If you have a domain controller that is no longer on the network, hasn’t replicated during the forest’s tombstone lifetime, or has been cleaned up in Active Directory via metadata cleanup, you’ll need to do a forced demotion in order to get the server back to a normal state. The procedure to do this varies depending on whether the server in question is running Windows Server 2012 or newer, or if it’s running a prior version of Windows Server. In this post, we'll look at the process for both the legacy and modern approaches to this problem.
The final step to publish AD FS on the Internet is to install and configure the Web Application Proxy (WAP). Installing and configuring WAP is a simple process that requires an SSL certificate and a few details about the AD FS environment. Once WAP is installed, it can be used for much more than simply publishing AD FS. WAP can be used to publish claims aware applications as well as enable claims based authentication to applications that use Windows Integrated Authentication.
Active Directory Federation Services (AD FS) is a critical component of your identity infrastructure as you begin to examine and move services to the cloud. AD FS securely extends your existing Active Directory beyond the boundaries of the firewall in a standardized and interoperable manner that is accepted across the industry. In this article, we will explore the steps to install the first AD FS server on Windows Server 2012 R2 as well as the prerequisite tasks that you will need to complete prior to installing AD FS.
Learn how to quickly promote a domain controller to global catalog status within your forest. Next, you'll learn how to keep an eye on the initial global catalog replication process to see when the promotion is complete.
When you join a machine to the domain, by default it will be placed in the Computers container under the root of the domain. This can be undesirable, particularly if you want to apply distinct Group Policy to machines when they are initially joined to the domain. Fortunately, Active Directory lets you change the default location for new Computer accounts. This article walks you through the quick and easy steps necessary to change the default location for new computer objects.
When you create a new user in Active Directory using certain tools, by default it will be placed in the Users container under the root of the domain. This can be undesirable, particularly if you want to apply distinct Group Policy to users when they are initially created. Fortunately, Active Directory lets you change the default location for new User accounts. This article walks you through the quick and easy steps necessary to change the default location for new user objects.
If you are deploying Exchange Server 2010 in an environment with load balancers or firewalls which aren’t able to handle dynamic RPC port ranges, you’ll need to define static ports for the RPC Client Access Service and the Address Book Service on each CAS server. If you are using Public Folders, you’ll also need a third static port on the Mailbox servers hosting Public Folders.
This post includes a script that configures the RPC Client Access service and Address Book service to use static ports. Run this script on each CAS server to configure the services. Finally, on each mailbox server, configure the registry value listed at the bottom of the post.
The Exchange Online service in Office 365 as exposes a variant of the Exchange Management Shell (EMS) that you would normally use if you were managing an on-premises Exchange organization. Connecting to the Exchange Online EMS requires a few tedious but well documented steps.
Rather than manually running these steps each time you need to connect, the samples in this post show how you can add a quick shortcut to your Windows PowerShell profile to connect to the Exchange Online EMS.
This is part one of a three part series on configuring the Dell/Quest Free/Busy Connector for Lotus Notes. The Connector is part of Coexistence Manager for Exchange (CMN). In this post, we'll discuss how the connector works and examine the interface with Exchange. Next, we'll configure the Dell/Quest Web Services and the Domino Free Busy Connector Service. Future posts in this series will discuss configuring the remaining components of the connector.
This is part two of a three part series on configuring the Dell/Quest Free/Busy Connector for Lotus Notes. In Part 1 we took at look at the architecture of the Quest Free/Busy (F/B) Connector in Coexistence Manager for Notes (CMN) as well as how Exchange interfaces with it. We also configured the F/B Connector web services and the Domino Free Busy Connector Service. In this post, we’ll configure the Exchange Free Busy Connector Service, the Domino QCALCON task, and the Exchange organization.
This is part three of a three part series on configuring the Dell/Quest Free/Busy Connector for Lotus Notes. In Part 1 we took at look at the architecture of the Quest Free/Busy (F/B) Connector in Coexistence Manager for Notes (CMN) as well as how Exchange interfaces with it. We also configured the F/B Connector web services and the Domino Free Busy Connector Service. In Part 2, we configured the Exchange Free Busy Connector Service, the Domino QCALCON task, and the Exchange organization. In this post, we’ll complete the configuration by configuring Lotus Notes as well as building a test user in Exchange and Lotus Notes to validate the configuration.
The Server Core variant of Windows Server offers a variety of benefits, especially with respect to security. The downside is that familiar GUI management tools are not always accessible. While Windows PowerShell and the command line offer alternatives, the learning curve can be steep. Device Manager is one example of a common GUI management tool that cannot be used on Server Core. Fortunately, Device Manager can be used remotely. This post explains how to enable remote access with Device Manager on Server Core.
This post includes a sample Windows PowerShell script that will generate a CSV file of host IP addresses based on an input list of host names.
Repeatable, consistent, and predictable are three things that add an incredible amount of value in IT, and building servers from a base image is one way to deliver on this. I was just replying to a thread on a discussion alias where the person who started the thread had reviewed a blog post on how to build such an image for VMWare. I and a number of people disputed the recommendations made in the referenced blog post in addition to the various other things the individual who started the thread was planning to install in his image/template.
At a high level, the most important thing from my reply, I think, is that you should not be customizing a server for it to be convenient to your work style. The server is there for a purpose driven task.
This post includes a sample VBScript that will collect key hardware demographics from a list of hosts and output the results to a CSV file. The demographics collected are:
- Host Name
- Serial Number
- BIOS Version
- Operating System
- Memory (MB)
- Disk Drives
How many times have you had to figure out what date was X days, months, or years ago, or perhaps what time was Y minutes, hours, or seconds ago? In this post, you'll learn how easy it is to calculate date and time math with Windows PowerShell.
When silently installing WireShark, WireShark's critical dependency, WinPcap, is not installed automatically. This post shows you how to use a tool called AutoIt to develop a script that can silently automate a point and click process like installing WinPcap.