Read-Only Domain Controllers failing to provide authentication
We've got an environment where we've got about 40 remote locations, and based upon their needs, we'll provide a read-only DC (if they have a small number of employees and don't host any applications)...
View ArticleGroup Policy - deploying to remote office
Hi, I'm wondering about different ways to deploy a 300 MB Software installation(computer config) GPO to our remote offices. This is currently working in our main office, where our domain controller...
View ArticleMavericks/Active Directory logon error: network users unavailable
Hi all, I have an issue with a fresh install of Mavericks on two Mid-2011 Mac Minis, while another three Mac Minis are not throwing the same error, yet have been configured the same way (by me!)All...
View ArticleWhat happens when I apply a GPO to tighten security
So, yesterday I created and applied a GPO to enforce security on Remote Desktop rights and authorization. Basically, I needed to prevent accounts that have local administrator privileges from being...
View ArticleCreating an LDAP search filter to search all users of a group with nested groups
I am trying to create an LDAP filter for Windows AD that will enumerate all users of a specified group. This group will be a member of other groups, which groups contain the users.-EDIT- For...
View ArticleRestrict users in a security group to only logging into computers in a single OU
Hello,I’ve got a group of users in a security group that are only allowed to login and user computers in a single OU. What’s the easiest way to restrict logins to this single OU for this group and stop...
View ArticleAD not the best place to store Bitlocker keys? says who?
We use bit locker on all our client laptops. Two domain controllers on the network. We recently got audited and they told us that it is bad practice to store the keys in active directory. We are...
View ArticleForce locked user to log off when new user logs on
I know that you can disable fast user switching through GP but what I would rather have is the ability for a new user to log on and have whomever is currently logged on/locked forced to log off. This...
View Articleif I move a computer to a new domain, what happens to group policy?
So after many months of trying to untangle the domain I inherited, fighting with GP and folder permissions, folder redirection and the like, I have decided to start from scratch so I know what is...
View ArticleLogon script not running via GPO
Server 2008r2 AD: assigned to department OU GPO: UC/win settings/scripts/logon Script: sysvol...user/scripts/logon/script.vbs Ok so if I browse to the script on the domain and run it then it works....
View ArticleDesktop Folder Redirection - I think I need to tweek
I have Folder Redirection setup and one of the items is the users Desktop. Problem is, if there is ever a network issue, users loose their desktop items and I have to tell them, "or do it for them",...
View ArticleWindows XP Group Policy Shortcuts Module Cannot be Found
We just re-imaged a computer lab with an image that was working fine. Now the 29 computers will not receive shortcut policy. The issue seems to be with the machine replying with the Group Policy...
View ArticleCant login to domain- User profile service service failed the logon
Hi, i know this topic has been up before but none of the solutions work for me.Here is my case, i have a windows 2008 R2 domain controller, client systems run windows 7 pro.Whenever i create a new user...
View ArticleAdding OS/X to Active Directory: invalid user name and password combination
Okay, this is driving me nuts.First time in a long while I am dealing with Apple products. But due to some company changes, the new owners have brought their macbook pro systems into the mix. So I am...
View ArticleMoving Group Policy to another Domain Controller?
HiCurrently we have our Group Policy being administered by an older domain controller (server 2003). We want Group Policy to be administered by our new domain controller (server 2012). How can we do...
View Articlesending messages to all domain users
How do I send everyone a message on the domain? I can't find simple straight answer on spicework :/ I am using Windows Server 2012.
View ArticleShould Windows Be Locked Down?
OK, I know this has been discussed ad nauseum. However, I'm in a pinch I need some brain help. I need to come up with Pros and Cons for locking down PC's. Now, I also want to hear comments from what...
View ArticleDell Poweredge Servers700
In admittiing my weak area. I was wondering if this server would be a great fit for learning AD on and if so What version of Server OS to use?
View ArticleCustom screen saver via group policy
Hi,I'm looking for a way to deploy custom picture on screen saver via group policy to all of the company computers.I want to point the screen saver to specific path on all the computer c:\screensaverIs...
View ArticleLost connection to all domain controllers when adding second NIC
Hi SpiceheadsI have been tasked with replacing a server 2008 R2 with a new Server 2012 R2. Started on Friday, Replicated domain, transferred FSMO roles. I also have to configure the new server as a...
View Article