Home » Microsoft » Archive by category 'Active Directory'
Deploy wireless settings with Key using netsh script and GPO May 03
  Windows 2008 has built in policy GPO for wireless setting management. You can configure your network setting using Certificates. It is the most recommended and secure way But if you like to deploy the wireless settings using static key, you will have to use other way. The steps bellow describe the way to deploy Wireless LAN settings with a Pre-Shared Key The purpose is to Automate Adding Wireless Profile in Windows. Preparations Configure Wireless settings on one workstation Read more
Under: Active Directory, GPO, Microsoft, Scripts, Vista, Windows 7 Tags: , , , , , , , , , , , , , , , , , , , ,
Show only specified Control Panel items GPO doesn’t apply on Windows 2008R2 Terminal Servers Aug 24
  In Previous version we used to work with CPL File Names  to define which one of control panel applets will be displayed. In order to make it work Use Canonical names instead. It should Look like that You can get the full list from here Read more
Under: Active Directory, GPO, Server 2008 Tags: , , , , , , , , , , ,
Block Access to My Computer Properties Menu in Windows 7 and Vista Oct 30
In System properties window you can various information about  Windows system . You may wish to block it to prevent users from accessing it  and do changes. You can easily disable access to My Computer context menu through AD Group Policy. This solution doesn’t block access to menus, only hides it from right click. Menu  can still be accessed Windows key + Pause/Break key. To disable it Open Group Policy Manager Navigate to User Configuration > Policies > Administrative Templates > Read more
Under: GPO, Microsoft, Vista, Windows 7
Prevent users from disjoining from domain using GPO Oct 29
  There is no 100% foolproof  solution that blocks local admin users access the option of disjoining their computer from domain , but you can make it harder to get to system menu. I remove the "properties" from when you right click on my computer. Then i also remove system applet from control panel menu ,and disable registry editing. To disable right click on my computer go to Group Policy. Navigate to  User Configuration>Administrative templates>Desktop Read more
Under: Active Directory, GPO, Microsoft, Vista, Windows 7, Windows XP Tags: , ,
c1038a21 PR_PF_PROXY exchange 2003 public folders error Jul 22
Error c1038a21 appears when you try to view properties of public folder system folder – Schedule + free busy or offline address book folder Microsoft have a article on how to fix it , but in there guide they recommend usage of Information Store Viewer (MDBVu32). I prefer to use PFDAVAdmin that can be downloaded from here it is much easier . Run PFDAVAdmin Press on file>connect Fill your DC settings like on screenshot bellow (don’t forget to select public folders) Read more
Under: Active Directory, Exchange 2003, Server 2003 Tags: , , , , , , ,
New User Mailbox is Created in Wrong Mailbox Store or Storage Group Apr 28
The issue occurs when you are trying to create mailbox for new user using ADUC in Exchange 2003 By Microsoft the reason for the issue is : After upgrade of the forest to a 2003 native mode functional level, the Recipient Update Service may overwrite the value of the homeMDB attribute for new Microsoft Exchange Server 2003 users. To fix the issue: Open ADSI Edit. Double-click the Configuration container Expand CN=Services Expand CN=Microsoft Exchange, Expand CN=<Your ExchangeOrganizationName>. Read more
Under: Active Directory, Exchange 2003, Microsoft Tags: ,
Useful AD PowerShell Commands Apr 08
Finding Disabled Users: get-qaduser –disabled Create a new Active Directory user: new-QADUser -name '<User CN>' -parentContainer '<Parent DN>' -UserPassword '<Password>' -FirstName '<User First Name>' -LastName '<User Last Name>' -UserPrincipalName '<User UPN>' Create multiple users in Active Directory: $parentDN = "<ParentDN>" $strPass = "userPaswd" For ($i = 1; $i -le 1000; $i++) { $strUserName = "User" + $i New-QADUser -name $strUserName -parentContainer Read more
Under: Active Directory, Microsoft, Scripts, Server 2008 Tags: , ,
Move Domain Controller to other site – PowerShell Apr 06

$dcname = <DomainDNSName>
$newSite = "NewSite Name"
$context = New-Object
System.DirectoryServices.ActiveDirectory.DirectoryContext(‘DirectoryServer’, $dcname)
$dc =
[System.DirectoryServices.ActiveDirectory.DomainController]::getDomainController ($context)
$dc.MoveToAnotherSite($newSite)

 

Where DomainDNSName – Enter your DNS domain name

Under: Active Directory, Microsoft, Scripts, Server 2008 Tags: ,
Moving a Group to Another Domain – Using ADMT Apr 01
To move windows group to other domain download ADMT Tool Install Active Directory Migration Tool Open the ADMT MMC snap-in it is located in Administrative Tools. Chose source and destination domains and click Next. On the Group Selection screen, chose the group that you want to migrate and click Next. On the next screen, select Browse and locate the desired OU. On the Group Options screen, select one or more of the following and click Next: Update user rights: Copies any user rights that Read more
Under: Active Directory, Microsoft, Server 2003, Server 2008 Tags: , , , , ,
Folder Redirection to NTFS share Permissions Mar 30
If you want to redirect domain user folders to NTFS or Storage share, you need to set the permissions like in the list bellow: Creator Owner => Full Control on “Subfolders and Files Only” Security group of users needing to put data on share => List Folder/Read Data, Create Folders/Append Data  on “This Folder Only” System =>  Full Control, on “This Folder, Subfolders and Files” In addition you can add Domain Admins security group to have permissions on user folders: Open Read more
Under: Active Directory, Microsoft, Security, Server 2003, Server 2008 Tags:

Tag Cloud: