— (Note: This is a copy from another site and at this time my snapshots are missing)— Microsoft’s Preupgrade check list Before upgrading AD verify all current applications are compatible Verify you are on the correct version for 2008 For example, does your SAN at its current release support 2008 Does the version of Exchange you … Continue reading "Upgrading AD from 2003 to 2008"
If you have a hub and spoke site topology, it may not be a good idea for certain (Or all) spoke dc’s to be advertising, via dns services, the ability to provide authentications services. If you have a remote site with a dc that fails it is usually best that the spoke send its users … Continue reading "Preventing Spoke DC’s from Advertising in the Hub Site for Authentication Availability"
Decommissioning a dc requires all domain services that currently reside on a server need to be moved to other dc’s. You need to move any fsmo roles from this dc to another dc (KB255960) To learn where the roles reside run the command netdom query fsmo If the PDCe fsmo role resided on this … Continue reading "How to Decommission a Domain Controller"
The first set of steps is to get a good pc into the production domain. Once this pc is a member it needs to be promoted and be a healthy participant in the network. The new DC then needs to be removed from the network before it is restarted (From its restore) to prevent any … Continue reading "Create A Test Domain (Old Style)"
To establish secure communications between DC’s defined and variable ports (High Ports) need to be able to communicate. In the scenario defined below the internal dc’s have no outbound restrictions, inbound is restricted to a need to have with the restriction of 200 RPC ports are set for on demand need. The following port … Continue reading "Windows 2000/2003 Replication through a Firewall"
If you would like to promote a Windows 2008 server core o/s to a RODC but the server is at a remote location, you can run into multiple road blocks. Firewall ports need to be opened, remote management needs to be enabled plus you need configuration information configured. The following text should help assist you … Continue reading "How to Remotely Promote Server Core to a Read Only Domain Controller (RODC)"
An external forest trust relies on NetBIOS name resolution, dns is not involved. All trust communication traffic flows between the Windows 2003 PDCe and the PDC. It doesn’t matter how you have your LMHosts table setup or your firewall setup the trust is only going to work with these two being able to talk to … Continue reading "External Forest Trust Configuration with a Firewall – Windows 2003 and NT4"
Do any of these symptoms sound familiar? A users account keeps getting locked out, even though they haven’t even had to enter their credentials except to maybe unlock their screensaver A scheduled task quit working, such as a night backup job · Services that used to start up at boot up will no longer start … Continue reading "User Account Lockout Troubleshooting"
Starting with Windows Vista and Server 2008, IPv6 is the default over IPv4. This can be annoying if your enterprise network isn’t prepared to support this. You can modify this default behavior by OR’ing and registry setting on your machine. The registry setting is the DisabledComponents registry value and it controls a series of bit … Continue reading "Configuring IPv4 as Default over IPv6"
This blog will detail how I created an Active Directory (AD) user provisioning tool with PowerShell. It probably won’t be what you expect; the amount of front end entry is almost non-existent. The key to consistency within your enterprise is to take as much of the human element out of the picture as possible. Without … Continue reading "How to Create an Active Directory User Provisioning System"