden firewall settings on new server before bringing onto network; install virus scanner on new server; bring new server onto network , configure tcp/ip settings production; use "dcpromo /adv" command promote new domain controller media (it need able talk existing domain controller); monitor new server's progress through...

hi, i created new security group on sbs2008. when use group set user rights on folder on data drive users in group don't have access folder. when add different users accounts give access folder works fine ???? the server running on hyperv , data drive different vhd i tested same settings on sbs2008 on hyperv , there working expected. this thing drives me crazy :-) thx koen ok found solution. you have logoff , logon again, machine has share connected, before rights off security groups assigned. koen Windows Server  >  File Services and Storage

hola, me sucedio en un cliente que cuando reiniciaron el server por un factor x, uno de los discos asignados desde el stoage por lun, esta offline. leyendo un poco vi este evento. el server tienen hyper-v y es win2008. lo reinicie varias veces este fin de semana y no pude emular esa falla. lo que dice la nota es que; resolucion: "if windows server 2008 not running on hyper-v server, issue not affect performance of operating system. therefore, can safely ignore event." http://support.microsoft.com/kb/951007 log name:       system source:         storflt date:           6/23/2011 2:55:33 pm event id:       5 task category: none level:          warning keywords:       classic user:           n/a computer: ...

all, i have playing new powershell cmdlet (export-startlayout) in w10 10130. works differently versions in w8.1 exports xml , not bin. however, note structure of file exports broken column , row references duplicated. if rename exported file layoutmodification.xml , place in c:\users\default\appdata\local\microsoft\windows\shell attempt build modified start screen new users because of duplicated tile references breaks. if manually edit exported file , correct column , row references works should. hopes helps with it people trying build customized start screens. pete silly question time. does file name change layoutmodifications.xml or layoutmodification.xml over-writing file present? i playing around editing file, naming layoutmodifications.xml  not seem work. can't figure out whether due editing, or filename. thanks windows 8 corporate desktop? bad idea. Windows 10 Insider ...

newbie question: where, in windows server 2012, can change ip address ? thanks hi wlid1966, add, can use command-line change ipv4 or ipv6 address. example: netsh in ipv4 show address netsh in ipv4 add address “local area connection” 192.168.1.1 255.255.255.0 netsh in ipv4 delete address “local area connection” 192.168.1.1 255.255.255.0 more information: netsh commands interface internet protocol version 4 (ipv4) hope helps. jeremy wu technet community support Windows Server  >  Windows Server 2012 General

my current script sends out plain text users: $body = "test here`n`n" $body += "and continues here." i need include html , urls now. giving users redirects internal site , highlight text in red. its 10 sentences long. thank you $body = get-content "d:\body.txt" | out-string send-mailmessage -to $emailto -from $emailfrom -subject $subject -bodyashtml $body -smtpserver $smtpserver Windows Server  >  Windows PowerShell

hi,   i wan´t buy nas system installed ms storage server 2008. iscsi target software 3.x included, or necessary buy also? thanks in advance! it depends on windows storage server edition. for windows storage server 2008 r2, see http://blogs.technet.com/b/storageserver/archive/2010/09/22/windows-storage-server-2008-r2-is-now-available.aspx  (table near end of post) http://blogs.technet.com/b/storageserver/archive/2010/11/08/announcing-windows-storage-server-2008-r2-essentials.aspx for windows storage server 2008, see  http://blogs.technet.com/b/storageserver/archive/2009/05/06/announcing-windows-storage-server-2008.aspx  (table near end of post) jose Windows Server  >  File Services and Storage ...

had server running servral weeks , had problem adding app. booted last known , changed computer name computer. computer forrest root domain controler. used regedit change name back. security several apps , other computers broken. reason why changed names dc? how working again? hi,   you may refer following microsoft technet article how rename domain controller. if issue persists, perform non-authoritative restore mentioned above.   renaming domain controller http://technet.microsoft.com/en-us/library/cc794951(ws.10).aspx   regards, please remember click “mark answer” on post helps you, , click “unmark answer” if marked post not answer question. can beneficial other community members reading thread. Windows Server  >  Directory Services ...

hello, yesterday had problem when tried connect 1 of user on domain standalone computer running windows 2000 server. user's computer running windows 7 while standalone computer connected network not on domain.  when used username , password administrator on win 7 machine connect windows 2000 server , worked fine, when used user's username , password couldn't.  note: when used ip address of windows server did work not name of computer.  hello, as windows 2000 server not in domain , windows 7 there may problem dns resolution use ip address works way fine. for logon problem assume administrator account has same password on both machines? but part question here gpo forum? should better asked in http://social.technet.microsoft.com/forums/en/winservergen/threads best regards meinolf weber mvp, mcp, mcts microsoft mvp - directory services my blog : http://msmvps.com/blogs/mweber/ disclaimer: posting provided no warranties or guarantees , confers n...

hi, want to  when domain computers idle fifteen minutes automatic logoff  policies relevant group policy managment?  domain controller: windows server 2003 r2 tank you. > when domain computers idle fifteen minutes automatic logoff > policies relevant group policy managment?   none. cannot logoff users using gpo. might create scheduled task executing "shutdown -l -f" instead.   martin mal ein gutes buch über gpos lesen? no not evil, if know doing: or bad gpos? , if bothers me - coke bottle design refreshment :)) Windows Server  >  Group Policy

hi, based on understanding, open license have downgrade rights confirm rds cal able downgrade 2008 version under open license program..? thanks! hi, according research, downgrade retail cals. similar thread discussed here: https://social.technet.microsoft.com/forums/windows/en-us/32a88023-3d77-4ef6-aa53-a015529935d7/server-2012-rds-cal-downgrade?forum=winserverts you contact clearinghouse for downgrading rds cals related questions: locate microsoft clearinghouse telephone number country or region http://technet.microsoft.com/en-us/library/cc754874(v=ws.10).aspx best regards, alvin wang please remember mark replies answers if help. if have feedback technet subscriber support, contact tnmff@microsoft.com . Windows Server  >  Remote Desktop clients ...

hello. running problem can't around. server's raid1 died [2 drives died @ same time :(] , replaced them 2 new drives, created new raid1 , restored backup, bluescreens on ntds , have tried everything.  after restore have tried utils in ad recover mode , keeps saying cannot continue due unsupported sector size.  what size sectors need set raid1 allow backup work? i switched 64k 128k , doing new restore can't give exact error gets spit out running below commands esentutl /g c:\windows\ntds\ntds.dit esentutl /p c:\windows\ntds\ntds.dit i gave , restored vm , took. took 1 of old failed drives , restored , worked, doesn't new drives @ all. anyway have server , running. input. Windows Server  >  Windows Server General Forum ...

hi there, i have build new server environment client of mine, have build following servers following roles: dc server (ad/dns/dhcp/rd licencing) rras (connection broker/gateway/rd web access) rds(session host) sql (sql server) the problem users login on rds can everything, install/remove software, start computer management, start cmd etc. so have admin privileges, not in admin group! have looked simple gpo can block these admin privileges without luck. what can , how can fixed? kind regards, mazen abdelaal sounds logon administrators, larger problem mixing these roles on 1 server instance. active directory domain controller should not have other roles rras, rds, sql installed on it. individual roles configuration collide , cause unexpected results. https://support.microsoft.com/en-us/kb/2032911 https://support.microsoft.com/en-us/kb/292822 to issue rds configuration can add them here rather make them administrators, again there's conflicts encounte...

i have followed various postings try working , final reslt user gets bounced message unable write folder - presumably c:windows\downloaded program files folder. seems difficult/impossibe change permissions on folder would've thought axinstallsrv have permission "user" running install. on windows 7 sp1. any thoughts/suggestions welcome, please hello, and group policy question is??? didn't mention configuration settings have done until now. , in c:\windows folders no normal user or domain user have permissions, have on c:\users\username\download sounds me have problems within windows 7, therefore please use following forum: http://answers.microsoft.com/en-us/windows/forum/windows_7 best regards meinolf weber disclaimer: posting provided "as is" no warranties or guarantees , , confers no rights. Windows Server  >  ...

i created new account in ad client-software , system sets flag: passwd_notreqd object , disables account. why happening because of ad password policy or else? hi  passwd_notreqd - no password required,check ms article, https://support.microsoft.com/en-us/kb/305144 also check coversation subject, http://www.systemtools.com/toolboard/showthread.php?718-question-about-useraccountcontrol-flags-specifically-passwd_notreqd this posting provided no warranties or guarantees,and confers no rights. best regards burak uğur Windows Server  >  Directory Services

is possible give a user access log domain controller , administer file share on dc without making them member of domain admins? i know not security best practise have dc act file server budget contstraints have not allowe me seperate dc , file share functions onto 2 seperate servers. now i'd give admin rights log onto dc not make changes dc or , ad components (sites & services, dns etc.). has come across type of requirement before? i've tinkered around default domain controllers policy , giving user account rights log dc using ts has not worked. thanks in advance replies. pajoryan123 hi, allowing user logon first step. administer shared folder, should give user ntfs permission of shared folder. add user in security tab, give full control permission or other permissions. to change ad settings, open aduc, right-click ad object, choose properties, switch security tab, can configure permission configuring ntfs. thanks. this posting provided "as is" no warranties,...

hi, do event id when disk goes offline in physical , virtual  and cluster servers ? if yes , let me know event id , need set motioning. senthil senthil hi, thanks post. i did research regarding requirement , not find such event ids. there no direct way monitor status of logical disk. may need use powershell script create rules. as far know, running get-disk command can physical disk status. for logical disk, can run below command properties of it: get-wmiobject win32_logicaldisk and can use test-path command check whether disk can accessed. some article reference: logical disk availability critical – mean? https://blogs.technet.microsoft.com/kevinholman/2010/07/29/logical-disk-availability-is-critical-what-does-this-mean/ best regards, alvin wang please remember mark replies answers if , un-mark them if provide no help. if have feedback technet subscriber support, contact tnmff@microsoft.com. ...

i'm looking @ might take deploy wsus ~75k machines connected to 1 central location on locked down 512k-1mbit managed, private vpn link (no split tunnel, or direct internet access allowed). these machines independant, or @ best in small workgroups, not in domain, , few (< 5) in 1 physical location, rules out branch level wsus servers. i realize have deploy registry changes hand, or more likely via a .reg file that's distributed, since config via gpos out of question. right pulling updates on public schedule between 17:00 , 22:00 direct ms. if choke bandwidth down, 75k times reasonable like, 100kps still lot of gigabits to move when major service pack comes out. i'm worried next big sp could saturate both vpn devices , our > 1 gig internet connection. i'd not save on internet bandwidth, spread out patch downloads clients across 24-48 hour period (by creating different group) instead of default 5 hour period. is there g...

scheduled 2016 server backup failing every other day event id 517 error '0x800700ea'   event id 517 description :  the backup operation started @ '‎2017‎-‎09‎-03t03:30:13.356875700z' has failed following error code '0x800700ea' (more data available.). please review event details solution, , rerun backup operation once issue resolved.  backup scheduled run every day @ 11:30 pm dedicated seagate  5 tb external hard dive.  when backup worked, first full backup took around 20 hours. daily, incremental backup less 30 minutes.  no warning or error event before or after 517.  i able run manual full backup after failure no issues. any in resolving issue greatly appreciated.  any other events generated before , after failure message? event 517 caused different factors may take time fixed. check earlier thread i.e. backup fails event id: 517 might troubleshoot issue. server backup known issues , resolutions: https:/...

seems liek wasn't ported new, not read-only forums now. here's link original topic: http://social.technet.microsoft.com/forums/en-us/windowsserver2008r2networking/thread/9f93508c-71fa-4807-b41a-8f558563afe3   i wanted know if there news on problem? myself can report it's still not working me. i glad let know have come out hotfix issue. please download , install following link:   you cannot access remote server shares files , printers using smb protocol computer running windows server 2008 r2 or windows 7 http://support.microsoft.com/kb/2194664   more information hotfix   symptom consider following scenario: multiple users log on computer running windows server 2008 r2 or windows 7. these users use computer access remote server shares files , printers using server message block (smb) protocol.  you log on computer access server. the connection between computer , server timed out after connection stays in inactive status long time...

hello, need optimize script it should select computer ad, select attribute managedby , each user in managedby  it should search mail,telephonenumber...   it working, got errors when managedby attribute empty - because get-aduser requires identity.. output should looks like: name          managedby   telephonenumber p011w7       user1          +420 123 456 789 p012xp                                                   <=  (computer account empty managedby attribute.. ) p013xp        user2        ...

guys, have 2 machine. 1 machine on 10.20.x.x (os server 03) subnet other 192.168.x.x subnet /24 mask. 10.20.x.x machine can run ftp using file zilla client download / upload , unable ftp 192.168.x.x @ port 1414 (for reason ftp on port). on 10.20.x.x subnet machine can run filezilla client properly. unable ftp 192.168.x.x right. now. can ftp 192.168.x.x machine 10.20.x.x if disable isa firewall client. our requirements run filezilla client ftp 192.168.x.x machine @ same time (through script). thoughts / ideas? it professional hello, from description, can ftp target server when disable isa firewall client. seems issue related isa rule setting. quick , accurate answer issue, recommend initial new thread further support in corresponding forum forefront edge security http://social.technet.microsoft.com/forums/en-us/category/forefrontedgesecurity/ hope issue resolved soon. this posting provided "as is" no warranties, , confers no rights. ...

hi,   when connect windows 2008 r2 session host using rdc 7.0 client. i'm asked credentials in gina of windows 2008 session host. first received credential box rdc client so  configured default credential delegation termsrv/* no longer receive credential box rdc client i'm being asked credentials in windows 2008 gina hi hans,   are sure did step step? http://blogs.msdn.com/b/rds/archive/2007/04/19/how-to-enable-single-sign-on-for-my-terminal-server-connections.aspx because explains all. using rdp 7.0 on windows xp? need enable credssp: http://support.microsoft.com/kb/951608 also take @ document: http://support.microsoft.com/default.aspx?scid=kb;en-us;953760 pubforum.net founder , bible of remote desktop services! love microsoft &its people bits! Windows Server  >  ...

we need disable user's ability access 1 of our sites externally using windows credentials. currently when go site, prompted enter ad uid , password. i've looked under authentication feature on iis under site name , can see anonymous authentication, asp.net impersonation , forms authentication enabled. if disabled forms authentication work? we don't want stop working internally, external. server is: windows server 2008 r2 enterprise hi, as best practice, not disable windows authentication since have ad environment & use kerberos authentication. if want, restrict web link external (internet) environment. have define rule in network firewall end , restrict access public network. network specialist/team @ firm. moreover ticket related iis, have dedicated forum iis related queries , forum link is  http://forums.iis.net/1043.aspx/1?security regards, ravikumar p Windows Server ...

dear all, i had configured "dns suffix search list" in group policy. have 2 domain suffixes set it: sha.a.com,a.com. change order of dns suffix. i have 2 questions: 1. how did "dns suffix search list" work if there more 2 dns suffixes configured? order difference. 2. there impacts sha.a.com computers after change order of "dns suffix search list" ? thanks kindly update.   best regards, lester chen hi, 1. 1 dns suffix attached each submission of query. if query unsuccessful, new dns suffix added in place of failed suffix, , new query submitted. values used in order appear in string, starting left value , preceding right. http://support.microsoft.com/kb/294785 2. http://www.ryanjadams.com/2009/10/dns-suffix/ disclaimer: posting provided as-is no warranties or guarantees , confers no rights. please remember click “mark answer” on post helps you, , click “unmark answer” if marked post not answer question. can beneficial other ...

hi we have windows 2012 r2 & 2016 domain controllers , functional level of ad windows 2008 r2. have created multiple fine grained password policies privileged accounts. end users default domain policy in place. since fine grained password policy created, have remove password , lockout settings default domain policy , create new policy end users using ad admin center? thanks in advance lms hi lms,  do have remove password , lockout settings default domain policy , create new policy end users using ad admin center? >>>no, not need remove account policy in default domain policy. the account policy in default domain policy still apply user, not defined fine grain password policy. best regards, jay please remember mark replies answers if help. if have feedback technet subscriber support, contact tnmff@microsoft.com . Windows Server ...

hi, trying applocker set organization, , not sure if misconfiguring or what, isn't doing want do. want users able launch scripts particular folder, scripts create hash rule for. understand it, applocker supposed implicitly block script not explicitly allowed, doesnt appear doing this.  i have created default rules, , rule allows launch scripts folder on c (c:\temp).  then created hash rules dozen scripts.  the users can run these scripts c:\temp, can run other scripts have not hashed.  they cannot run scripts outside of folder, @ least.   so, there way have described here? missing something, or not how works?  any guidance appreciated. thanks. ok solved own problem.  here how it... 1. make path rule allows launch scripts desired location - c:\temp in case.   important: path should c:\temp.  not c:\temp\*.   messing me up.  2. create hash rules scripts.   that's it.  now users able run hashed scripts specifi...

hello, install ndes role on server 2012. ca , ad on same system. iis installed. after install ndes role, start configuration. if installation assistent begin configure, stopps error 0x800cc801. (error add virtual web folder .....) make configuration domain admin rights build in admin ad can 1 help? thanks klaus hi klaus, have added ndes service account local iis_iusers group? if no, please add it. here article ndes, may helpful: http://social.technet.microsoft.com/wiki/contents/articles/9063.network-device-enrollment-service-ndes-in-active-directory-certificate-services-ad-cs.aspx best regards. steven lee please remember mark replies answers if , unmark them if provide no help. if have feedback technet support, contact tnmff@microsoft.com. Windows Server  >  ...

hi, have script massively uses send-mailmessage . far worked great, because internal mailserver used, allowed anonymous logins. now, need switch external mail server requires smtp-authentication . reason credential parameter of send-mailmessage not seam work in way sever requires. i got work smtpclient.send() (see below) rather use send-mailmessage, because otherwise need change lot of code , test it... etc. there way work? thanks, rob # this works: #------------- $subject = "poshmailtest" $body = "test" $emailto = "othermail@somewhere.com" $emailfrom ="mailaccount@gmx.net" $smtpserver = “mail.gmx.net” $smtp = new-object net.mail.smtpclient($smtpserver) $credentials=new-object system.net.networkcredential(”mailaccount@gmx.net”,”mypassword”) $smtp.credentials=$credentials.getcredential($smtpserver,"25","basic") $smtp.send($emailfrom, $emailto, $subject, $body) # this doesn't: #-------------- send-...

when rebooting hyper-v host, i'm getting following logged on hyper-v. cluster resource 'virtual machine xxx011' in clustered service or application 'xxx011' failed. the vms has following logged: event type: error event source: eventlog event category: none event id: 6008 date:  6/10/2009 time:  8:26:01 am user:  n/a computer: xxx011 description: the previous system shutdown @ 8:24:23 on 6/10/2009 unexpected. my hyper-v host part of 4 node cluster.  servers running windows 2008 datacenter 64-bit service pack 2. i can failover same vm manually through failover cluster management utility, don't seem failover nicely during host reboots (for example when needs patches , reboots) how can troubleshoot issue further?  os on vms either windows 2000 sp4, or windows 2003 sp2, intergration services installed, not ones came sp2. thanks in advance. -paul paul s paul, would vms possibly running beta version of ic? could problem? http://blogs.msdn.com/virtual_pc_guy/archive...

i've been messing hyper-v wmi provider recently.  namely, i've been trying enumerate value of disk on ide controller 0. this script   set objwmiservice2 = getobject("winmgmts:\\.\root\virtualization") set colvmitems = objwmiservice2.execquery("select * msvm_computersystem") each vm in colvmitems     guid = vm.name     set coldisks = objwmiservice2.execquery("select caption,connection msvm_resourceallocationsettingdata instanceid '%" & guid & "%'")     each disk in coldisks         on error resume next         strconnection = ucase(join(disk.connection,","))         on error goto 0         wscript.echo disk.caption & " = " & strconnection     next next   now, works enough.  correctly r...

when reboot server 2012 r2 vm, virtual machine connection gui goes ctrl alt del screen displaying date , time can't see reboot status. how turn off feature? i have experienced issue if reboot vm while in enhanced session. find if change basic session before rebooting problem goes away. i'm not sure of particulars why. assumption enhanced session pseudo rdp session and, because of that, aren't able see "true" console. basic session more aligned using physical console. Windows Server  >  Hyper-V

hello,        i'm trying make power shell script gather many different computer names , put computer names, model of computer, , serial number text file can opened in excel. when opened in excel want data in different columns. command format use this. here have . ## set variable computers $comp = get-content -path "f:\scripts\comps.txt" foreach ($cname in $comp) {     $out = get-wmiobject -class win32_computersystem -computername $cname | foreach-object {$_.model}     $serial = get-wmiobject win32_bios | foreach-object {$_.serialnumber} add-content -path f:\scripts\output\results.txt -value ($cname,$out,$serial) }  hi, create custom object data you're looking , use export-csv create output file if want file open nicely in excel. edit: today lucky day. had written , open in 1 of ise tabs, i'll post it. get-content .\pclist.txt | foreach-object { $cs = get-wmiobject win32_...

hi we setting ad-fs 2 local administrator account (domain user), having error message "you not have sufficiant privileges create container in active directory @ location " ... "cn=microsoft, cn=program data, " ...   we can provide relevent rights, @ present have no understanding on rights ad-fs 2 requires setup account have , if these rights required service accounts.  search information has proven futile.  have found article -  http://onlinehelp.microsoft.com/en-us/office365-enterprises/ff652539.aspx - mentions issue, nothing offical on ad-fs 2 documentation. if can , provide further information or link, i'd grateful. many thanks martin hello, for ad fs geneva forum better palce ask: http://social.msdn.microsoft.com/forums/en-us/geneva/threads/ best regards meinolf weber disclaimer: posting provided "as is" no warranties or guarantees , , confers no rights. ...

hi all, i'm creating gui manage admin tasks in configmgr2012. to make gui bit thinner thought of trying create dynamic gui. here's idea: the user executes gui , has opportunity chose task he'd execute. out of droplist or maybe checkbox or radio button. "onclick" of selection gui present user textboxes, dropdown lists , buttons needs exact task. is possible powershell , windows forms or need use visual studio , other language? thanks lot! -david david o'brien | mcitp, ccee | blog: www.david-obrien.de | me on twitter: @david_obrien | sepago gmbh yeah can this, pretty too..   you'd managed language c#   you'll need work out spacing , location... think i'd make a straight row, marker spacing or something...     justin rich http://jrich523.wordpress.com powershell v3 guide (technet) please remember mark replies answers if , unmark them if provide no help. ...

cross site replication of dcs happen among sites defined in sitelink objects ? istg responsible across sites replication mean intersite.(default time 180 minutes) kcc responsible within sites replication mean intrasite.( immediatly) manually create site link required when network not ip routable coz default bridge site link enabled. see this, http://technet.microsoft.com/en-us/library/cc759160(v=ws.10).aspx have deep dive. let leave kcc alone coz smarter.  configuring change notification on manually created replication partner   best regards biswajit biswas disclaimer: posting provided "as is" no warranties or guarantees , , confers no rights. mcp 2003,mcsa 2003, mcsa:m 2003, ccna, mcts, enterprise admin Windows Server  >  Directory Service...

 i encoded mx record new dns hosting... here result after use checkdns.net domain. domain claretschool.edu.ph has 2 mail-servers.    checking mail server (pri=10) claretexchsrvr.claretschool.edu.ph [122.54.214.202]    mail server claretexchsrvr.claretschool.edu.ph[122.54.214.202] answers on port 25    connection mail server claretexchsrvr.claretschool.edu.ph [122.54.214.202] timed out waiting status 220    checking mail server (pri=20) mail.claretschool.edu.ph [122.54.214.194]    mail server mail.claretschool.edu.ph[122.54.214.194] answers on port 25    connection mail server mail.claretschool.edu.ph [122.54.214.194] timed out waiting status 220    some of mx not work properly  b oth not working...  it says mailserver answers on port 2...

i have dns entry not resolve, nslookup list name, cannot ping , forth, every other entry in zone resolves except one. important dns entry resolves exchange certificate external internal name.  example: nslookup mail.contoso.com = blank any other address resolves, have recreated it, restarted dns services, restarted server, registered dns. any suggestions? do see both host , aaaa records on dns server? posting unedited ipconfig /all of dc , problem client may help. might try rebuilding tcp stack, then delete and aaaa records, ipconfig /registerdns https://support.microsoft.com/en-us/kb/299357       regards, dave patrick .... microsoft certified professional microsoft mvp [windows] disclaimer: posting provided "as is" no warranties or guarantees , , confers no rights. Windows Server  >...

hi all, i've noticed strange issue server 2012 when add users or groups trusted domain local 'administrators' group, appear sid in members list instead of username. they're not granted necessary access because of this. not users appear sid, there 2 users who's username seems resolved , appears usual , rest not. server im setting these permissions on over different domain users exist there external trust between 2 , new issue. have fixed once before installing windows updates on particular domain controller not appear fixing issue. else encounter issue , if so, how did resolve it? thanks. hi paul, in order solve sid/name translation issue, here 2 suggestions you: use portqry.exe check if necessary ports open. enable group policy setting network access: allow anonymous sid/name translation , under computer configuration/windows settings/security settings/local policies/security options. if issue persists, please refer blog more troub...

hi guys, we have win2003r2 domain controllers(x86) going bring in new win2008r2 dcs , transition over.  2 key steps seem prepping infrastructure adprep commands , then raising forest functional level once running on win2008r2.  know stuff should go smooth, worry if catastrophic happen when performed either of steps.  not know how undo steps without falling backup. i thinking shutdown dc without fsmo roles before running ad prep command.  if had catastrophic happen not fix in day or so, shutdown of out other domain controllers , bring online old domain controller, seize fsmo roles, , delete other srv records in dns.  know sounds pretty crazy , have of our systems authenticating through single site, take less time trying restore systemstate on domain controllers way before each of steps.  have other simpler ideas? dan heim the option take system state backup prior upgrading schema or raising functional level. raising of dfl/ffl irreversible...

hi, i using win 2003 server directory server. i using ldap agent used authenticate users. this agent working fine , able search users on server when looking ad service running on server, not able find ad service running or name of service. thanks, hello, which ad service talking about? on windows server 2003 there no specific service running provides ad. windows server 2008 or higher have "active directory domain services" in services.msc listed. best regards meinolf weber mvp, mcp, mcts microsoft mvp - directory services my blog: http://blogs.msmvps.com/mweber disclaimer: posting provided no warranties or guarantees , confers no rights. twitter:   Windows Server  >  Directory Services ...

hi there, this issue have been facing while now, find solution long term . seems development team, when request clone vm, have not issue cloning vm, until turn new cloned machine. when vm on, shows windows logo while loading , reboots ever, getting stuck in loop.  we have found ways deal issue, not solve problem root. seems after running chkdsk command , running last configuration able make work sometimes. other ways around vm stabilize, increasing virtual ram or connecting virtual network switch. , not after of works, wasting great amount of time trying fix vms, , consequences these vms cannot turned off once can them , running, tend have same problem if vm rebooted again. we believe vhd file corruption caused bad coding of sort, not sure. has suggestion deal issue getting bigger time goes? kind regards, andy hi andy, >> believe vhd file corruption caused bad coding of sort, not sure. yes, re-create vm , move data file new vm, best time-saving ...