Microsoft Exchange and Active Directory Blog
This topic is not directly related to Active Directory, but it often seems to receive little attention. Many companies do not configure DNS aliases for services such as shares, printers, web servers or any other services. This is usually not a problem, but it can lead to frustration and overtime for administrators (and ... Read more
Many things can be simplified or scripted with Powershell. If you often need to create new folders or shares, you can use Powershell to create the folder, create the corresponding groups for access and also add the groups to the NTFS permissions. Here is a small example: # This script creates a folder in the specified path, creates ... Read more
If you want to deactivate the SID filter on a German-speaking Windows 2008 or 2008 R2 server, use the following command: Netdom trust /domain: /quarantine:No /userD: /passwordD: Please note "/quarantine:No", on Windows 2003, as well as on English Windows Server 2008 (R2) this parameter is "/quarantine:No". Server 2008 also displays the information that ... Read more
The Best Practice Analyzer issues a warning if not all organizational units (OUs) of the organization are protected against accidental deletion. If you do not want to do the work of clicking on all OUs individually and activating the protection, you can let Powershell do the work for you. We first import the Active Directory module into the Powershell: ... Read more
Anyone installing a new DC should synchronize it with an external time source. It is advisable to use a time server on the Internet. The following instructions synchronize the DC with the NTP server of the Physikalisch Technische Bundesanstalt in Braunschweig. Simply copy the text into a text file and save it with the extension .REG, then execute this file and ... Read more
If the setup of Exchange Server 2007 reports that no Global Catalog Server is available at the site, this is usually due to the following reasons: There really is no Global Catalog available at the site. Solution: Assign the Global Catalog to an existing DC or provide a new DC The DC at the site is a Windows Server 2008 and the domain functional level ... Read more
If you often have to deal with replication problems in your Active Directory, you should switch on "Strict Replication Consistency". In the event of replication problems between 2 or more DCs, the following scenario could arise: An AD object is deleted on DC1, but due to replication problems the change cannot be replicated from DC1 to DC2. If the replication problems last longer in this case ... Read more
