DNG

hello all, till few days before working fine , when type repadmin /replsummary able output healthy.but since few days if type repadmin /replsummary in of main servers shows output as  replication summary start time: 2013-10-06 10:37:22 beginning data collection replication summary, may take awhile:   ................... destination dsa     largest delta    fails/total %%   error server              09m:29s    0 /  15    0 server b      06d.14h:02m:19s    5 /  35   14  (1722) rpc server unavailable. server c        02d.15h:53m:19s   15 /  70   21  (1722) rpc server unavailable. server d              13m:03s    0 /  15    0 server e           11m:52s    0 /  15    0 server f            03m:54s    0 /  15    0 server g           01m:27s    0 /  15    0 server h            23h:32m:20s    5 /  65    7  (1722) rpc server unavailable. server                08m:46s    0 /  15    0 server j       02d.15h:52m:25s    5 /  15   33  (1722) rpc server unavailable. ser

hi guys, i need expert assistance issue i'm facing. we have client has 3 domain controllers. primary dc running server 2003 r2, 1 running server 2008, , last dc running server 2008 r2. forest functional level server 2000 & domain functional level server 2003. group policy processing using central store across 3 domain controllers. we have installed new server 2012 r2 terminal server , need apply group policies server lock down. we have separate server 2012 r2 server (say server1 ) joined domain have added group policy management feature can remotely manage group policy. it seems pulling group policy details central store can't see of server 2012 related settings on server1 . are going correct way? how best manage server 2012 policies? thinking either somehow making specific ts group policy load in local policy or templates somehow.. if using central policy store, expected (intended) behaviour. you willl need update central store latest version

i had 2003 domain 1 dc called server1.  i  added 2012 r2 dc called server2 domain , transferred fsmo roles it. demoted original server1 , renamed oldserver1.  everything seemed working fine.  i needed rename server2 server1 applications reasons.  i performed rename using gui. there error, appeared rename did take place.  i rebooted and <g class="gr_ gr_950 gr-alert gr_spell gr_run_anim contextualspelling ins-del multireplace" data-gr-id="950" id="950">netlogon</g> did not work.  <g class="gr_ gr_1039 gr-alert gr_gramm gr_run_anim punctuation only-ins replacewithoutsep" data-gr-id="1039" id="1039">unfortunately</g> i did not system state of <g class="gr_ gr_1038 gr-alert gr_gramm gr_run_anim grammar only-del replacewithoutsep" data-gr-id="1038" id="1038">the 2012</g> before rename.  any ideas appreciated. directory server diagnosis perfo

is there way export attributes used active directory in single powershell command? the following retrieve cn , ldapdisplayname attributes of attributes in schema (one line): get-adobject -ldapfilter "(objectclass=attributeschema)" -searchbase "cn=schema,cn=configuration,dc=mydomain,dc=com" -properties ldapdisplayname, cn | select ldapdisplayname, cn ----- richard mueller - mvp directory services Windows Server  >  Windows PowerShell

hi, three domain controllers in my environment (with fsmo roles), b(just dc) and c (ca+shared folder) c decides reboot following issues: 1) dcdaig /test:dns /s:dnsbasic ldap search capabality attribute search failed on server c, return    value = 81 the host dnsbasic not resolved ip address. check dns server, dhcp server 2)after cannot access shared folder domain users domain admins only. 3) replication fails on server. 4) cannot access cert enrollment via web. is better me backup ca, demote dc , reinstall ca on server. have called ms has been on second day , making no headway. any suggestion appreciated. thanks, hi  you can find dns error 81  topic on ms article; http://blogs.technet.com/b/askds/archive/2010/01/27/dcdiag-advertising-test-with-error-81.aspx if thats not solve issue,you backup ca,demote dc domain,promote dc reinstall ca right proccess.  after demote metadata cleanup,check ad ds,dns,active directory sites , services completing updat

hi, i have new imac having used pcs. use software connect dgl practice manager remote desktop, every time try fails saying: 'unable connect remote pc. please provide fully-qualified name or ip address of remote pc, , try again.' then connect no problems without me changing anything. intermittent connection never happened when use pc. going on?? thanks assistance rob hi rob, check whether have latest version of mrd mac v 8.0.13 installed. after take @ you’re routing/firewall @ internet connection level (i.e. router, hardware firewall, etc). you'll not need have firewall ports opened, port forwarding or nat translation.  might dns related issue well. if you're on same network, try connecting ip address of machine rather hostname. if works you're dealing dns situation of kind.  can test local firewall configuration using telnet port 3389 on remote machine. if connect know firewall allowing port.  hope helps! thanks. dharmesh solank

hi everyone, plan on upgrading hard drives in works server (host). on server have windows server 2012 standard installed (as host os). there 6 hard drives in server, in raid10 array, , plan use acronis true image image  contents of array 1 hard drive (a 4tb western digital). after performing first clone operation take original 6 drives out, , replace them 6 new drives. create raid array out of 6 new drives, , perform second clone operation, involve cloning contents of single 4tb drive onto new array. once boot new array concerned windows licensing may affected.  can see issues plan in relation server licensing? , opinions here appreciated. kind regards, david probably work out pretty good.  windows won't care new volume if does, activate.  if not can call activation helpline, replacing drives doesn't require new license Windows Server

hello, ive done little research , found people support both sides of question, wanted ask here well. ok add isp's dns secondary dns spot on client pc's? or cause problems in domain environment? single domain controller/dns server , first , domain controller in setup. if go down, have go resolution. small store 40client pc's. in advance help... no, shouldn't add isp dns server tcp\ip settings @ all. dns try both primary , secondary can cause dns issues within domain.  you need have second dc\dns server size need second one. having 1 dc puts @ great risk of losing own domain configuration. dcs can install on virtual machine running on server or client pc. having second dc save if other dc goes down. Windows Server  >  Setup Deployment

hi can create single ad domain eg uni.ac.uk , still maintain dns subdomains such dept1.uni.ac.uk without maintaining separate ad domain each dns subdomain?  more info: i work large uk university and we're planning migrate our existing directory services infrastructure active directory, i'm currently trying decide upon design ad , dns.  have dns namespace registered eg uni.ac.uk and hostnames within our organisation have form host.subdom.uni.mmu.ac.uk. we want maintain single ad domain but not want use single dns domain whole organisation.  i've tested creating ad domain eg  test-ad.uni.ac.uk corresponding dns ad dns servers authoratative over.  created a dns subdomain called subdom.test-ad.uni.ac.uk on dns server with test records.  used vista workstation with hostname vistapc.subdom.test-ad.uni.ac.uk , made member of test-ad.uni.ac.uk worked ok.  shared out resources on vista workstation and assigned permissions via ad, worked well when accssed resources via network comput

hola, adquirido un pool de ip en las cuales mi provedor me otorgo la mascara de subred, la puerta de enlace, el dns primario y secundario. quiero asignar cada ip un sitio, ¿como se puede configurar? hola fabidiamanti, simplemente en la conexión de red, propiedades de tcp/ipv4, y botón avanzadas tienes la ficha para colocar cada una de las direcciones ip. con eso el servidor ya toma todas las ips sobre si las vas asingar sitios web, consulta en el foro de iis en este mismo sitio   guillermo delprato buenos aires, argentina el blog de los paso paso mvp - mcse - mcsa2012 mcitp: enterprise administrator / server administrator mcts: active directory/network configuration/applications configuration/server virtualization/windows 7 configuration/windows 7 & office 2010 deployment/vista configuration este mensaje se proporciona "como está" sin garantías de ninguna clase. usted asume todos los riesgos.

i restored 3 vm windows 2008 r2 standard  from backup image vmware vcentre. but says windows activation key not activated. i key same key fails. hello, have chosen activation process again? error shown? please post result slmgr /dlv best regards meinolf weber mvp, mcp, mcts microsoft mvp - directory services my blog: http://blogs.msmvps.com/mweber disclaimer: posting provided no warranties or guarantees , confers no rights. twitter:   Windows Server  >  Windows Server General Forum

i have created script shows in msun group. have column indicates whether user in group, , display group name output. how should change script can see if user member of group? get-aduser -filter {enabled -eq $true} -searchbase “my ou” -properties * | select-object name, @{n='canonicalname';e={($_.canonicalname -split "/")[-2]}}, @{n='memberof';e={($_.memberof -like "*msol*" -replace '^cn=([^,]+),ou=.+$','$1' )}}, @{n='lastlogon';e={[datetime]::fromfiletime($_.lastlogon)}} just add column test second group did first one. \_(ツ)_/ Windows Server  >  Windows PowerShell

i told right networks upgrade microsoft remote desktop 8.0.35.  ever since, rd drops connection if idle few minutes, , i'm losing work product.  i can reconnect after waiting ten minutes, or rebooting computer. thanks, -doug-- hi, just checking in see if information provided helpful. please let know if further assistance. best regards, alvin wang please remember mark replies answers if help. if have feedback technet subscriber support, contact tnmff@microsoft.com . Windows Server  >  Remote Desktop clients

hello, noticed update released yesterday: https://support.microsoft.com/en-us/kb/3063858 in list, windows 2003 , 2003 x64 included in list of operating systems vulnerable , need updated. in technet discussion, 2003 absent in list: https://technet.microsoft.com/en-us/library/security/ms15-063.asp question is, since 2003 extended support ended next month, update released before then? thanks hi, this appears error knowledge base article. windows server 2003 not affected. microsoft has corrected it. thanks time , efforts! best regards. steven lee please remember mark replies answers if , unmark them if provide no help. if have feedback technet support, contact tnmff@microsoft.com. Windows Server  >  Security

hi, we have 3 domain controllers windows 2008 r2 gc, , forrest , domain level 2008 r2. we replaced 1 domain controller windows server 2012 r2, , kept name , ip. every thing seems ok dcdiag , repadmin, can see 1 newly created computer object has failed information below. can see computer object in ad, has different objectid event viewer reporting. have tried seach cant find it. event id shows in new dc, , , information event. how can remove event, need remove object , try add domain again ? trying seach object /regards andreas hi, yes the best approach. remove machine domain , re-join domain again. Windows Server  >  Directory Services

we have terminal server running 2003 r2 x64 , printers created/redirected correct driver while others created use hp deskjet 500 driver instead of appropriate printer driver. for example, have hp laserjet p2055dn printer , have x64 driver installed on server when users connect terminal server maps printer correct name of "hp laserjet p2050..." configured "hp deskjet 500" driver instead of installed driver.  i can manually change driver use "hp laserjet p2050 series pcl 6" driver once either disconnect or logout , log in again reverts deskjet driver again.  for normal printing, prints fine particular printer writing out checks accounting program use , deskjet driver doesn't work , don't want have change driver every time login. same situation xerox workcentre 7655 copier.  i have installed pcl , ps drivers printer on server , map deskjet 500 driver still instead.  two more same thing toshiba e-studio 232 copier , toshiba e-studio 2830c

i have not been able give vpn connected remote users access share mapped drive resides on data volume of a server 2008 domain controller. i have setup cisco asa 5505 adaptive security appliance give remote users vpn access.  drive mapped using group policy preferences in server 2008 desktops in domain.  gp preferences work great! however, remote users cannot access share credentials.  domain admin level credentials work!  share has full control share , security permissions.  machines being used remotely not have computer account in domain. what can win xp vpn connected remote users can map drive share credentials?? i thank in advance , input.     doesn't have vpn. same thing happen if users on lan not domain members. group policy has no effect on non members. remote users affected remote access policies.     to access share on server need credentials valid on domain. need set accounts remote users in ad. can map share using "net use" command , enter password/username in

just wondering causing this. i installed iscsi target feature , features. can see service running. iscsi virtual disk wizard dose not see machine.  i allready disabled firewall see if case. edit: reinstalling server , domain contoler seemed have fixed this. what did mean "but iscsi virtual disk wizard dose not see machine"? Windows Server  >  Windows Server 2012 General

i hoping quick answer quick question. after child domain , have been tasked migrating 2008 r2. forest schema has been expended 2008 r2 region of our company hold root, have no immediate plans add 2008 r2 dc's root. given that, can add 2008 r2 dc's child domain before root has (2008 r2 dc's)? thanks in advance time. ls hello, if had check first thread, already answered: http://social.technet.microsoft.com/forums/en/winservergen/thread/5b134c54-97c7-4109-9ae9-ce65a9139d9a best regards meinolf weber disclaimer: posting provided "as is" no warranties or guarantees , , confers no rights. Windows Server  >  Windows Server General Forum

i have run in strange problem windows server 2008 r2. we have domain controller configured default policies. have normal user have created , made them member of domain local security group. if edit default domain controllers policy (note don't this, test machine blowing away afterwards) allow domain local group log on locally permissions can log on normal user. if lock screen, cannot unlock screen , message 'logon failure: user has not been granted requested logon type @ computer'. i can @ point click switch user , log on same user unlocks screen. difference can see unlock logon type 7, whereas switching user , logging on unlock interactive logon (type 2). if change user member of domain global group , give log on locally permissions works fine. any ideas? thanks, russ hi thunder spook, thanks post. by default, members of users group have ability log on locally, administrator can deny right specific user or group accounts. explicitly denied right ove

how setup active directory domain services can access outside local network? what can is: i have adds server , can login local network. i can join computer domain local network. i can login new user created in domain local network. what do of outside connection. such other network. nick silverstein you need establish connection network containing ad domain controllers allows communication on ports listed in http://support.microsoft.com/kb/832017 (choose ports based on functionality require) hth marcin Windows Server  >  Directory Services

hi all,          not sure if right forum post.          trying write backup , restore agent hyper-v using vss interfaces. have completed implementation of backup , seems working fine. have following documents part of backup each vm intend backup. 1. configuration file vm. (.xml file in "c:\programdata\microsoft\windows\hyper-v\virtual machines" directory). there folder same name backed .xml file. 2. virtual hard disk file(s) if vm "c:\users\public\documents\hyper-v\virtual hard disks" directory. 3. snapshot configuration files (.xml) if any, every snapshot created vm "c:\programdata\microsoft\windows\hyper-v\snapshots" directory. there directory same name backed up. along above list of files, have backup components document , writer metadata document part of backup. my confusion how ever starts restore phase. going through msdn documentation on hyper-v restore in following link: http://msdn.microsoft.com/en-us/library/dd405549%28v

when attempting to send email popup tells me dns server internet explorer not responding    you need provide lot more info understand scenario provide specific assistance resolve issue. here are some examples of need see: operating system version is machine part of domain email client , version (outlook, eudora, etc, , version #, etc) is web based email such hotmail, yahoo, google mail, etc? if the email client outlook, is configured use an ecchange server? if is, setup as outlook anywhere, pop, imap, etc) if hosted exchange, have contacted hosted exchange provider or department? an unedited ipconfig /all any antivirus or antispyware apps installed   microsoft support: how ask question when requesting support: http://support.microsoft.com/kb/555375   ace ace fekay mvp, mct, mcitp ea, mcts windows 2008 & exchange 2007 & exchange 2010, exchange 2010 enterprise administrator, mcse & mcsa 2003/2000, mcsa messaging 2003 microsoft certified trainer micr

hi, i setup domain controller on windows server 2008 r2 , managed make user , connect windows 7 computer it. when connect user files saved on windows 7 computer , not server (biggest problem), programs normal user on windows 7 also available. anyway make purely uses stuff off server?  for folder redirection 1 may help. http://technet.microsoft.com/en-us/library/cc732275.aspx   for programs if you're asking running them server-side seems you're looking @ remote desktop services. http://technet.microsoft.com/en-us/windowsserver/ee236407         regards, dave patrick .... microsoft certified professional microsoft mvp [windows] Windows Server  >  Windows Server General Forum

how can make task sequence , push out through group policy on domain?   i want run shutdown /r command daily.   thanks help. hi, i agree matthias, has provided right suggestions question. mentioned, deploy scheduled tasks via gpp, please refer link provided configure scheduled tasks. if want apply gpp settings windows xp clients, please refer following article detailed steps. group policy preferences not applying on clients: client-side extension, xmllite http://blogs.technet.com/b/grouppolicy/archive/2009/03/27/group-policy-preferences-not-applying-on-some-clients-client-side-extension-xmllite.aspx hope helps. best regards, andy qi andy qi technet community support Windows Server  >  Group Policy

hi, i had 2 vms in saved state , carried out following: changed network on each vms network adapter 'not connected' removed internal network through virtual network manager , created new one. change network on each vms network adapter new virtual network. the vms not start. i have tried following (unsuccessfully): deleted 'saved state' on each vm renamed .bin , .vsv files in respective machines' snapshot folders .old. i have had before , managed fix can't remember how! anyone come across before? thanks. in end removed hyper-v role , added again.  virtual machines still present , able start them successfully.  help! Windows Server  >  Hyper-V

hi all, im having difficulties trying wsus server take on our servers' windows updates. from understand, wsus should download updates directly microsoft, computers members in wsus them when approved/pushed wsus. but im bit confused why member servers still having ability download , go directly windows updates site , download own updates while wsus on network? should when accessing windows updates in web "your wsus server handles updates...." along lines...? my setup: wsus-windows 2003 server wsus redirection via gpo please advise. cheers! db you should start these 3 documents: wsus step step (installation , configuration) guide wsus deployment guide wsus operations guide pay particular attention sections on configuring *clients* use wsus server. lawrence garvin, m.s., mcitp:ea, mcdba, mcsa principal/cto, onsite technology solutions, houston, texas microsoft mvp - software distribution (2005-2010) mvp profile: http://mvp.support.microsoft.

i have site in adss changed subnets. remote office 1 dc.  i did not change ip of dc before shutdown , cannot login dc. idea do? hi, you demote dc, please check following list before demoting: verify dc not gc (global catalog) server , not hold fsmo (operations master role) verify dc not dc in domain verify proper replication happening for more detail information: how-to:  demote dc or manually remove dc http://www.procompgroup.com/library/entry/how-to_demote_a_dc_or_manually_remove_a_dc/ regards. if have feedback on our support, please click here vivian wang Windows Server  >  Directory Services

hi all, hoping support on this. @ moment have server running windows server 2012 r2 on pretty old machine, isn't real server pc has been turned server! it starting bit older , bsod'ing due hardware related problems believe time upgrade!  we going purchasing dell poweredge t110 ii , moving across. have never performed migration before little concerned best way it? we keeping windows server 2012 r2 can reinstall on new server if necessary , move across? there 10 users , 300gb of data. server has following functions: - active directory - dns - dhcp - file sharing/network shares - group policy etc - print sharing my first thought use windows server backup , bare metal backup , restore new server somehow don't think best way go doing want do. can point me in right direction migrate across? the old server still functional @ moment incase important on way done. thanks muchly!  i wondering in regards moving dns, ad etc 1 server another, when new serv

 hello, i thought share my tale in case might in future.  windows 2003 domain.  fine till... i reloaded vista on new hard drive.  applied sp1, downloaded , installed rsat tools vista sp1.  i went gpo xp workstations , of sudden the report (aka settings) failed generate.  i following error in settings tab.   an error occurred while generating report: unable cast object of type 'system.string' type 'microsoft.grouppolicy.reporting.extensions.registry.registryvalue'. during troubleshotting, i found problem.  i found if changed \administrative templates\network\network connections\windows firewall\domain profile\windows firewall: allow logging disabled not configured problem went away.  pretty confident had viewed report fine under inistial vista install, upon reload of sudden got problem. i plan on moving away windows firewall anyways, i'm not worried.  save else time had no luch searching internet error message. jamie thank you! this resolved issue.

i have windows server 2003 radius server nttacplus accounting. problem the users use mac os , ios cant connect network (the mac os users can see authenticating status) . i'm pretty sure have thing windows. settings cause the nttacplus doesn't have configuration for  specific os. i have read this  article  but i don't thing goal. hi, have tried looking @ following article: http://support.apple.com/kb/ht3326   martin   if find information useful, please rate it. :-) Windows Server  >  Windows Server General Forum

i have 2 server in office in same network. server active directory / domain server. user join domain , connect server. server b file server. other user use workgroup. server want domain domain server. but user connect domain server not connect domain server b , user connect domain server b not connect domain server a. is there problem if setup 2 domain in 1 network? please advise. domains logical structure of network. yes can create 2 domains in same network. 1 thing should consider in scenario trusts between domains. default separate domains have not trusts between each other , should establish trust manually if have users in authenticated in domain b. regards. mahdi tehrani loves powershell please kindly click on propose answer or mark post , helpfull other poeple. Windows Server  > 

hi , i have configured the proxy gpo and excludes internal addresses ( 10.40.3 .* ) . the proxy is an isa server 2006 . when the isa server fails, the internal urls do not work in ie if you put the ip . if configure the host file for the computers that ip is the name of the service, then works , but is hard work.  why does happen? thanks   hi customer,        ie lookup proxy bypass exception ip by dns server, please add ptr record in dns server reverse lookup zone for internal website. use "nslookup ipaddress" test it.  add ptr resource record reverse zone http://technet.microsoft.com/en-us/library/cc784741(ws.10).aspx regards, rick tan Windows Server  >  Group Policy

i trying learn powershell.  making script 1. reads file (currently txt) has usernames , read each line username variable. 2. finds user in ad, moves account ou, disables account, removes hmdrive , hmdir 3. checks exists on users directory on share. any help\guidance great. $username = get-content -path c:\temp\test.txt foreach ($username in $user) { get-qaduser -samaccountname $username | disable-qaduser | set-qaduser -homedirectory $null | set-qaduser -homedrive $null | set-qaduser -logonscript $null | fl name,samaccountname,homedrive,homedirectory,emailaddresspolicyenabled} move-qadobject $users -newparentcontainer "ou=termed employees,ou=ou_users,dc=domain,dc=domain,dc=com" if (test-path -path \\evergreen\ehc\users\$username ) { #move-item \\path\path\users\$username \\path\path\users\0lduserdirectories\$username 'it exist' } else { 'does not exist' } jason try this.  each statement on separate line, not