Can Win8.1-Enterprise-Domain-Sideloading Applications be used outside Active Directory Domain without product key?

It is essential for our project deployment that our customers must use the side-loading application outside domains which activated those application.
Thanks for any answer.

Hi，
I have to say that we cannot implement what you would like to.
Here are the requirements we have to meet to create sideload applications:
l
The computer running Windows 8 Enterprise must be joined to the domain.
l
You must enable the “Allow all trusted apps to install” Group Policy setting.
l
The app must be signed by a \ certificate that is chained to a trusted root certificate.
Detailed information, please refer to this article:
Try It Out: Sideload Windows Store Apps
http://technet.microsoft.com/en-us/windows/jj874388.aspx
Thanks for your understanding.
Kate Li
TechNet Community Support

Similar Messages

SSO (single sign on) on NetWeaver 7.0 Enterprise Portal based on spnego with Microsoft Active Directory

Hi,
we are using SAP Netweaver Enterprise Portal 7.0 (SP25) based on Windows 2008 R2/Oracle 11g.
When we setup the Portal, we used the UME of the ECC - ABAP.
The portal is used internally only.
Now we want to provide SSO.
User authenticate against Windows Active Directory (Windows 2003).
We thought SSO via spnego would be the best solution.
Any better alternates, we should use?
We are following the SAP documentation:
SAP-Bibliothek - Benutzerauthentifizierung und Single Sign-On
We still want to create users in ABAP and assign them the portal roles. LDAP access should only have read access, to verify the security token from Active Directory.
When we setup the portal from scratch using ABAP as its UME, in the system configuration, LDAP can't be selected/add as data source.
In case we understand the documentation correctly, we would now need to add LDAP via the configtool for read access.
What is not clear to us, when we active now LDAP via config tool, if we would now lose the ABAP connection.
Is there a tutorial for SSO Netweaver 7.0 EP, like for EP 7.3, available?
In 7.3 SSO is pretty simple to get it running, thanks to the many tutorials here and on the internet.
Thanks for your help.
Best regards
Carlos Behlau

Hi,
I was able to generate the key via ktab program.
But when I am enable SSO, nothing is happening when I try to log-on via SSO to the portal.
I installed WebDiag tool on the portal server and ran trace.
The users are located in domain: company.com of activate directory.
The Java AS are located in domain: sap.company.com of activate directory.
The sap.company.com domain acts as child of company.com.
When I check the WebDiag trace, I see for the SPNegoLoginModule - the entry "... no key (etype: 23) for realm sap.company.com available ..."
I would except company.com as realm key, as the keytabs have been generated on the domain controller of company.com.
Is it possible to get SSO with child domain running?
Based on the statement of the network folks, child and father domain having a trust.
Thanks for your help.
Best regards
Carlos

Lion Server 10.7.4 VPN service not using my Active Directory domain for authentication

I have Lion Server 10.7.4 setup on a Mac Mini and I have enabled the VPN service for both L2TP and PPTP. The Mac Mini is joined to my Windows Domain at a functional level of Server 2008 R2. I have set the authentication paths to point to my domain in Directory Utility.
What I would like to have happen is for my laptop to be able to VPN into my office network remotely using domain credentials and not local account credentials on the Mac Mini itself. This is a process I have done numerous times on Windows boxes, but for some reason the only way I can get the VPN to work on this instance of Lion Server 10.7.4 is by authenticating using local accounts only.
Does Lion Server 10.7.4 only authenticate VPN users based on it's local account schema? Or can it truly authenticate against an active directory domain?
Any suggestions or help is greatly appreciated. Thanks,

Hi g-pirtle,
Yes, I had already done that a few days ago. I was able to add the desired AD group to the allowed users/groups for the VPN service. Thats exactly what is so weird about this...it allows me to search for and add an AD user or group to the list of allowed users/groups, but then when I actually try to use a domain account to authenticate to the VPN is just gives me the "cannot authenticate" error. Very strange.
I wondered if for some reason Apple is only allowing local accounts to be authenticated against. Sounds crazy, but I cannot for the life of me get this to work. I also wondered if Kerberizing the server would help, but when I go to join a Kerberos realm in Open Directory inside of Server Admin, it just has no realm listed in the drop down menu.
Other than that, all other aspects of the Mac Mini being joined to the AD domain seems to be good. I'm really stumped here...
Thanks again,

Can I install Linux and then use the original Windows 8 OEM product key for a virtual machine on the same computer?

I have ordered a new laptop and expect to receive it in 2-3 weeks. The laptop comes with an OEM version of Windows 8 installed. I wish
to install Linux as the host operating system and create a virtual machine running Windows 8. Can I legally use the product key from the OEM installation to activate a virtual machine that will only be used on the laptop that had the original OEM installation?
If so, what is the procedure to activate the copy installed on the virtual machine?
This question has been addressed for Windows 7, but my searches did not reveal this question posed for Windows 8.

Technically, no. The OEM is licensed only for the physical hardware on the system. It isn't licensed for virtual hardware.
You may find you're unable to activate your OEM license in the VM. A lot of OEM Windows look for specific hardware to verify they're being installed on the correct hardware.
Although here: http://www.microsoft.com/oem/en/Pages/support-faq.aspx#fbid=Zh0SiBdas5I
Q. Can I install OEM on a virtual machine (VMware)?
A. You may install OEM in a virtual environment as long as you have a separate license for each instance of the software. It is fine to use the OEM version as long as it is properly licensed. To be clear, a separate version of software must be installed
for both the “standard” and “virtual” installations.
You still may not be able to activate if there is a hardware block.
The best place to ask this is to Microsoft licensing, any response you get here, including mine, won't hold up since it's not an official answer.
Q. Can I install OEM on a virtual machine (VMware)?
A. You may install OEM in a virtual environment as long as you have a separate license for each instance of the software. It is fine to use the OEM version
as long as it is properly licensed. To be clear, a separate version of software must be installed for both the “standard” and “virtual” installations.
edit: removed the duplicate Q&A

Can I use my windows 8 oem embedded product key to windows 8.1?

I have Y500 and I change the hard drive because the default hard drive fails.
I can't find Windows 8 OEM version, so I downloaded the Windows 8.1 Media Creation Tool.
Create a bootable usb, choose Windows 8.1/64Bit.
After the installation of OS, I try to view my product key and put it in activation, it doesn't work.
What should I do?

It will not work. The OEM keys that come with a computer will not work in a Microsoft provided ISO install file. This is a Microsoft thing not a Lenovo thing.
Is your computer still in warranty? If it is, contact Lenovo customer support. They should be able to get you a system restore image. If its not still in Warranty, did you create a recovery disc when you first got the computer? If not then you will need to contact Customer Support and purchase a recovery set.
Also is the new harddrive the same size as the old one? If not you may have issues recovering your factory image.
Hoov
Microsoft MVP - Consumer Security
SpywareHammer.com

How can I configure ECC6.0 to use LDAP (Active Directory) password

We're setting up an integrated authentication between the ECC 6.0 and the LDAP server, in our case the Microsoft Active Directory. We have some users that can't use WebGui because some features, that only run in the SapGui. We have already configured UME in the Sap Portal accessing directly the ADS server, and Sap Logon Ticket from Portal to ECC. Everything is ok to access the WebGui and SapGui by the Portal with the Sap Logon Ticket. However it demands that all users make the authentication previously in the Sap Portal. Is there another scenario only with SAP tools, for example using Sap Logon directly to the Active Directory. Obs.: Our entire sap servers are UNIX.

I had already read all these notes.
In the last week, I tried to configure the UME in our PI/XI environment to access the LDAP. As the result, the ABAP stack was perform the authentication perfectly above the LDAP. However I had some problems with the Java stack and I comeback the back. I will try it, in the next week again.
It's what I'd like to ECC environment. Anyone has already configured the UME in an ECC? Install a basic Java stack without all Java components only the UME in order to make this integration. If its possible Ill very appreciate any documentation.
Other problem is the limitation of datasource in the UME, I didn't remember exactly but I guess that is only 5 (Authorization in the ECC, BI, SolMan, PI, APO, CRM, LDAP, Portal, etc). If it's possible I'll group the environments in different UME managers. Forget this paragraph lets focus in the integrated authentication in this thread after that authorization.

How can add and push updates to1000 clintes in WSUS non active directory

Hi Can any one please help me on my requirement .
We have 1000+Clients and we are going to use WSUS standalone server for push the updates to cleints in Non-Active Directory.p
Please let me know do we have any way push the updates from WSUS server without GPO updates... ?

Hi Can any one please help me on my requirement .
We have 1000+Clients and we are going to use WSUS standalone server for push the updates to cleints in Non-Active Directory.p
Please let me know do we have any way push the updates from WSUS server without GPO updates... ?
This is almost an exercise in futility; at best it will be extremely painful.
Aside from trying to wrap my head around why a 1000+ system environment would not have Active Directory deployed (in 2014!) in the first place, there's only one way you'll be able to achieve this objective: One Client At A Time!
In short, you'll need to either use Local Policy on each individual system, or perform a REG IMPORT of the necessary settings. There may be ways to expedite the REG IMPORT, but that highly depends on the trust factor of the individual end-users, and whether
they have local admin privileges on their system.
Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
SolarWinds Head Geek
Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
http://www.solarwinds.com/gotmicrosoft
The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

FAQ: How can I make my Flash Catalyst application scale/use a liquid layout?

Flash Catalyst CS5 currently only supports applications with fixed dimensions. Custom components you create in Catalyst have absolute sizing.
If you want to experiment with creating resizable applications (liquid layouts) and components in a preview of the next version of Flash Catalyst, codenamed "Panini", you can find more information here:
Introducing Adobe Flash Catalyst "Panini"
Download Adobe Flash Catalyst "Panini"
Adobe Flash Catalyst "Panini" help
Keep in mind that Flash Catalyst "Panini" preview is meant for exploration and testing, not real production. If you are doing real production work, here are some options that work with Flash Catalyst CS5 and Flash Builder:
Liquid Layouts
If you are building an application that requires relative constraints, you can take the FXP file from Flash Catalyst into Flash Builder, and apply constraints there so that your components resize according to your application dimensions.
For more info, see this Help topic:
Using constraint-based layouts in Flash Builder
SWF Scaling
If you want your swf to scale, without relative constraints, there's a simple way to make that work in Builder as well. Simply save out your FXP file from Flash Catalyst and import it into Flash Builder. Open up the "Main.mxml" file. Remove the width and height attributes on the Application tag, and add the attribute:
preinitialize="systemManager.stage.scaleMode='showAll'
The entire Application tag should look something like:
<s:Application xmlns:fx="http://ns.adobe.com/mxml/2009"
                  xmlns:s="library://ns.adobe.com/flex/spark"
                  xmlns:d="http://ns.adobe.com/fxg/2008/dt"
                  xmlns:fc="http://ns.adobe.com/flashcatalyst/2009"
                  xmlns:ATE="http://ns.adobe.com/ate/2009"
                  xmlns:ai="http://ns.adobe.com/ai/2009"
                  xmlns:flm="http://ns.adobe.com/flame/2008"
                  xmlns:lib="assets.graphics.*"
                  xmlns:components="components.*"
                  backgroundColor="#FFFFFF"
                  preloaderChromeColor="#FFFFFF"
                  preinitialize="systemManager.stage.scaleMode='showAll'"
                  >
There are a couple other scale modes you may want to try, such as "exactFit", which are outlined at the below link:
Flash Stage Scale Modes
Finally, you will have to adjust the object embed code in your html page to set the size of your swf.
Original discussion here

you can`t. allow your application internet access without the network admin defining an exception for it specifically.
If you have admin rights use the router`s/proxy`y configuration software to allow an exception.

Can I get the Mac address in Audit logs of Active directory server for the user's machine which connect to the network/Domain

Hello All,
I am trying to get the information of all the user's who connect to our Domain network by signing in using the domain account. For this I am using the Windows audit group policies ( I am not sure of there is any other way). I can see when the user tries
to login to the network there is a audit event created on the AD/DC server. I can see the Kerberos authentication and logon/logoff events in the audit events under event viewer.
However the info which is being populated in these events include :- Hostname, IP address, Username and so on... But I can't see the MAC address of the user machine/system. Is there any way I can
get the Mac address of the endpoint system as its one of the important criteria for our project.
Any inputs on this would be appreciated, incase if there is any other way other than group policies please suggest.
Thanks,
Kavish

> include :- Hostname, IP address, Username and so on... But I can't see
> the MAC address of the user machine/system. Is there any way I can get
> the Mac address of the endpoint system as its one of the important
> criteria for our project.
If you use DHCP, you can query the DHCP server. There's no builtin
method to get the MAC address directly.
Martin
Mal ein
GUTES Buch über GPOs lesen?
NO THEY ARE NOT EVIL, if you know what you are doing:
Good or bad GPOs?
And if IT bothers me - coke bottle design refreshment :))

Can I buy a top up sim to use outside my home where I already have wifi?

Can I but a pay as you go sim to use just occasionally outside my home where I already have wifi that I can access?

Yes - see Data SIM

Can you send msgs from any apple device using imessage to any non apple product with imessage and is it worth getting 3g for a ipad?

Question says it all

No you cannot:
" Text messaging with iMessage is now on iPad and it’s unlimited between all iOS 5 users. "
http://www.apple.com/ipad/built-in-apps/messages.html
It ONLY works between iphones/ipod/ipad with ios 5.

Active Directory Services Can't Connect to Domain

I removed Active Directory services form a server running 2012. I then went to reinstall and reconfigure it, but I keep running into issues. When I launch active directory admin center it gives me an error that it can't connect to any domain, and I can't
make any changes. The local server has already been promoted to the domain controller. Here is the output from dcdiag:
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = ACSSVR
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\ACSSVR
Starting test: Connectivity
......................... ACSSVR passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\ACSSVR
Starting test: Advertising
Fatal Error:DsGetDcName (ACSSVR) call failed, error 1355
The Locator could not find the server.
......................... ACSSVR failed test Advertising
Starting test: FrsEvent
......................... ACSSVR passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... ACSSVR failed test DFSREvent
Starting test: SysVolCheck
......................... ACSSVR passed test SysVolCheck
Starting test: KccEvent
A warning event occurred. EventID: 0x80000B46
Time Generated: 03/02/2015 12:00:00
Event String:
The security of this directory server can be significantly enhanced by configuring the server to reject SASL (Negotiate, Kerberos, NTLM, or Digest) LDAP binds that do not request signing (integrity verification)
and LDAP simple binds that are performed on a cleartext (non-SSL/TLS-encrypted) connection. Even if no clients are using such binds, configuring the server to reject them will improve the security of this server.
A warning event occurred. EventID: 0x80000734
Time Generated: 03/02/2015 12:00:37
Event String:
The local domain controller could not connect with the following domain controller hosting the following directory partition to resolve distinguished names.
......................... ACSSVR passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... ACSSVR passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... ACSSVR passed test MachineAccount
Starting test: NCSecDesc
......................... ACSSVR passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\ACSSVR\netlogon)
[ACSSVR] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... ACSSVR failed test NetLogons
Starting test: ObjectsReplicated
......................... ACSSVR passed test ObjectsReplicated
Starting test: Replications
......................... ACSSVR passed test Replications
Starting test: RidManager
......................... ACSSVR passed test RidManager
Starting test: Services
......................... ACSSVR passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x000003F6
Time Generated: 03/02/2015 11:21:34
Event String:
Name resolution for the name teredo.ipv6.microsoft.com. timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x000727A5
Time Generated: 03/02/2015 11:21:58
Event String:
The WinRM service is not listening for WS-Management requests.
An error event occurred. EventID: 0xC0001B58
Time Generated: 03/02/2015 11:26:01
Event String:
The Vstor2 Virtual Storage Driver service failed to start due to the following error:
An error event occurred. EventID: 0xC0001B58
Time Generated: 03/02/2015 11:26:01
Event String:
The Vstor2 MntApi 2.0 Driver (shared) service failed to start due to the following error:
A warning event occurred. EventID: 0x000003F6
Time Generated: 03/02/2015 11:26:16
Event String:
Name resolution for the name teredo.ipv6.microsoft.com. timed out after none of the configured DNS servers responded.
An error event occurred. EventID: 0x0000002E
Time Generated: 03/02/2015 11:34:32
Event String:
The time service encountered an error and was forced to shut down. The error was: 0x80070700: An attempt was made to logon, but the network logon service was not started.
An error event occurred. EventID: 0xC0001B6F
Time Generated: 03/02/2015 11:34:32
Event String:
The Windows Time service terminated with the following error:
A warning event occurred. EventID: 0x000727A5
Time Generated: 03/02/2015 11:35:01
Event String:
The WinRM service is not listening for WS-Management requests.
A warning event occurred. EventID: 0x000003F6
Time Generated: 03/02/2015 11:39:08
Event String:
Name resolution for the name _ldap._tcp.dc._msdcs.ACS.local. timed out after none of the configured DNS servers responded.
An error event occurred. EventID: 0xC0001B58
Time Generated: 03/02/2015 11:39:27
Event String:
The Vstor2 Virtual Storage Driver service failed to start due to the following error:
An error event occurred. EventID: 0xC0001B58
Time Generated: 03/02/2015 11:39:27
Event String:
The Vstor2 MntApi 2.0 Driver (shared) service failed to start due to the following error:
A warning event occurred. EventID: 0x000727AA
Time Generated: 03/02/2015 11:39:40
Event String:
The WinRM service failed to create the following SPNs: WSMAN/ACSSVR.ACS.local; WSMAN/ACSSVR.
A warning event occurred. EventID: 0x0000000C
Time Generated: 03/02/2015 11:39:39
Event String:
Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the AD PDC emulator for the domain at the root of the forest, so there is no machine above it in
the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure the AD PDC to synchronize with an external time source. Otherwise, this machine will function as the
authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.
A warning event occurred. EventID: 0xC000042B
Time Generated: 03/02/2015 11:42:01
Event String:
The RD Session Host server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
An error event occurred. EventID: 0x00000469
Time Generated: 03/02/2015 11:44:31
Event String:
The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain
controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
An error event occurred. EventID: 0x00000469
Time Generated: 03/02/2015 11:45:05
Event String:
The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain
controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
An error event occurred. EventID: 0x0000168F
Time Generated: 03/02/2015 11:55:22
Event String:
The dynamic deletion of the DNS record 'ACS.acsolutionsinc.net. 600 IN A 192.168.56.1' failed on the following DNS server:
A warning event occurred. EventID: 0x000003F6
Time Generated: 03/02/2015 11:55:22
Event String:
Name resolution for the name acsolutionsinc.net timed out after none of the configured DNS servers responded.
An error event occurred. EventID: 0x0000168F
Time Generated: 03/02/2015 11:55:47
Event String:
The dynamic deletion of the DNS record '_ldap._tcp.ACS.acsolutionsinc.net. 600 IN SRV 0 100 389 ACSSVR.ACS.acsolutionsinc.net.' failed on the following DNS server:
A warning event occurred. EventID: 0x000727A5
Time Generated: 03/02/2015 11:55:53
Event String:
The WinRM service is not listening for WS-Management requests.
A warning event occurred. EventID: 0x000003F6
Time Generated: 03/02/2015 11:55:53
Event String:
Name resolution for the name _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ACS.local. timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x000003F6
Time Generated: 03/02/2015 11:59:53
Event String:
Name resolution for the name _ldap._tcp.dc._msdcs.ACS.local. timed out after none of the configured DNS servers responded.
An error event occurred. EventID: 0xC0001B58
Time Generated: 03/02/2015 12:00:13
Event String:
The Vstor2 Virtual Storage Driver service failed to start due to the following error:
An error event occurred. EventID: 0xC0001B58
Time Generated: 03/02/2015 12:00:13
Event String:
The Vstor2 MntApi 2.0 Driver (shared) service failed to start due to the following error:
A warning event occurred. EventID: 0x000727AA
Time Generated: 03/02/2015 12:00:25
Event String:
The WinRM service failed to create the following SPNs: WSMAN/ACSSVR.ACS.local; WSMAN/ACSSVR.
A warning event occurred. EventID: 0x0000000C
Time Generated: 03/02/2015 12:00:25
Event String:
Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the AD PDC emulator for the domain at the root of the forest, so there is no machine above it in
the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure the AD PDC to synchronize with an external time source. Otherwise, this machine will function as the
authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.
A warning event occurred. EventID: 0xC000042B
Time Generated: 03/02/2015 12:02:47
Event String:
The RD Session Host server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
An error event occurred. EventID: 0x00000469
Time Generated: 03/02/2015 12:05:17
Event String:
The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain
controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
An error event occurred. EventID: 0x00000469
Time Generated: 03/02/2015 12:05:17
Event String:
The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain
controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
......................... ACSSVR failed test SystemLog
Starting test: VerifyReferences
......................... ACSSVR passed test VerifyReferences
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : ACS
Starting test: CheckSDRefDom
......................... ACS passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ACS passed test CrossRefValidation
Running enterprise tests on : ACS.local
Starting test: LocatorCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... ACS.local failed test LocatorCheck
Starting test: Intersite
......................... ACS.local passed test Intersite
I've been trying to debug errors one at a time, but I'm having a hard time finding any information that pertains to this issue as a whole. Anything you can tell me about this would be great, thank you for reading.

It was the only server in the network, the only dc in the old forest. When I re-installed ad ds I gave the new forest different name, but I guess the old settings are still in the system somewhere conflicting with the new setup? Is there a way to
purge the old setup entirely and start over with ad ds, or am I going to have to re-install the whole OS? Thanks again for the help.
Honestly, the best way to handle this is to rebuild the server. There are many things that are "left behind" when you remove the Domain / Forest from a Domain Controller. In fact many articles will say after using ADMT (active directory migration
tool) you should decommission the original Domain Controller (aka reinstall the OS).
While you could spend more time trying to get that domain controller working, it absolutely is going to be 1) More reliable 2) faster to reinstall the OS on the old domain controller. If you are still leveraging storage, or services on that domain controller,
you will want to back them up, or have a transition plan before reinstalling everything on the server. I have a feeling if you choose to keep troubleshooting this, you will run into more issues down the road.
Entrepreneur, Strategic Technical Advisor, and Sr. Consulting Engineer - Strategic Services and Solutions Check out my book - Powershell 3.0 - WMI: http://amzn.to/1BnjOmo | Mastering PowerShell Coming in April 2015!

Active Directory Cross Forest Domain Migration

Dear All,
We are in the process to rebuild new Active Directory infrastructure. Multiple single forest domains in organization which needs to be consolidated/migrated on single Active Directory Domain. For this consolidation, have some queries to be addressed before
going to start consolidation.
What is the best practices and what tool should we use for domain migration/consolidation
Active directory is on Windows 2003, forest and domain level is on Windows 2003, this will support to Windows 2012 R2 forest and domain functional level, will be migrated
directly from windows 2003 to windows 2012?
When move users to new domain, how will they access the other resources on the network. For e.g. Printer, File server, local web base application
After moving some computers to new domain would be possible to access remaining computers on old domain?
How the file server data will be moved? Best practices with NTFS folder permissions and users rights?
Is there any policy to register network printers on new Active Directory domain?
How users would be access web base application on new domain as their FQDN would be define with old domain name? Any option to change old domain FQDN with new domain that would be describe with any URL link?
Kindly give your valuable input to meet the desire result.
Thanks in Advance.

Dear Lucky,
Ya you can Migrate contents from multiple forest domain. Using ADMT (Active Directory Migration Tool)is the best way to migrate AD content. But you can't migrate from Windows Server 2003 to Windows Server 2012 R2, cause in Windwos Server 2012 R2 don't
have the supportebility of Windows Sever 2003.And not only users you can also migrate all others info (i.e. Computer object info, groups info, Exchange mailbox info, security info).You can migrate users face by face, means which peoples are in old domain they
can access old domain and new users are in new domain.For more info please follow the given link:
http://technet.microsoft.com/en-us/library/cc974332(v=WS.10).aspx
Mithun Dey Web: http://cloudmithun.wordpress.com If this may give your necessary resolution please mark it as Answre.

Difference between Windows NT domain registry and Active Directory registry

What are the difference(s) ?

Frank, thanks for your response :)
I want WebSphere Application Server to take advantage of a directory service. There are multiple options available for a directory service.
In my configuration the requirement is to make WebSphere Application server to use Microsoft's Active Directory.
While I was going through (WebSphere) documentation, I see following note.
" With Windows NT domain registry support for Windows 2000 and 2003 domain
controllers, WebSphere Application Server only supports Global groups that are the Security type. It is recommended that you use the Active Directory registry support rather than a Windows NT domain registry if you use Windows 2000 and 2003 domain controllers
because the Active Directory supports all group scopes and types. The Active Directory also supports a nested group that is not support by Windows NT domain registry. The Active Directory is a centralized control registry."
You can find the above note in this link (somewhere after 7th line)
http://www-01.ibm.com/support/knowledgecenter/SSAW57_7.0.0/com.ibm.websphere.nd.multiplatform.doc/info/ae/ae/csec_localos.html?cp=SSAW57_7.0.0%2F3-11-5-1-0-0
Does it mean that they are recommending to use Active Directory over Windows NT (which is an older approach) with windows server 2000 or windows server 2003 because Active directory is
advanced ?
I was under the impression that, Active Directory was started with Microsoft Windows Server 2003 and Windows NT registry was used till Windows 2000 server.
After going through above links,
Windows NT registry in an old method. However, it is compatible with Windows Server 2000 and Windows server 2003 but it is recommended to use Active directory with Windows Serve 2003 as it is more advanced. And the same is recommended in WebSphere documentation
(I am aware that support for Windows Server 2000 is over and only extended support is available for Windows Server 2003 however this is to clear doubt). Is my understanding correct ? And does windows server 2000 also support both i.e we can use either Windows
NT registry or Active directory and similarly, Either of them (Windows NT or Active Directory) could be used with Windows Server 2003 ?
And if I got it correct, Is Windows NT and Active Directory, both directory service offering from Microsoft? While NT being an old method and Active Directory being a new/advanced approach ?

Joining 10.8.5 with existing account to Active Directory domain

Hi-
I have a MacBook Pro that I am using as a test computer to figure out how to introduce the growing population of Mac's into our Active Directory environment in our small company. This comptuer is running OSX 10.8.5
There is a test account in AD that I will be using to connect to the windows domain. I am able to get the Laptop binded to AD, and have no problem authenticating, and seeing all the network resources required.
Here is the part that has me stumped:
Is there any way to take my existing "local" account that was configured when I began using my MBP without Active Directory and continue to use it, but logon to the laptop using my Active Directory account?
Perhaps copy all the settings and preferences from the local account ontop of the AD account on the laptop?
I have been using this laptop as my personal machine for many months and have quite a few customizations made to my deskop preferences, icon layouts, etc. This will be same case with all of the users that will soon be authenticating on the domain. We need this for centralized management of network shares, password policies, and number of other security features.
There is some limited information on the web, but nothing that I have tried really works, here's some of what i found and the difficulty that resulted.
http://community.spiceworks.com/how_to/show/37886-convert-mac-local-user-into-ac tive-directory-network-user
- The script mentioned in step 3 was not able to copy local account to the destination folder.
http://robotcloud.screenstepslive.com/s/2459/m/5322/l/112415-convert-local-accou nts-to-network-mobile-accounts
- The sudo mv /Users/USERNAME /Users/DIRUSERNAME command was not able to make the "DIRUSERNAME" directory, and did not have any effect if this directory already existed due to a prior logon.
I'm just looking for some help making it so that my users can retain their desktop layouts that they are used to, but logon to the domain using AD credentials.
Seems simple, but is pretty difficult to get done.
Thanks in advance for any help....
-Aaron

This might help:
http://www.afp548.com/article.php?story=20060517222656622&query=radius

Can Win8.1-Enterprise-Domain-Sideloading Applications be used outside Active Directory Domain without product key?

Similar Messages

Maybe you are looking for