'Active Directory' Tag

PowerShell : Set-ADAccountPassword cmdlet in Windows Server 2008 R2

Here is quick snippet of password set/reset ‘Set-ADaccountPassword’ cmdlet in 08 R2 via ADWS (native AD cmdlets) and a test screencast from me. I highly recommend to use the built in cmdlet help to learn the syntax and available parameters. Whether you are using the cmdlet as an one-off task or trying to incorporate it [...]

Share/Bookmark

posted in Active Directory, PowerShell, Windows Server 2008 R2 by Rick

    • Another look at Active Directory Administrative Center (ADAC)

    Previously I had briefly written about ADAC and today we take a look at some of the things you can accomplish by this new interface of Active Directory. We start out by launching the ADAC, by running DSAC.exe from the run window ADAC offers two views, the list view and the tree view There are [...]

    Share/Bookmark

    posted in Active Directory, Windows Server 2008 R2 by Rick

    • Group Nesting Reference Chart

    The Active Directory Groups Nesting restrictions is an often-discussed topic among my peers especially in a multi-domain forest and often a question raised in forums and mailing lists. Although there have been some great blogs written that dive deep into the technical restrictions, I personally needed a simple reference chart that I could refer to [...]

    Share/Bookmark

    posted in Active Directory, Windows by Rick

    • Is there an Active Directory Visual Illustration/Diagram ?

    A question was raised on ActiveDir, and I learned about an old TechNet Jigsaw on AD’s interworking.                                                 Along with that, there was a new Windows Server 2008 AD Feature Components which [...]

    Share/Bookmark

    posted in Active Directory, General, Group Policy, Hyper-V, IIS, RODC, Server Core, Windows Server 2008 by Rick

    • How many DFL and FFL are there now ?

    As named “domain modes” in Windows 2000 time, Domain Functional Level and Forest Functional Level (introduced in Windows Server 2003) list has grown with the inception of two new Windows Server 2008 functional levels. While Domain Functional Level limits the OS of the DCs, a raise to the Forest Functional Level (in a multi-domain environment) [...]

    Share/Bookmark

    posted in Active Directory, Windows Server 2008, Windows Server 2008 R2 by Rick

    • What is Active Directory Management Gateway Service (ADMGS)?

    Windows Server 2008 R2 provides a web service that is required by ADAC and native AD-Cmdlets of PowerShell, that service in known as ADWS and its part of proverbial ADMGS framework. So ADMGS equals ADWS out-of-box. The service lets Server 2008 R2 AD PowerShell cmdlets and other applications work against the DCs with ADMGS installed. [...]

    Share/Bookmark

    posted in Active Directory, PowerShell, Windows Server 2008 R2 by Rick

  • Is there a GUI to manage AD Recycle Bin ?

    Much has been said about the manageability of AD Recycle Bin in Windows Server 2008 R2 via the Microsoft’s intended way i.e via PoSH cmdlets. Though this option stays to be only enable-able via PowerShell, the ability to restore objects (the process of reanimation of objects in earlier ADs) has been extended to GUI by [...]

    Share/Bookmark

    posted in Active Directory, Windows Server 2008 R2 by Rick

  • How do I enable the Active Directory Recycle Bin in Windows Server 2008 R2 ?

    Launch the PowerShell under Administrator’s account context, and type this cmdlet. Enable-ADOptionalFeature -Identity ‘CN=Recylcle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=yourdomain,DC=com Read and understand the warning of this action’s irreversebility, and hit “Y” for yes to continue. In following screenshot I show you an error not neccesarily applicable to you, the cmdlet complained about not being able [...]

    Share/Bookmark

    posted in Active Directory, PowerShell, Windows Server 2008 R2 by Rick

  • How do I perform an offline domain join in Windows Server 2008 R2 ?

    As briefly discussed before, a feature to offline domain join machines is available in Windows Server 2008 R2. The utility is called “djoin.exe” which is used to perform this task. Here is an official blurb on what the offline domain join is what it would be used for and then I will show you how [...]

    Share/Bookmark

    posted in Active Directory, General, PowerShell, Windows Server 2008 R2 by Rick

  • Active Directory Best Practices Analyzer (ADBPA)

    A couple years back someone made a recommendation on Microsoft Exchange Forums that equivalent to Exchange BPA, it would be nice for AD Admins to have an AD Best Practices Analyzer, this was passed on to the AD Team. Though I am not if this particular thread was the driver behind it, but starting in [...]

    Share/Bookmark

    posted in Active Directory, PowerShell, Windows Server 2008 R2 by Rick

  • What’s the Schema version of Windows Server 2008 R2 ?

    It is version 47 in RC and it may very well change when R2 gets RTM. You can check the objectVersion attribute of your current forest on the Schema Naming Context (NC) via ADSIedit.msc. Here are some older Schema versions. 13=Win2k 30=2003 31=2003R2 44=2008 Here is more detail of schema changes in Windows Server 2008 [...]

    Share/Bookmark

    posted in Active Directory, Windows Server 2008 R2 by Rick

  • The only valid review of Active Directory Design

    Who needs ADRAP or ADHC when you have this in front of you. This is a modification from me of  “Good code, Bad code”  originally from the author credited on the picture.                             Enjoy

    Share/Bookmark

    posted in Active Directory by Rick

  • Active Directory Scalability limits

    Have no more than 1200 DCs in your domain..say new scalability limits. I wonder if anyone realistically has reached that limit without a need to break down the domain into multiple domains/forest, this limitation lies in FRS’s ability to keep things sane with the SYSVOL replication. The new Active Directory Maximum Limits – Scalability recently [...]

    Share/Bookmark

    posted in Active Directory by Rick

  • Improved password reset option in Windows Server 2008

    Lets you know if the account’s status on current DC (you are connected thru ADUC) is locked/unlocked. I did a post earlier regarding account lockouts in Windows Server 2003. This small feature is good to have.

    Share/Bookmark

    posted in Active Directory by Rick

  • Active Directory Administrative Center won’t work unless .. ?

    I will tell you that  ‘if’ but first off, for those not aware, meet ADAC, the successor for your ADUC. Active Directory Administrative Center, an idea long awaited for by AD Admins. Starting in Windows Server 2008 R2 and RSAT tools in Windows 7, you will have a richer administrative console for your Active Directory [...]

    Share/Bookmark

    posted in Active Directory, PowerShell by Rick

    •  
    (c) 2008 - 2012 Shariq Sheikh. All Rights Reserved.