Hi guys, I'm trying to create AD security groups based on a custom property, say EmployeeType, that property has two values: Employee/Contractor. I want to create one group for Employee, one group for Contractor based on that custom property value, so that all existing users can be put in those two buckets and new added users can be automatically put in the corresponding bucket

Hi, Can anyone help with how can I query AD for Account containing specific word in the DisplayName. I am using Custom SSearch in AD and I have to write the LDAP query which needs to display all accounts where DisplayName contains test. Display all Accounts where DisplayName contains (Test) Sorry I'm new to LDAP and I need this to be in AD. Thank you, Lion

Hi all, We experience replication or pdc role problem. Those DC split into 2 groups which seems lost the connection. On PDC, it can replicate and query FSMO with 5 DC. From another 5 DC, they can't telnet port 53/389, also fail to query FSMO and replication. I have setup 1 DC which plan to seize the roles from the PDC. DNS/WINS are running normal, but DHCP can't assign IP to client

Everyone, I just wanted to add that this is still a highly recommended path from Microsoft. I read above in other posts that it was not so I started to read the Windows 2008 AD Resource Kit. The resource kits states that if you are using a forest with multiple domains that it is "strongly" recommended to also use an empty root. This is listed on page 215 under "Best Practices". I am

What is the difference between Critical Backup & System State backup in Windows Server 2008 and which one is recommended and what are the restoration differences using these two types of backups?

What is the difference between Critical Backup & System State backup in Windows Server 2008 and which one is recommended and what are the restoration differences using these two types of backups?

Hello All, We are running 2003 DC's at a 2003 Domain Functional level with a single parent and child domain (All DC's are GC's) - and are working to introduce 2008 R2 DC's but stay at the existing 2003 Domain functional level - with the idea that we will eventually raise the level to 08. I have already tested all the procedures and introduced an 08 R2 DC into the env - I am now

When trying to add a new Windows Vista (hqseven) machine to a Windows 2008 network I get the following error message... "An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain." In the past year, I have added two XP, one Windows 7, and another

Guys, I have one specific DC that is loosing time. If I restart the server or the w32time service, the time is correct for the first minute. After that their is a skew of 11 minutes between this DC and the PDC Emulator (and all other DCs) as a result my clients are also being affected. Windows 2003 Sp2 Please Help! Thanks

I am trying to create a replica of an ADAM instance (Windows 2003 sp2) under AD LDS (Windows 2008 sp1). I am using the same domain account that I used to create the ADAM instance. I can use this account to create a stand alone AD LDS instance and even a replica of another AD LDS instance. When I try to create a replica of the ADAM instance, everything looks good in the wizard but when I

Good Day, I am new to the SAN game and have been mulling over the implications of Clones of a DC. We thought that it might be a good idea to clone our DCs at strategic points in our network life cycle as a disaster recovery technique. Then I began to wonder, "What happens in AD if I bring online a clone?" My worries are that the clone will be "DC minus a month" of AD changes.

Hi, I'm writing a script to move the computer object from the default computer container to the OU which belongs to a particular site where the computer resides. If i run this script as logon script i.e when Domain Admin is logged on the computer objects moves fine . But as a startup script , it doesnt work throws error General Access denied . I know this is a permission

Hello, I am trying to use this script provided by MS to create a site on my windows 2008 DC: However, it does not work. I get an error saying:There is a naming violation for line: Set objSite = objSitesContainer.Create("site", strSiteRDN) objSite.SetInfo Here is the script. Is it not intended to work in windows 2008? Thanks! strSiteRDN = "cn=Ga-Atl-Sales"

I think I have a fix. But can anyone explain what is happening here? I have found a solution (not mine, from other forums) that, so far, seems to be working for this problem. (refer to thread http://www.winserverkb.com/Uwe/Forums.aspx/windows-server-ad/201003/1 for full problem) I will post it here for other seekers. Also, if anyone (Ace maybe?) can explain what might be going on, I'd

Hi all, We have win2k3 DCs and exchange 2003 Sp2 envir. and the functional level is windows 2003. We want to introduce the one windows 2008 R2 domain controller. Is there any problem when windows 2008 R2 domain controller and windows 2003 domain controller exist together? Any cautions? Thank you.

Hi I am trying to log on with terminal services; with administrator. I have active Directory. It was working till i installed ad. I think I need log on locally. Chris -- chrisrob300 ------------------------------------------------------------------------ chrisrob300's Profile: http://forums.techarena.in/members/225233.htm View this thread: http://forums.techarena.

Our domain with 3 2k3DCs is running at Windows Server 2003 Interim level. We would like to raise the functional level to Native Windows Server 2003, but we are afraid of working problems with our Proxy because it handles NTLM protocol. Does anyone know if there could be any problem? Thanks. Regards.

We are a simple single domain using 2003 Server. Our company is now merging with several other companies. Using AD how do I add domains of the other companies and yet have each domain be separate from the others? For example our domain would be xyz.com, now I need to add abc.com to our AD. I don't want to have abc.xyz.com - I want them both to be separate but using the same AD. I'm

Hello, I am using Exchange 2007. I am looking to perform a search in Active Directory for users who are not in specific groups. Is there a way to perform this search with multiple groups in 1 search to see who is not in these groups? Ive been searching the net but haven't really found an answer. Thanks in advance -- yankz23

Question: I am looking for pull in a new monitoring and auditing system for AD but I am unsure what to use. Any recommendations. Some of the data I absolutely want to pull: User account create/delete Account Lockouts Computer obj join and deletes users/groups/computers being moved from OU's who is logging into domain controllers. System Reboots Group Policy changes I know

What are the benefits of adding subnets under sites and services? I have noticed a few setups were subnets are added and others were they are not added. Can someone explain why I would want to add subnets. -- minor22 ------------------------------------------------------------------------ minor22's Profile: http://forums.techarena.in/members/224544.htm View this thread:

Piotr wrote on 03/11/2010 11:54 ET : > Hi, > Could you help me to fix following issue please? I

Hello, I have a problem with the authentication of users to access services. I have a domain with Windows 2008 R2 and all servers are W2008 R2. I want to add a domain user as local administrator into the server and not appears on the list, but says if it is. If I logon on that server with the domain user works fine but does not have administrator access because some complement

Hi. Is there a way to automate the deployment of Auditing settings to the OU's in AD? I only have a handful so it doesn't have to be TOO efficient. These have to be deployed automatically (via script, command line or whatever) if at all possible. Is this possible? If so, where can I start looking? Thanks!

Hi, I have a replication error at one site. As the possible cause might have been a dns problem I decided to have the DC point to another dns server for it's dns information. After that change and a renewed attempt to replicate I got: ----------<quote>--------------------------------- Event Type: Error Event Source: Kerberos Event Category: None Event ID: 4 Date: 17-5-2010 Time: