Category Archives: AD

Unable to kill process

If you try to kill the process from task manager, it failed with Access Denied error, I have used schedule task to run the batch file (batch file uses the repadmin command) schedule task failed with could not start, because the repadmin command stuck in task manager

I have used task manager to end the repadmin process, and used taskkill [Continue reading]

Computer account is automatically disabled

When disjoin a computer from the domain the computer account is automatically “Disabled”, we have to delete from the domain before rejoin the same computer back the domain, computer account will only be disabled if you use an account with sufficient permission to remove this computer from the domain (credentials of a user that has [Continue reading]

Category: AD

Active Directory Features in Windows Server 2012

Active Directory 2012 features on Windows Server 2012 and R2: I am going to discuss about Windows Server 2012 Active Directory feature, as per my understanding newer version has not have many new features however Microsoft has improved the features of Active Directory 2008 in Active Directory 2012 List of improvement compare to the earlier version Active Directory 2008, also … [Continue reading]

How to check tombstone lifetime value in your Forest

How to check tombstone lifetime value in your domain/forest

Tombstone lifetime value different from OS to OS, for windows server 2000/2003 it’s 60 days, In Windows Server 2003 SP1, default tombstone lifetime (TSL) value has increased from 60 days to 180 days, again in Windows Server 2003 R2 TSL value has been decreased to 60 days, Windows Server 2003 R2 … [Continue reading]

Active Directory Replication failed with “Target principal name is incorrect”

Active Directory Replication failed with “Target principal name is incorrect”

If you have issue with the computer account of the domain controller then you may receive target principal name is incorrect or access denied error while the time of replication

To check the computer account run the below command from affected domain controller where you receive the error

net view … [Continue reading]

Replication failed with “The destination server is currently rejecting replication requests” Error

Also receive error “The source server is currently rejecting replication requests. This operation will not continue” in windows server 2008/2003 and Active Directory replication stopped working, possibly the inbound and outbound replication been disabled on the domain controller

Use the below repadmin command to check the inbound and outbound connection object status

repadmin /options DC name

You may receive the … [Continue reading]

Active Directory Ports

It’s been frequently asked question, list of ports used by Active Directory or list of Active Directory Ports for Active Directory replication and Active Directory authentication, this ports can be used to configure the Firewall

Active Directory replication There is no defined port for Active Directory replication, Active Directory replication remote procedure calls (RPC) occur dynamically over an available … [Continue reading]

Active Directory Schema Update/Schema Version

Active Directory Schema update
Schema update is nothing but extend the schema to support new operating system and applications features

Normally schema update done for applications like Exchange and SCCM, schema update also done for operating systems, Active Directory to support the new operating system and same time OS with new release, Windows Server 2003 and Windows Server 2003 R2 … [Continue reading]

Check trusted site and activeX approval site list

Check the trusted site and activeX approval site list in IE7

After adding the trusted site and activex approval list through GPO, we have to check from client system that the newly added sites are updated or not, normally it take some time to replicate if you have more complicated AD environment.

We can use the below commands to confirm … [Continue reading]