Joining Server2008HPC to WindowsServerEssentials Domain

I have setup WindowsServer2012 Essentials and have used the connect feature to join computers with Windows7 Pro without any issue.
I have two servers running Windows Server 2008 HPC ed which I would like to join to the domain however the server/connect feature doesn't work, is this OS supported?
I would have thought that I could just manual join the domain, but this isn't successful either.
Any suggestions?
Thanks

Hi HSavage,
Based on following article, it seems that the Windows Server 2008 was not be supported to connect to Windows
Server 2012 Essentials via Connector software. By the way, what error message you can get?
Supported operating systems for client
computers
In addition, you describe “I would have thought that I could just manual join the domain, but this isn't successful
either.” Would you please let me know the error message that you can find? Meanwhile, please check if you can ping the server with IP address and server name successfully. Then open NIC Properties and check if point to the correct DNS address on the Windows
Server 2008.
If any update, please feel free to let me know.
Hope this helps.
Best regards,
Justin Gu

Similar Messages

  • Using MDT to re-join computers to a domain after a re-image

    Since 2010 we have been using WDS to build, capture and deploy our image across our organisation (A High School) which has worked well enough. While WDS can do all this the build and capture is a little clunky and relies on you to manually installing all
    programmes and then mounting the WIM file and inject the drivers so I have moved us onto MDT for the build and capture before importing the finished WIM file into WDS for deployment.
    This has worked much better as MDT makes it much quicker to get an image up and going (programme silent installs, testing is much quicker etc) and drive management is as simple as telling MDT to put ALL the drivers you want into the image but I have been
    reading that you should link MDT and WDS together.
    I followed the instruction and imported the LiteTouchPE wim file into WDS and we are able to PXE boot right into MDT and either make a new image or capture the one we are working on but I am trying to automate the deployment so it is more like what we have
    when just using WDS for deployment. Because I want to retain the ability to use MDT to make a new image I cannot customise the customesettings.ini file too much and instead I am relying on MDT task sequences for must of the customisations.
    Currently all our systems are pre-staged into WDS (I think it is actually Active Directory at the end of the day but you use wdsutil to pre-stage them) so when we boot into PXE WDS deploys and configures the machines using WDSClientUnattend and ImageUnattend
    XML file so that once the deployment is finished it is sitting at the logon screen waiting for the user to login already joined to the domain and our wireless network.
    I am having trouble trying to achieve this same result using our WDS + MDT combo with the main sticking point being trying to re-join the computer back to the domain (we re-image machines constantly so re-join back to the domain is a must). I wrote/found
    a PowerShell script that does the domain join but because an account already exists (all our machines are pre-staged under their service tag and GUID) it throws an error about their already being an account with that name (the computer still appear to join
    the domain and I can logon using my domain account). Because of this error MDT borks the deployment and doesn't finish up and complains about deployment being in progress etc.
    Is using WDS to boot the LiteTouchPE and then deploying through MDT the best way or are we better off going back to using MDT to do the build and capture and then using WDS and it's pre-staging to do the deploy? I really like that with MDT I can have a little
    more control over driver deployment (recently had a problem where we got a new laptop and injecting the new drivers into the WIM broke the entire image for all our machines except the new one) and software at the time of the re-image (I cannot install the
    Lenovo hotkey software in a virtual machine because it does a hardware check and fails to install so either the entire image needs to be made on a Lenovo or the software doesn't get installed).
    I am currently making a Windows 8.1.1 x64 Enterprise SOE/MOE/whatever you would like to call it using MDT 2013 with WDS running on Windows Server 2012 R2 x64.

    Hello,
    It is better to use so-called "thin" images. These contain only the operating system (in a facility and captures vm). Subsequently pilots and soft will be deployed by the bais of MTD. 
    For drivers I recommend you to use selection profiles. Moreover it is necessary to put a condition in step "Inject Drivers". Condition Type: Variable called MODEL, variable value Latitude E6430 (change the value to the desired model). It is necessary
    to add more step Inject Drivers that type of position. 
    Application level, you import the different applications in MDT allowing you to select only the desired wizard when applications. If you want to automate this step you will need to indicate statically in the task sequence to install applications, this will
    require the creation of several task sequence.
    Best Regards
    Well I am well aware the Microsoft recommends a thin image it is simply not practical in a School environment where Students change in and our of subjects and where the combination of subject specific software is nearly infinite the overhead is too great
    (maybe if we used something like SCCM where we could deploy applications based on OU or group membership).
    All your other points aside my problem/issue/question which appears to have been lost is, how do I rejoin a computer to the domain using MDT?  We re-image laptops constantly and using WDS they rejoin with no problems but using MDT an error is thrown because
    the account already exists.  In WDS we have all our machines pre-staged so is there an MDT equivalent that will let me re-image a laptop and have it re-join the domain under the same account without throwing and error.

  • I have an error when join pc's to domain windows server 2012 r2

    Hello everyone
    I have a problem to join computers to the domain.
    I'm doing the procedure is as follows.
    1.'ll properties pc
    2. I click Change to join the domain.
    3. I request the domain administrator credentials
    4. I get the window that has joined the domain correctly and then click accept gives me the following error:}
    This error message me with all computers that attempt to join the domain.
    I have reviewed forums, I have already set the WINS part and for the network adapter. Not if it's a problem with the server version domain is Windows Server 2012 R2.
    I appreciate your help.
    regards
    Miguel Solano

    Hello everyone
    I have a problem to join computers to the domain.
    Well I can not understand Spanish but I guess it is related to RPC. :D
    In that case, you need to make sure your DNS entries are correct in clients NIC. Similar threads here:
    "RPC Server Unavailable" while attempting to Join domain
    Windows
    Server Troubleshooting: "The RPC server is unavailable"
    Mahdi Tehrani   |  
      |  
    www.mahditehrani.ir
    Please click on Propose As Answer or to mark this post as
    and helpful for other people.
    This posting is provided AS-IS with no warranties, and confers no rights.
    How to query members of 'Local Administrators' group in all computers?

  • Can A Windows 2000 Client Join A Windows 2012 Domain ?

    I have set up a Server 2012 VM that I have configured as a DC.  The desktop environment consists of Windows 7, Windows XP and a few Windows 2000 machines.  All desktops can JOIN the 2012 domain, but when I try to add domain users to any of the
    Windows 2000 (SP4) workstations, it fails with the error "The trust relationship between this workstation and the primary domain failed".
    Unjoining the workstation from the domain (or going into ADUC and deleting the Win 2000 computer from the domain) and trying again yields the same result.  I do not have this problem when the Windows 2000 machines are joined to a Server 2008 R2 domain.
    At this point, I'm leaning towards setting it up as a 2008 R2 DC, and moving to a 2012 DC once we have weaned ourselves off of the Windows 2000 desktops.  Is there any hope of getting things to work with a 2012 DC from the start ?

    Hi,
    Based on my research, Windows 2000 client is not supported for Windows 2012 DC.
    Windows client and Windows Server operating systems that are supported to join Windows Server 2012 domains
    The following Windows client and Windows Server operating systems are supported for domain member computers with domain controllers that run Windows Server 2012:
    Client operating systems: Windows 8, Windows 7, Windows Vista, Windows XP
    Computers that run Windows 8 are also able to join domains that have domain controllers that run earlier version of Windows Server, including Windows Server 2003 or later. In this case however, some Windows 8 features may require additional configuration or
    may not be available. For more information about those features and other recommendations for managing Windows 8 clients in downlevel domains, see
    Running Windows 8 member computers in Windows Server 2003 domains.
    Server operating systems: Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003 R2, Windows Server 2003
    Cataleya Li
    TechNet Community Support

  • Install Exchange on a 2013 Member server and later join it to a domain

    I'm installing Exchange 2013 on a 2012 Server at our depot. It will be joined to a SBS2003 Domain at a later date.   What precaution do I need to make.  Especially during the preinstall?
    Bonnie Whalon

    That is exactly what I meant by "no".
    An Exchange installation is more than installing the bits, it's configuring everything, which includes a huge amount of configuration in Active Directory.  Further once you've installed Exchange on a member server, you can't rename it.
    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

  • Ramifications of joining Lion to a domain?

    Hi folks.  Just got a mac at work and joined it to the domain to try it but after that I couldn't install any applications without the domain administrator account which is not going ot work obviously because that's not me   I want to know what other major ramifications there are if I do join to the domain.  I had to disjoin to get back to normal.  Also, for that specific problem, how do I become a "local administrator" (windows equivalent) of the machine if I do join back to the domain.  I need to be able to do everything on this machine.  No limitations.  Thanks.

    Hi,
    What is the purpose of having two NIC's in DC's?
    Generally multihomed domain controller is supported. However it’s not recommended as numerous issues can occur in such an environment, mostly in name resolution.
    First you need to establish a network connectivity between the two sites. As i said you need a layer 3 network device which can route packets between networks. 
    Once you have the connectivity and the necessary ports opened between firewalls, you can go ahead and create forest trust and give necessary permissions to the resources.
    For Creating forest trust  you have to prepare DNS to resolve the other domain name properly.Use conditional forwarder or secondary or stub zone. 
    Active
    Directory Firewall Ports - Let's Try To Make This Simple 
    http://msmvps.com/blogs/acefekay/archive/2011/11/01/active-directory-firewall-ports-let-s-try-to-make-this-simple.aspx
    How to create a cross-forest trust in Active Directory
    http://searchwindowsserver.techtarget.com/tip/How-to-create-a-cross-forest-trust-in-Active-Directory
    Checklist: Creating a forest trust 
    http://technet.microsoft.com/en-us/library/cc756852%28WS.10%29.aspx
    Accessing resources across forests
    http://technet.microsoft.com/en-us/library/cc772808(v=ws.10).asp
    Regards,
    Rafic
    If you found this post helpful, please give it a "Helpful" vote.
    If it answered your question, remember to mark it as an "Answer".
    This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!

  • Internal error while joining a pc to domain

    hi, when i want to join the pc to the domain it says "an internal error occured" and the join process fail.
    i can ping the domain using fqdn and dns is working ok and the client is pointing to the appropriate dns server. also i have no anti virus installed and firewall is off. here is the netsetup.log file here.
    Note: when i prestage the computer the join process is ok with no problem
    can anyone help me?
    08/04 17:30:45 -----------------------------------------------------------------
    08/04 17:30:45 NetpValidateName: checking to see if 'vivaldi.au' is valid as type 3 name
    08/04 17:30:45 NetpCheckDomainNameIsValid [ Exists ] for 'vivaldi.au' returned 0x0
    08/04 17:30:45 NetpValidateName: name 'vivaldi.au' is valid for type 3
    08/04 17:30:54 -----------------------------------------------------------------
    08/04 17:30:54 NetpDoDomainJoin
    08/04 17:30:54 NetpMachineValidToJoin: 'OMM-7687492'
    08/04 17:30:54 NetpGetLsaPrimaryDomain: status: 0x0
    08/04 17:30:54 NetpMachineValidToJoin: status: 0x0
    08/04 17:30:54 NetpJoinDomain
    08/04 17:30:54 Machine: OMM-7687492
    08/04 17:30:54 Domain: vivaldi.au
    08/04 17:30:54 MachineAccountOU: (NULL)
    08/04 17:30:54 Account: vivaldi.au\administrator
    08/04 17:30:54 Options: 0x25
    08/04 17:30:54 OS Version: 5.1
    08/04 17:30:54 Build number: 2600
    08/04 17:30:54 ServicePack: Service Pack 3
    08/04 17:30:54 NetpValidateName: checking to see if 'vivaldi.au' is valid as type 3 name
    08/04 17:30:55 NetpCheckDomainNameIsValid [ Exists ] for 'vivaldi.au' returned 0x0
    08/04 17:30:55 NetpValidateName: name 'vivaldi.au' is valid for type 3
    08/04 17:30:55 NetpDsGetDcName: trying to find DC in domain 'vivaldi.au', flags: 0x1020
    08/04 17:30:59 NetpDsGetDcName: failed to find a DC having account 'OMM-7687492$': 0x525
    08/04 17:30:59 NetpDsGetDcName: found DC '\\001-002-001-204.vivaldi.au' in the specified domain
    08/04 17:30:59 NetpJoinDomain: status of connecting to dc '\\001-002-001-204.vivaldi.au': 0x0
    08/04 17:30:59 NetpGetLsaPrimaryDomain: status: 0x0
    08/04 17:30:59 NetpGetDnsHostName: Read NV Hostname: omm-7687492
    08/04 17:30:59 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain name: vivaldi.au
    08/04 17:30:59 NetpLsaOpenSecret: status: 0xc0000034
    08/04 17:30:59 NetpGetLsaPrimaryDomain: status: 0x0
    08/04 17:30:59 NetpLsaOpenSecret: status: 0xc0000034
    08/04 17:30:59 SamLookupNamesInDomain on OMM-7687492$ failed with 0xc0000073
    08/04 17:30:59 NetpJoinDomain: status of setting machine password: 0x534
    08/04 17:30:59 NetpJoinDomain: initiaing a rollback due to earlier errors
    08/04 17:30:59 NetpLsaOpenSecret: status: 0x0
    08/04 17:30:59 NetpJoinDomain: rollback: status of deleting secret: 0x0
    08/04 17:30:59 NetpJoinDomain: status of disconnecting from '\\001-002-001-204.vivaldi.au': 0x0
    08/04 17:30:59 NetpDoDomainJoin: status: 0x534
    08/04 17:30:59 -----------------------------------------------------------------
    08/04 17:30:59 NetpDoDomainJoin
    08/04 17:30:59 NetpMachineValidToJoin: 'OMM-7687492'
    08/04 17:30:59 NetpGetLsaPrimaryDomain: status: 0x0
    08/04 17:30:59 NetpMachineValidToJoin: status: 0x0
    08/04 17:30:59 NetpJoinDomain
    08/04 17:30:59 Machine: OMM-7687492
    08/04 17:30:59 Domain: vivaldi.au
    08/04 17:30:59 MachineAccountOU: (NULL)
    08/04 17:30:59 Account: vivaldi.au\administrator
    08/04 17:30:59 Options: 0x27
    08/04 17:30:59 OS Version: 5.1
    08/04 17:30:59 Build number: 2600
    08/04 17:30:59 ServicePack: Service Pack 3
    08/04 17:30:59 NetpValidateName: checking to see if 'vivaldi.au' is valid as type 3 name
    08/04 17:30:59 NetpCheckDomainNameIsValid [ Exists ] for 'vivaldi.au' returned 0x0
    08/04 17:30:59 NetpValidateName: name 'vivaldi.au' is valid for type 3
    08/04 17:30:59 NetpDsGetDcName: trying to find DC in domain 'vivaldi.au', flags: 0x1020
    08/04 17:31:03 NetpDsGetDcName: failed to find a DC having account 'OMM-7687492$': 0x525
    08/04 17:31:03 NetpDsGetDcName: found DC '\\001-002-001-201.vivaldi.au' in the specified domain
    08/04 17:31:03 NetpJoinDomain: status of connecting to dc '\\001-002-001-201.vivaldi.au': 0x0
    08/04 17:31:03 NetpGetLsaPrimaryDomain: status: 0x0
    08/04 17:31:03 NetpGetDnsHostName: Read NV Hostname: omm-7687492
    08/04 17:31:03 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain name: vivaldi.au
    08/04 17:31:03 NetpLsaOpenSecret: status: 0xc0000034
    08/04 17:31:03 NetpGetLsaPrimaryDomain: status: 0x0
    08/04 17:31:03 NetpLsaOpenSecret: status: 0xc0000034
    08/04 17:31:03 NetpManageMachineAccountWithSid: NetUserAdd on '\\001-002-001-201.vivaldi.au' for 'OMM-7687492$' failed: 0x54f
    08/04 17:31:03 NetpJoinDomain: status of creating account: 0x54f
    08/04 17:31:03 NetpJoinDomain: initiaing a rollback due to earlier errors
    08/04 17:31:03 NetpLsaOpenSecret: status: 0x0
    08/04 17:31:03 NetpJoinDomain: rollback: status of deleting secret: 0x0
    08/04 17:31:03 NetpJoinDomain: status of disconnecting from '\\001-002-001-201.vivaldi.au': 0x0
    08/04 17:31:03 NetpDoDomainJoin: status: 0x54f

    repadmin /showreps shows successfull. i can attach the log or any other thing u want. time is sync between clients and domain controllers. we have 4 domain controllers and there are 2500 users in it. the problem suddenly appears since we found out
    we can not join the clients to the domain at all. only the clients can be joined to the domain if the computer account is pre-created before in the domain..
    You're not just simply hitting the quota limit of 10 machine accounts?
    http://support.microsoft.com/kb/243327/
    Enfo Zipper
    Christoffer Andersson – Principal Advisor
    http://blogs.chrisse.se - Directory Services Blog

  • DNS Error while joining the machine to domain.

    I get the below error while joining a new Win7 machine to the domain.
    I can ping and successfully resolve nslookup on both server and client machine.
    Both client and server (2008r2) are virtual machines, with private ip's on LAN...
    The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain
    magic.com:
    The error was: "DNS name does not exist."
    (error code 0x0000232B RCODE_NAME_ERROR)
    The query was for the SRV record for _ldap._tcp.dc._msdcs.magic.com
    Common causes of this error include the following:
    - The DNS SRV record is not registered in DNS.
    - One or more of the following zones do not include delegation to its child zone:
    magic.com
    com
    . (the root zone)
    For information about correcting this problem, click Help.
    Looks like some problem with my DNS.
    Also i tried to uninstall/ re-install the DNS role.
    What should be the TCP/IP network configuration???
    System Security analyst at CapG

    I get the below error while joining a new Win7 machine to the domain.
    I can ping and successfully resolve nslookup on both server and client machine.
    Both client and server (2008r2) are virtual machines, with private ip's on LAN...
    The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain
    magic.com:
    The error was: "DNS name does not exist."
    (error code 0x0000232B RCODE_NAME_ERROR)
    The query was for the SRV record for _ldap._tcp.dc._msdcs.magic.com
    Common causes of this error include the following:
    - The DNS SRV record is not registered in DNS.
    - One or more of the following zones do not include delegation to its child zone:
    magic.com
    com
    . (the root zone)
    For information about correcting this problem, click Help.
    Looks like some problem with my DNS.
    Also i tried to uninstall/ re-install the DNS role.
    What should be the TCP/IP network configuration???
    System Security analyst at CapG
    Also something to look in, i do not have the usual folders below 'Forward lookup zone', i.e, Sites, Home, tcp etc..
    I beleive these are required. I am not sure.!!. I did re-install the role, no change :-(
    System Security analyst at CapG

  • No logon server available for Win 7 Pro to join new 2012 Standard domain

    I can't get a Win 7 Pro client to join a new 2012 Standard network.  I am trying to use a Win 7 Pro computer from an old 2011 SBS FE network.  I am creating the new network from scratch and got as far as setting up the new server, establishing
    Internet access, and confirming that the client can ping the new server, which accepted new user credentials for the new domain added to the old client.  I rebooted.  Now I get the message that no server is available to service the
    logon request, for all domains and all user accounts on the old 2011 client, including the individual computer "domain."  I can't access anything on the client.  Server still accepts the user account and password.
    Unsuccessful efforts: rebooting old client; searching archives for solutions; disabling DCHP on router; and jumping out window.
    Suggestions?
    Paul

    Here is the answer for the DC/DNS (still working on accessing client):
    PS C:\Users\Administrator.COMPUTER-23> ipconfig /all
    Windows IP Configuration
    Host Name ... Computer-23
    Primary Dns Suffix ... Domain-23.com
    Node Type ... Hybrid
    IP Routing Enabled ... No
    WINS Proxy Enabled ... No
    DNS Suffix Search List ... Domain-23.com
    Ethernet adapter NIC1:
    Connection-specific DNS Suffix ...
    Description ... Broadcom NetXtreme Gigabit Ethernet #2
    Physedical Address ... F8-BC-12-53-21-8E
    DHCP Enabled ... No
    Autoconfiguration Enabled ... Yes
    IPv6 Address ... fd8d:c258:7c99:3333::1(Preferred)
    Link-local IPv6 Address ... fe80::99b7:5cf5:926c:8d42%13(Preferred)
    IPv4 Address ... 192.168.1.2(Preferred)
    Subnet Mask ... 255.255.255.0
    Default Gateway ... 196.168.1.1
    DHCPv6 IAID ... 335068178
    DHCPv6 Client DUID ... 00-01-00-01-1B-C1-2C-DF-F8-BC-12-5-21-90
    DNS Servers ... ::1
    ...................... 127.0.0.1
    NetBIOS over Tcpip ... Enabled

  • Renaming all computers and joining them to new domain

    Hi guys, 
    I'm really hoping someone can help me out. I'm an IT Admin with no actual training (please don't ask lol) so I'm not very knowledgeable and everything I've learned has been by reading forums and trial and error.
    What I need to do is: rename all of the computers on our domain (about 160 of them) to a simple naming system (we'll say comp1, comp2, etc), join them onto a new domain and reconnect the appropriate printers to each. Also, for some reason it is required
    I manually enter the DNS server IP in order for it to see the new domain and be able to connect. 
    In the past, I've learned that you have to reboot machines between both renames and domain changes so I understand that. What I'm trying to figure out is if I can do all of this by running some sort of "script" or by a group policy or something
    instead of doing everything manually (which will require an entire weekend since I have 8 locations to do this for). The machines are WinXP and Win7 and our AD server is 2008 R2.
    Also, how does deleting DNS/DHCP records affect anything if I were to delete them during this process? Am I supposed to for a big rename project like this? I only ask because when I've accidentally named a computer to a name that was already on the network,
    that caused an issue with DHCP. If you do have time to help me out, I appreciate it but I'll have to request you speak in somewhat laymen's terms. I apologize in advance if I frustrate anyone :) 

    You can script that using netdom.exe: http://support.microsoft.com/kb/298593/en-us
    For the DNS records, their updates should be done automatically if you have Dynamic Updates enabled on the DNS level. As for stale DNS records, they will be removed automatically if aging and scavenging is already configured.
    How to secure DNS updates on Microsoft DNS servers: http://social.technet.microsoft.com/wiki/contents/articles/21984.how-to-secure-dns-updates-on-microsoft-dns-servers.aspx
    How DNS aging and scavenging works: http://social.technet.microsoft.com/wiki/contents/articles/21724.how-dns-aging-and-scavenging-works.aspx
    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    Get Active Directory User Last Logon
    Create an Active Directory test domain similar to the production one
    Management of test accounts in an Active Directory production domain - Part I
    Management of test accounts in an Active Directory production domain - Part II
    Management of test accounts in an Active Directory production domain - Part III
    Reset Active Directory user password

  • Is it possible to join a Windows server domain?

    Hi, We have a mixtures of Windows and Mac clients at school. We have recently had installed a Windows Server 2003. The windows all work well - but other than as a file server can I expect more from the macs? Is it possible to join the windows domain - and log in as different users so that different network drives are mounted at log in? Thanks in advance!

    Hi, We have a mixtures of Windows and Mac clients at
    school. We have recently had installed a Windows
    Server 2003. The windows all work well - but other
    than as a file server can I expect more from the
    macs? Is it possible to join the windows domain - and
    log in as different users so that different network
    drives are mounted at log in? Thanks in advance!
    Yes. The server does not have to be running Services for Macintosh.
    If the server is running Active Directory, you'll have to work with the windows admin people to create the AD account.
    Otherwise, you'll just hae access to the shares.
    On the Mac, I think the AD options are under Directory Services.
    To map drives at login, the easiest way is to write an Applescript, save it as an application, and add it as a login item.
    I can't recall the exacy syntax, but for each drive, the script should look something like this:
    Tell Application "finder"
    try
    mount "smb:\\windows.server.ip.address\sharename"
    end try
    You will get a user id/pw/domain prompt for each share.
    For e-mail, assuming they use Exchange, you'll need exchange server 2000 SP 2 or higher with OWA, IMAP, and LDAP active on the mail server to be able to access mail through Entourage or Apple mail.
    Otherwise, you'll be limited to Outlook Web Access.
    Printing: Standard IP,LPR, or appletalk printer setup.

  • GPO Template to secure Computers joined to a 2012 Domain

    Hi,
    We are looking to implement a "Quarenteen OU" for new machines that join our domain.  I've found out how to change the behavior of assigning machines to a different OU than the Computers OU using the redircmp command.   Does anyone have
    a good "template" resource of default security polices to assign a new Server/destkop machine that gets placed into such a quarenteen OU to ensure its secure before moving it to a different/seperate OU?  I'm currently looking for knowledge base
    articles that cover this.  Any help would be greatly appreciated.
    Thanks,
    Kevin C.

    Hi Kevin,
    Based on description, we can follow the suggestion provided by Martin to assign security policies to these machines.
    SCM provides ready-to-deploy policies and DCM configuration packs based on Microsoft Security Guide recommendations and industry best practices, allowing
    us to easily manage configuration drift, and address compliance requirements for Windows operating systems and Microsoft applications.
    Regarding SCM, the following articles can be referred to for more information.
    Microsoft Security Compliance Manager (SCM) - Getting Started
    http://social.technet.microsoft.com/wiki/contents/articles/1866.microsoft-security-compliance-manager-scm-getting-started.aspx
    Microsoft Security Compliance Manager
    http://technet.microsoft.com/en-us/library/cc677002.aspx
    Security Compliance Manager (SCM)
    http://technet.microsoft.com/en-in/solutionaccelerators/cc835245.aspx
    Best regards,
    Frank Shen

  • Powershell Joining against a Different Domain Controller?

    Hey can someone help me out here.  We have about 11 DNS servers in our organization, and trying to do a test.  We are trying to join a workstation to the domain against one of these servers but I get the following response:
    Of course names have been changed to protect the innocent!
    PS C:\Users\Administrator> Add-Computer -Credential bob\BobAdmin -DomainName  bob.net -Server  Server.bob.net      
    Add-Computer : Computer 'TestWorkstation' failed to join domain
    'bob.net\Server.bob.net' from its current workgroup 'WORKGROUP' with
    following error message: This operation is only allowed for the Primary Domain Controller of the
    domain.
    At line:1 char:1
    + Add-Computer -Credential bob\BobAdmin -DomainName  bob.net -Serv ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : OperationStopped: (TestWorkstation:String) [Add-Computer], InvalidOpe
       rationException
        + FullyQualifiedErrorId : FailToJoinDomainFromWorkgroup,Microsoft.PowerShell.Commands.AddComp
       uterCommand 
    Any Advice?

    Hi Usgrcm,
    To add local computer to domain, please refer to the steps below:
    1.  Add domain DNS address on computer.
    2.  Run the script below:
    Add-Computer -DomainName domain.com -Credential domain\administrator
    3.  Restart local computer.
    If there is anything else regarding this issue, please feel free to post back.
    Best Regards,
    Anna Wang

  • Joining a Windows 2000 domain

    Can I join my Sun Solaris 8 server running Samba to a Windows 2000 domain so that all the users that logon or use shares will authenticate thru the domain controllers with their Win accounts?
    I dont want to create 1500 Solaris accounts.

    there is a sun product called Sun PC Net Link that could help you
    synchronazing user accounts in Windows env. and Solaris
    you can map the accounts from one env. to the other.
    we use this product since many years and have migrate fm
    windows NT to Windows 2000 Terminal Server without major
    problems, including user maps.
    good luck ...
    [email protected]

  • Unable to join virtual machines to domain controller

    Hello all
    I am studying for MCSE 2012 R2 and have decided to move from VMware Esxi 5.5 to Hyper-V in Server 2012R2.
    I built the host (Server 2012r2) and so far 3 VMs (all are Server 2012R2 VMs) . I promoted one of the VMs to a Domain controller and things appear to have installed with no issue. This is what I have done so far:
    Added Static IP addresses for all VMs
    Configured each VM's DNS setting to use the DC 
    When I try to join one of the virtual servers to the domain controller this is what I get.
    Note: This information is intended for a network administrator.  If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.
    The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "wolfpack.local":
    The error was: "DNS name does not exist."
    (error code 0x0000232B RCODE_NAME_ERROR)
    The query was for the SRV record for _ldap._tcp.dc._msdcs.wolfpack.local
    Common causes of this error include the following:
    - The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals.
    This computer is configured to use DNS servers with the following IP addresses:
    10.0.0.14
    - One or more of the following zones do not include delegation to its child zone:
    wolfpack.local
    local
    . (the root zone)
    Phil Balderos

    Hi Phil,
    I have noticed that the domain is wolfpack.local but  two VMs has another DNS suffix "home.network" .
    Please remove it and join it to domain again .
    Best Regards
    Elton Ji
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.
    Hello Elton and thank you for the response.
    I was looking at that same setting on my VM and its empty.
    Phil Balderos

Maybe you are looking for

  • What comp. monitor is considered latest/best? and what cables do I use?

    Hi there, I´ve read quite some posts but am still not sure about what to do. I hope there is someone who really knows how and what to help me a hand. My questions relates to setting up the new MM with dual displays, 1 for HDTV to watch movies and num

  • How to pass entry

    Dear Parag, We have a following scenario: 1.Invoice raise to vendor account. 2.Bill of exchange accepted entry passed.(f-36) 3.Bill of discounting entry pass (f-33) Now in this scenario the customer has unable to paid the invoice amount to bank and b

  • How can i install ios7 in iphone 4s

    how i install ios 7 in iphone4s

  • How to extract HR master data into MS outlook2007

    Hi Gurus, We want to populate the SAP HR master data(eg: user's  job title, Reporting to, Working hours, EMP ID, etc..)into MicroSoft outlook contact list.( or AD) So, other users can easily find out about the mailed user  or Team Lead.. Is there any

  • Remove or Diable the Create Button in Calendar iview

    Hi everyone, This is in regards to the Calendar iView in collaboration room. I created a team room and added SAP Calendar in that.When I view it, I see the "Create Appointment" button which I would like to remove. The users should not be able to crea