Finally the help of IT is here

Blog of computer solutions.

As for terminal server access to a Domain Controller without domain administrator permissions.

Posted by Xaus Xavier Nadal 12th on January 2011

Good.

As you all know on a domain controller (DC) you can not create local users and assign users to local groups and that these users are the domain itself already, but on occasion need to give permissions to a user to enter remote desktop to a domain controller server, especially if the server hosts more than a domain controller as it could be a file server.

Well, to give permissions to a user who is not a domain administrator on terminal server within a domain controller has to do the following:

Conectaros to a domain controller with domain admin privileges from the management tools we access the security policies on the domain controller and thence to the following path:

Security Settings -> local policies -> User Rights Assignment -> Configure Allow logon through Terminal Services

Megacrack read »

tags: , , , , ,
Posted by Domain Controller, Domain Controller, Permissions | No Comments »

What you need to know about the Global Catalog (GC)

Posted by Xaus Xavier Nadal 2nd on May 2010

Good,

2 days ago a reader of the blog (JORGE) asked me a question about Global Catalog and so today we talk about the Global Catalog.

The question was:

I have a host server and an additional domain. In both should be the Global Catalog or just the main ?.

First tell it does not matter that all domain controllers are Global Catalog, (even it is a good practice in a single domain since all DC and maintain a complete set of attributes for the entire domain and does not affect the reply). In several domains within a forest and replication influences it must also be replicated to the GC, but the benefits are the decrease of the bandwidth of the line because of replication.

The only server that should not be GC is the infrastructure master but should be next to another that was (But, for the whole organization out there would be no problem GC).

And that is serving the GC?

The GC is a partition that stores information about each object in the forest.

The GC improves the efficiency of the active directory service and is required for applications such as Exchange

When all DC are GC all DCs have an update on every object in the forest information.

The GC replicates the universal group membership. That is: If we have a user who is a member of universal group and is unable to reach the GC will not get the membership of universal groups. (Although you could configure the cache Universal group membership (UGMC)) but that it will come in another article, or maybe not, we'll see.

Having said all this ?, Where you should put a GC if I do not want to put on each DC?

Where an application to conduct many queries to Active Directory will be used.

Where connection to a GC server was slow or unreliable.

Where would an Exchange server on the same site.

I hope I have clarified the doubt and hope that Jorge has been helpful to others.

Greetings MegaCracks.

tags: , , , , , , , ,
Posted by Active Directory, Domain Controller, Domain Controller | 2 Comments »

How to create a new domain in Windows Server 2008 R2 x64.

Posted by Xaus Xavier Nadal 6th on December 2009

Good.

Today I'll show you how to create a domain from scratch on Windows Server 2008 R2 x64. This procedure is exactly the same in 32 bit versions and versions that are not R2.

The domain that we create will be called megacrack2.es and will be the first domino of a new forest.

First we have a Windows Server 2008 R2 X64 server. (You can follow this article to see how 2008 installed Windows from scratch but without the passage of sysprep since this server will not be a basis: Installing Windows Server Std 2008 R2 X64 step by step to use BASE).

Now that we have a clean server Windows Server 2008 with the latest patches proceed to make the first settings to prepare the server for a promotion to domain controller.

1.- We started the session as a local administrator.

2.- We set a fixed IP.

3.- Configure a name server (in our case we have called Mega2DC1).

We press on 4.- Home -> Run -> Write dcpromo and click on OK to validate.

Megacrack read »

tags: , , , , , , , , , , , , ,
Posted by Active Directory, Domain Controller, Domain Controller, Windows server 2008 | 10 Comments »

Create secondary domain controller running Windows Server 2008 R2 x64

Posted by Xaus Xavier Nadal 4th on December 2009

Good.

DCPromo is the tool to promote a server to Domain Controller, ie make a server that is not domain controller is.

In the installation itself may decide whether to create a separate domain, be part of an existing domain, etc ...

In our case what we do is an installation of a domain controller to become part of an existing domain called megacrack.es.

We will ensure that connectivity to other domain controllers in the network is satisfactory. As in this case the domain controller will belong to an existing domain we will introduce what he previously making the connection test and we have done.

To promote a domain controller with Windows Server 2008 we must first prepare the forest and domain as long as the domain functional level is not Windows mixed 2000 (Remember that this functional level is only valid in the case that still dispongáis driver NT Server domain).

You can follow this article: Prepare forest and domain to domain controllers Windows Server 2008 R2.

When we have the steps in the previous article carried proceed to install the server with Windows Server 2008. You can follow this article but without the passage of sysprep (since there will be a base): Installing Windows Server Std 2008 R2 X64 step by step to use BASE.

Now that we have a clean server Windows Server 2008 with the latest patches, the forest and domain preparations proceed to make the first settings to prepare the server for a promotion to domain controller.

As promised so you can plan spaces ...:

The space available after installation:

DomainController2008R2_0

Megacrack read »

tags: , , , , , , , , , , , ,
Posted by Active Directory, Domain Controller, Domain Controller, Windows, Windows server 2008 | 7 Comments »

Prepare forest and domain to domain controllers W2k8 R2

Posted by Xaus Xavier Nadal 4th on December 2009

Good.

This article defines the steps to, in the future, deploy domain controllers running Windows Server operating system 2008 R2 within our organization. (This procedure also serves to Windows Server 2008, 32 and 64-bit versions).

The procedure is quite simple since they are only 3 commands, but we must be sure where to do it: I will explain. In order to use servers with the Domain Controller role in Windows Server 2008 we must have the domain functional level in a mixed 2000 than Windows version. Is any native mode will suffice.

Megacrack read »

tags: , , , , , , , , , , ,
Posted by Active Directory, Domain Controller, Domain Controller, Windows server 2008 | 24 Comments »