There may be certain circumstances whereby you do not wish to register the host (A) record of a domain controller. An example of one of these circumstances could be a web server registering the same name as the name of an Active Directory domain; in this scenario, you would not want non-web servers registering host records for this name. |
|
Read more...
|
|
You cannot move computer objects between domains using the Active Directory Users and Computers domain administration tool (snap-in). However, the netdom command line tool enables you to do just this. This article discusses the differences between netdom and movetree and explains how to move computer objects between domains using netdom. |
|
Read more...
|
|
|
Active Directory Domain Controllers notify their intra-site replication partners of directory changes using a mechanism called change notification. It is possible to configure change notifications across IP-based sites. This article explains how to enable change notifications across site boundaries. |
|
Read more...
|
|
The Directory Services garbage collection process is a house keeping process that runs at regular intervals locally on each domain controller. By default, the garbage collection process runs every twelve hours. As with most things Active Directory, and Windows, this default can be changed if you so wish. The frequency is an attribute of the following object: |
|
Read more...
|
|
By default, the Active Directory tombstone lifetime is sixty days. This value can be changed if necessary. To change this value, the tombstoneLifetime attribute of the CN=Directory Service object in the configuration partition must be modified. This object is located here:
CN=Directory Service, CN=Windows NT, CN=Services, CN=Configuration, DC=forest-root-domain, DC=tld
|
|
Read more...
|
|
By default, the Active Directory garbage collection is twelve hourse. This value can be changed if necessary. To change this value, the garbageCollPeriod attribute of the CN=Directory Service object in the configuration partition must be modified. This object is located here:
CN=Directory Service, CN=Windows NT, CN=Services, CN=Configuration, DC=forest-root-domain, DC=tld |
|
Read more...
|
|
The Directory Services Restore Mode password is different from the (domain) local administrator's password and is used to logon to a Windows Server Domain Controller in an offline state (Directory Services Restore Mode or Safe mode). If you forget this password, loose your documentation, or simply just wish to change this password you can reset it using the following methods: |
|
Read more...
|
|
In order for IE6 to conform to the current HTTP standard, by default, there's a limit of two (2) simultaneous downloads enforced. Regular Internet users will probably find this limit frustrating to say the least. The good news is that this limit can be increased. Through editing the registry, you can change this limit to anything in between one (1) and ten (10). |
|
Read more...
|
|
To set a users Desktop wallpaper via a Group Policy Object (GPO) the following two settings need to be configured. |
|
Read more...
|
|
This article explains how to apply a Group Policy Object (GPO) to a security group through the process known as filtering. |
|
Read more...
|
|
This article discusses and explains the five flexible single-master operation roles of a Domain Controller. This article will also briefly discuss the placement of these roles and will also, where applicable, provide links to Microsoft knowledgebase documents. |
|
Read more...
|
|
As discussed in the article INFO: FSMO (Flexible Single-Master Operation) Roles, the default behaviour of a Domain Controller's Netlogon process pushing newly changed passwords to the PDC can be disabled. |
|
Read more...
|
|
To lock a workstation's desktop after a predefined time, use the following GPO properties:
- User Configuration\ Administrative Templates\ Control Panel\ Display\ Screen Saver timeout
- User Configuration\ Administrative Templates\ Control Panel\ Display\ Password protect the screen saver
|
|
Read more...
|
|
This article will discuss how to move each of the five FSMO roles using the GUI based methods. |
|
Read more...
|
|
To remove a domain controller from the domain you demote it using the dcpromo.exe command. To use this tool type dcpromo at either the command prompt or at the run command.
However, there are some considerations that you need to think about. This article briefly discusses those. |
|
Read more...
|
|
Articles 
