Tag: Active Directory

I have been following through the Windows 2003 disaster recovery guide recently in preperation for some work I will be completing for a customer. And it talks about raising the available RID pool value. The reason for this is to ensure that  no domain controller allocates a RID for a security principal that was created…

I have been doing some work around disaster recovery recently of a Windows 2003 Active Directory. Here is a useful link list of locations I have put together. You may not be aware that the Disaster recovery white paper has been updated. Windows Server 2003 Forest Recovery Whitepaper http://www.microsoft.com/downloads/details.aspx?FamilyID=afe436fa-8e8a-443a-9027-c522dee35d85&DisplayLang=en Windows 2003 Operations Guide http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Operations/9c6e4dd4-3877-4100-a8e2-5c60c5e19bb0.mspx 840001…

The Pdc emulater is a very busy bee. It has a multitude of tasks and roles in a busy Active Directory Environment. It can be especially in larger networks subject to what is known as “piling on”. Some of the main causes of this is due to the multitude of tasks it is expected to…

I was asked by a customer last week, “What is the best way to really find out what is happening to my Group Policies during the Logon Process”. My answer is ….use Userenv logging. If you do not know what that is check out the following Webcast http://support.microsoft.com/kb/835302 Plus also kbarticle. http://support.microsoft.com/kb/221833 Once switched on…

The DNS 7062 error is a really quite annoying and frustrating error which can be caused for a variety reasons; The error message in the event log is as follows; “The DNS server encountered a packet addressed to itself on IP address xxx.xxx.xxx.xxx” To troubleshoot this problem take the following actions. STEPS Check the following areas…

Even in a Windows 2003 AD environment Wins maybe still required, dependant on what applications you are running . However there are certain rules that must be adherred to for a healthy Wins Environment  Wins Servers should always be configured to point to themselves. This is because of the potential for split registrations. See Kb article Setting Primary and…

You probably know this command already…but only have time for a quick post today. However a nice command I use to list all Domain Controllers is the following REPADMIN /VIEWLST *

A customer the other day was looking to configure his Domain Controller in a remote Branch Office behind a firewall. The question was what ports are required for Active Directory Replication. The answer is the following; Port Assignments for Active Directory Replication Service Name UDP TCP LDAP              389  389 LDAP                     636 LDAP                     3268 Kerboros         88    88 DNS               …

What are CNF Objects and what are they indicative of. Cnf objects are created by the Active Directory detected a “conflict”. As you are probably aware the Active Directory is a multi-master environment. Therefore if two Administrators in different parts of the active directory create an object in the same container with the same name then a conflict…