- Log on to the computer as a member of the Domain Admins group.
- Open Active Directory Users and Computers.
- Click View, and then click Advanced Features.
- First, clear permissions on the OU for which you want to remove protection. To do this, right-click the OU, and then click Properties.
- In OU Properties, click the Security tab, and then click Advanced.
- In Permission Entries, select the Deny entry for the Everyone group, and then click Remove.
- Click OK to close the Advanced Security Settings, and then click OK to close OU Properties.
- Second, clear permissions on the parent container of the OU for which you want to remove protection. To do this, right-click the parent container, and then clickProperties.
- In ContainerProperties, click the Security tab.
- In Group or user names, select the Everyone group, and then clear the Deny check box for Delete All Child Objects, and then click OK to close Container Properties.
Wednesday 6 April 2016
To remove protection that prevents an OU from accidental deletion
Tuesday 5 April 2016
DHCP - Event ID 1046 - Authorized issue.
To resolve this issue, follow these steps:
- Start the Active Directory Service Interfaces (ADSI) Edit MMC snap-in. To do this, follow these steps:
- Click Start, click Run, type Adsiedit.msc, and then click OK.
- Click Tools, and then click ADSI Edit.
- In the console tree, expand the Configuration container, expand CN=Configuration, expand CN=Services, and then expand CN=NetServices.
- In the details pane, you may find objects that resemble the following:CNF:<GUID>,CN=NetServices,CN=Services,CN=Configuration, domain
- Right-click the objects, and then click Delete.
- Exit the ADSI Edit MMC snap-in.
Force Active Directory replication on a domain controller
In order to force Active Directory replication, issue the command ‘repadmin /syncall /AeD’ on the domain controller. Run this command on the domain controller in which you wish to update the Active Directory database for. For example if DC2 is out of Sync, run the command on DC2.
A = All Partitions
e = Enterprise (Cross Site)
D = Identify servers by distinguished name in messages.
By default this does a pull replication - which is how AD works by default. If you want to do a push replication use the following command:
repadmin /syncall /APeD
P = Push
You want to do a push replication if you make changes on a DC and you want to replicate those changes to all other DC's. For example, you make a change on DC1 and you want all other changes to get that change instantly, run repadmin /syncall /APeD on DC1.
For view the replication status
repadmin /showrepl
repadmin /showrepl <dcname>
repadmin /showrepl * /csv >showrepl.csv
A = All Partitions
e = Enterprise (Cross Site)
D = Identify servers by distinguished name in messages.
By default this does a pull replication - which is how AD works by default. If you want to do a push replication use the following command:
repadmin /syncall /APeD
P = Push
You want to do a push replication if you make changes on a DC and you want to replicate those changes to all other DC's. For example, you make a change on DC1 and you want all other changes to get that change instantly, run repadmin /syncall /APeD on DC1.
For view the replication status
repadmin /showrepl
repadmin /showrepl <dcname>
repadmin /showrepl * /csv >showrepl.csv
Subscribe to:
Posts (Atom)