Joining Server2008HPC to WindowsServerEssentials Domain
I have setup WindowsServer2012 Essentials and have used the connect feature to join computers with Windows7 Pro without any issue.
I have two servers running Windows Server 2008 HPC ed which I would like to join to the domain however the server/connect feature doesn't work, is this OS supported?
I would have thought that I could just manual join the domain, but this isn't successful either.
Any suggestions?
Thanks
Hi HSavage,
Based on following article, it seems that the Windows Server 2008 was not be supported to connect to Windows
Server 2012 Essentials via Connector software. By the way, what error message you can get?
Supported operating systems for client
computers
In addition, you describe “I would have thought that I could just manual join the domain, but this isn't successful
either.” Would you please let me know the error message that you can find? Meanwhile, please check if you can ping the server with IP address and server name successfully. Then open NIC Properties and check if point to the correct DNS address on the Windows
Server 2008.
If any update, please feel free to let me know.
Hope this helps.
Best regards,
Justin Gu
Similar Messages
-
Using MDT to re-join computers to a domain after a re-image
Since 2010 we have been using WDS to build, capture and deploy our image across our organisation (A High School) which has worked well enough. While WDS can do all this the build and capture is a little clunky and relies on you to manually installing all
programmes and then mounting the WIM file and inject the drivers so I have moved us onto MDT for the build and capture before importing the finished WIM file into WDS for deployment.
This has worked much better as MDT makes it much quicker to get an image up and going (programme silent installs, testing is much quicker etc) and drive management is as simple as telling MDT to put ALL the drivers you want into the image but I have been
reading that you should link MDT and WDS together.
I followed the instruction and imported the LiteTouchPE wim file into WDS and we are able to PXE boot right into MDT and either make a new image or capture the one we are working on but I am trying to automate the deployment so it is more like what we have
when just using WDS for deployment. Because I want to retain the ability to use MDT to make a new image I cannot customise the customesettings.ini file too much and instead I am relying on MDT task sequences for must of the customisations.
Currently all our systems are pre-staged into WDS (I think it is actually Active Directory at the end of the day but you use wdsutil to pre-stage them) so when we boot into PXE WDS deploys and configures the machines using WDSClientUnattend and ImageUnattend
XML file so that once the deployment is finished it is sitting at the logon screen waiting for the user to login already joined to the domain and our wireless network.
I am having trouble trying to achieve this same result using our WDS + MDT combo with the main sticking point being trying to re-join the computer back to the domain (we re-image machines constantly so re-join back to the domain is a must). I wrote/found
a PowerShell script that does the domain join but because an account already exists (all our machines are pre-staged under their service tag and GUID) it throws an error about their already being an account with that name (the computer still appear to join
the domain and I can logon using my domain account). Because of this error MDT borks the deployment and doesn't finish up and complains about deployment being in progress etc.
Is using WDS to boot the LiteTouchPE and then deploying through MDT the best way or are we better off going back to using MDT to do the build and capture and then using WDS and it's pre-staging to do the deploy? I really like that with MDT I can have a little
more control over driver deployment (recently had a problem where we got a new laptop and injecting the new drivers into the WIM broke the entire image for all our machines except the new one) and software at the time of the re-image (I cannot install the
Lenovo hotkey software in a virtual machine because it does a hardware check and fails to install so either the entire image needs to be made on a Lenovo or the software doesn't get installed).
I am currently making a Windows 8.1.1 x64 Enterprise SOE/MOE/whatever you would like to call it using MDT 2013 with WDS running on Windows Server 2012 R2 x64.Hello,
It is better to use so-called "thin" images. These contain only the operating system (in a facility and captures vm). Subsequently pilots and soft will be deployed by the bais of MTD.
For drivers I recommend you to use selection profiles. Moreover it is necessary to put a condition in step "Inject Drivers". Condition Type: Variable called MODEL, variable value Latitude E6430 (change the value to the desired model). It is necessary
to add more step Inject Drivers that type of position.
Application level, you import the different applications in MDT allowing you to select only the desired wizard when applications. If you want to automate this step you will need to indicate statically in the task sequence to install applications, this will
require the creation of several task sequence.
Best Regards
Well I am well aware the Microsoft recommends a thin image it is simply not practical in a School environment where Students change in and our of subjects and where the combination of subject specific software is nearly infinite the overhead is too great
(maybe if we used something like SCCM where we could deploy applications based on OU or group membership).
All your other points aside my problem/issue/question which appears to have been lost is, how do I rejoin a computer to the domain using MDT? We re-image laptops constantly and using WDS they rejoin with no problems but using MDT an error is thrown because
the account already exists. In WDS we have all our machines pre-staged so is there an MDT equivalent that will let me re-image a laptop and have it re-join the domain under the same account without throwing and error. -
I have an error when join pc's to domain windows server 2012 r2
Hello everyone
I have a problem to join computers to the domain.
I'm doing the procedure is as follows.
1.'ll properties pc
2. I click Change to join the domain.
3. I request the domain administrator credentials
4. I get the window that has joined the domain correctly and then click accept gives me the following error:}
This error message me with all computers that attempt to join the domain.
I have reviewed forums, I have already set the WINS part and for the network adapter. Not if it's a problem with the server version domain is Windows Server 2012 R2.
I appreciate your help.
regards
Miguel SolanoHello everyone
I have a problem to join computers to the domain.
Well I can not understand Spanish but I guess it is related to RPC. :D
In that case, you need to make sure your DNS entries are correct in clients NIC. Similar threads here:
"RPC Server Unavailable" while attempting to Join domain
Windows
Server Troubleshooting: "The RPC server is unavailable"
Mahdi Tehrani |
|
www.mahditehrani.ir
Please click on Propose As Answer or to mark this post as
and helpful for other people.
This posting is provided AS-IS with no warranties, and confers no rights.
How to query members of 'Local Administrators' group in all computers? -
Can A Windows 2000 Client Join A Windows 2012 Domain ?
I have set up a Server 2012 VM that I have configured as a DC. The desktop environment consists of Windows 7, Windows XP and a few Windows 2000 machines. All desktops can JOIN the 2012 domain, but when I try to add domain users to any of the
Windows 2000 (SP4) workstations, it fails with the error "The trust relationship between this workstation and the primary domain failed".
Unjoining the workstation from the domain (or going into ADUC and deleting the Win 2000 computer from the domain) and trying again yields the same result. I do not have this problem when the Windows 2000 machines are joined to a Server 2008 R2 domain.
At this point, I'm leaning towards setting it up as a 2008 R2 DC, and moving to a 2012 DC once we have weaned ourselves off of the Windows 2000 desktops. Is there any hope of getting things to work with a 2012 DC from the start ?Hi,
Based on my research, Windows 2000 client is not supported for Windows 2012 DC.
Windows client and Windows Server operating systems that are supported to join Windows Server 2012 domains
The following Windows client and Windows Server operating systems are supported for domain member computers with domain controllers that run Windows Server 2012:
Client operating systems: Windows 8, Windows 7, Windows Vista, Windows XP
Computers that run Windows 8 are also able to join domains that have domain controllers that run earlier version of Windows Server, including Windows Server 2003 or later. In this case however, some Windows 8 features may require additional configuration or
may not be available. For more information about those features and other recommendations for managing Windows 8 clients in downlevel domains, see
Running Windows 8 member computers in Windows Server 2003 domains.
Server operating systems: Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003 R2, Windows Server 2003
Cataleya Li
TechNet Community Support -
Install Exchange on a 2013 Member server and later join it to a domain
I'm installing Exchange 2013 on a 2012 Server at our depot. It will be joined to a SBS2003 Domain at a later date. What precaution do I need to make. Especially during the preinstall?
Bonnie WhalonThat is exactly what I meant by "no".
An Exchange installation is more than installing the bits, it's configuring everything, which includes a huge amount of configuration in Active Directory. Further once you've installed Exchange on a member server, you can't rename it.
Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." -
Ramifications of joining Lion to a domain?
Hi folks. Just got a mac at work and joined it to the domain to try it but after that I couldn't install any applications without the domain administrator account which is not going ot work obviously because that's not me I want to know what other major ramifications there are if I do join to the domain. I had to disjoin to get back to normal. Also, for that specific problem, how do I become a "local administrator" (windows equivalent) of the machine if I do join back to the domain. I need to be able to do everything on this machine. No limitations. Thanks.
Hi,
What is the purpose of having two NIC's in DC's?
Generally multihomed domain controller is supported. However it’s not recommended as numerous issues can occur in such an environment, mostly in name resolution.
First you need to establish a network connectivity between the two sites. As i said you need a layer 3 network device which can route packets between networks.
Once you have the connectivity and the necessary ports opened between firewalls, you can go ahead and create forest trust and give necessary permissions to the resources.
For Creating forest trust you have to prepare DNS to resolve the other domain name properly.Use conditional forwarder or secondary or stub zone.
Active
Directory Firewall Ports - Let's Try To Make This Simple
http://msmvps.com/blogs/acefekay/archive/2011/11/01/active-directory-firewall-ports-let-s-try-to-make-this-simple.aspx
How to create a cross-forest trust in Active Directory
http://searchwindowsserver.techtarget.com/tip/How-to-create-a-cross-forest-trust-in-Active-Directory
Checklist: Creating a forest trust
http://technet.microsoft.com/en-us/library/cc756852%28WS.10%29.aspx
Accessing resources across forests
http://technet.microsoft.com/en-us/library/cc772808(v=ws.10).asp
Regards,
Rafic
If you found this post helpful, please give it a "Helpful" vote.
If it answered your question, remember to mark it as an "Answer".
This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing! -
Internal error while joining a pc to domain
hi, when i want to join the pc to the domain it says "an internal error occured" and the join process fail.
i can ping the domain using fqdn and dns is working ok and the client is pointing to the appropriate dns server. also i have no anti virus installed and firewall is off. here is the netsetup.log file here.
Note: when i prestage the computer the join process is ok with no problem
can anyone help me?
08/04 17:30:45 -----------------------------------------------------------------
08/04 17:30:45 NetpValidateName: checking to see if 'vivaldi.au' is valid as type 3 name
08/04 17:30:45 NetpCheckDomainNameIsValid [ Exists ] for 'vivaldi.au' returned 0x0
08/04 17:30:45 NetpValidateName: name 'vivaldi.au' is valid for type 3
08/04 17:30:54 -----------------------------------------------------------------
08/04 17:30:54 NetpDoDomainJoin
08/04 17:30:54 NetpMachineValidToJoin: 'OMM-7687492'
08/04 17:30:54 NetpGetLsaPrimaryDomain: status: 0x0
08/04 17:30:54 NetpMachineValidToJoin: status: 0x0
08/04 17:30:54 NetpJoinDomain
08/04 17:30:54 Machine: OMM-7687492
08/04 17:30:54 Domain: vivaldi.au
08/04 17:30:54 MachineAccountOU: (NULL)
08/04 17:30:54 Account: vivaldi.au\administrator
08/04 17:30:54 Options: 0x25
08/04 17:30:54 OS Version: 5.1
08/04 17:30:54 Build number: 2600
08/04 17:30:54 ServicePack: Service Pack 3
08/04 17:30:54 NetpValidateName: checking to see if 'vivaldi.au' is valid as type 3 name
08/04 17:30:55 NetpCheckDomainNameIsValid [ Exists ] for 'vivaldi.au' returned 0x0
08/04 17:30:55 NetpValidateName: name 'vivaldi.au' is valid for type 3
08/04 17:30:55 NetpDsGetDcName: trying to find DC in domain 'vivaldi.au', flags: 0x1020
08/04 17:30:59 NetpDsGetDcName: failed to find a DC having account 'OMM-7687492$': 0x525
08/04 17:30:59 NetpDsGetDcName: found DC '\\001-002-001-204.vivaldi.au' in the specified domain
08/04 17:30:59 NetpJoinDomain: status of connecting to dc '\\001-002-001-204.vivaldi.au': 0x0
08/04 17:30:59 NetpGetLsaPrimaryDomain: status: 0x0
08/04 17:30:59 NetpGetDnsHostName: Read NV Hostname: omm-7687492
08/04 17:30:59 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain name: vivaldi.au
08/04 17:30:59 NetpLsaOpenSecret: status: 0xc0000034
08/04 17:30:59 NetpGetLsaPrimaryDomain: status: 0x0
08/04 17:30:59 NetpLsaOpenSecret: status: 0xc0000034
08/04 17:30:59 SamLookupNamesInDomain on OMM-7687492$ failed with 0xc0000073
08/04 17:30:59 NetpJoinDomain: status of setting machine password: 0x534
08/04 17:30:59 NetpJoinDomain: initiaing a rollback due to earlier errors
08/04 17:30:59 NetpLsaOpenSecret: status: 0x0
08/04 17:30:59 NetpJoinDomain: rollback: status of deleting secret: 0x0
08/04 17:30:59 NetpJoinDomain: status of disconnecting from '\\001-002-001-204.vivaldi.au': 0x0
08/04 17:30:59 NetpDoDomainJoin: status: 0x534
08/04 17:30:59 -----------------------------------------------------------------
08/04 17:30:59 NetpDoDomainJoin
08/04 17:30:59 NetpMachineValidToJoin: 'OMM-7687492'
08/04 17:30:59 NetpGetLsaPrimaryDomain: status: 0x0
08/04 17:30:59 NetpMachineValidToJoin: status: 0x0
08/04 17:30:59 NetpJoinDomain
08/04 17:30:59 Machine: OMM-7687492
08/04 17:30:59 Domain: vivaldi.au
08/04 17:30:59 MachineAccountOU: (NULL)
08/04 17:30:59 Account: vivaldi.au\administrator
08/04 17:30:59 Options: 0x27
08/04 17:30:59 OS Version: 5.1
08/04 17:30:59 Build number: 2600
08/04 17:30:59 ServicePack: Service Pack 3
08/04 17:30:59 NetpValidateName: checking to see if 'vivaldi.au' is valid as type 3 name
08/04 17:30:59 NetpCheckDomainNameIsValid [ Exists ] for 'vivaldi.au' returned 0x0
08/04 17:30:59 NetpValidateName: name 'vivaldi.au' is valid for type 3
08/04 17:30:59 NetpDsGetDcName: trying to find DC in domain 'vivaldi.au', flags: 0x1020
08/04 17:31:03 NetpDsGetDcName: failed to find a DC having account 'OMM-7687492$': 0x525
08/04 17:31:03 NetpDsGetDcName: found DC '\\001-002-001-201.vivaldi.au' in the specified domain
08/04 17:31:03 NetpJoinDomain: status of connecting to dc '\\001-002-001-201.vivaldi.au': 0x0
08/04 17:31:03 NetpGetLsaPrimaryDomain: status: 0x0
08/04 17:31:03 NetpGetDnsHostName: Read NV Hostname: omm-7687492
08/04 17:31:03 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain name: vivaldi.au
08/04 17:31:03 NetpLsaOpenSecret: status: 0xc0000034
08/04 17:31:03 NetpGetLsaPrimaryDomain: status: 0x0
08/04 17:31:03 NetpLsaOpenSecret: status: 0xc0000034
08/04 17:31:03 NetpManageMachineAccountWithSid: NetUserAdd on '\\001-002-001-201.vivaldi.au' for 'OMM-7687492$' failed: 0x54f
08/04 17:31:03 NetpJoinDomain: status of creating account: 0x54f
08/04 17:31:03 NetpJoinDomain: initiaing a rollback due to earlier errors
08/04 17:31:03 NetpLsaOpenSecret: status: 0x0
08/04 17:31:03 NetpJoinDomain: rollback: status of deleting secret: 0x0
08/04 17:31:03 NetpJoinDomain: status of disconnecting from '\\001-002-001-201.vivaldi.au': 0x0
08/04 17:31:03 NetpDoDomainJoin: status: 0x54frepadmin /showreps shows successfull. i can attach the log or any other thing u want. time is sync between clients and domain controllers. we have 4 domain controllers and there are 2500 users in it. the problem suddenly appears since we found out
we can not join the clients to the domain at all. only the clients can be joined to the domain if the computer account is pre-created before in the domain..
You're not just simply hitting the quota limit of 10 machine accounts?
http://support.microsoft.com/kb/243327/
Enfo Zipper
Christoffer Andersson – Principal Advisor
http://blogs.chrisse.se - Directory Services Blog -
DNS Error while joining the machine to domain.
I get the below error while joining a new Win7 machine to the domain.
I can ping and successfully resolve nslookup on both server and client machine.
Both client and server (2008r2) are virtual machines, with private ip's on LAN...
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain
magic.com:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.magic.com
Common causes of this error include the following:
- The DNS SRV record is not registered in DNS.
- One or more of the following zones do not include delegation to its child zone:
magic.com
com
. (the root zone)
For information about correcting this problem, click Help.
Looks like some problem with my DNS.
Also i tried to uninstall/ re-install the DNS role.
What should be the TCP/IP network configuration???
System Security analyst at CapGI get the below error while joining a new Win7 machine to the domain.
I can ping and successfully resolve nslookup on both server and client machine.
Both client and server (2008r2) are virtual machines, with private ip's on LAN...
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain
magic.com:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.magic.com
Common causes of this error include the following:
- The DNS SRV record is not registered in DNS.
- One or more of the following zones do not include delegation to its child zone:
magic.com
com
. (the root zone)
For information about correcting this problem, click Help.
Looks like some problem with my DNS.
Also i tried to uninstall/ re-install the DNS role.
What should be the TCP/IP network configuration???
System Security analyst at CapG
Also something to look in, i do not have the usual folders below 'Forward lookup zone', i.e, Sites, Home, tcp etc..
I beleive these are required. I am not sure.!!. I did re-install the role, no change :-(
System Security analyst at CapG -
No logon server available for Win 7 Pro to join new 2012 Standard domain
I can't get a Win 7 Pro client to join a new 2012 Standard network. I am trying to use a Win 7 Pro computer from an old 2011 SBS FE network. I am creating the new network from scratch and got as far as setting up the new server, establishing
Internet access, and confirming that the client can ping the new server, which accepted new user credentials for the new domain added to the old client. I rebooted. Now I get the message that no server is available to service the
logon request, for all domains and all user accounts on the old 2011 client, including the individual computer "domain." I can't access anything on the client. Server still accepts the user account and password.
Unsuccessful efforts: rebooting old client; searching archives for solutions; disabling DCHP on router; and jumping out window.
Suggestions?
PaulHere is the answer for the DC/DNS (still working on accessing client):
PS C:\Users\Administrator.COMPUTER-23> ipconfig /all
Windows IP Configuration
Host Name ... Computer-23
Primary Dns Suffix ... Domain-23.com
Node Type ... Hybrid
IP Routing Enabled ... No
WINS Proxy Enabled ... No
DNS Suffix Search List ... Domain-23.com
Ethernet adapter NIC1:
Connection-specific DNS Suffix ...
Description ... Broadcom NetXtreme Gigabit Ethernet #2
Physedical Address ... F8-BC-12-53-21-8E
DHCP Enabled ... No
Autoconfiguration Enabled ... Yes
IPv6 Address ... fd8d:c258:7c99:3333::1(Preferred)
Link-local IPv6 Address ... fe80::99b7:5cf5:926c:8d42%13(Preferred)
IPv4 Address ... 192.168.1.2(Preferred)
Subnet Mask ... 255.255.255.0
Default Gateway ... 196.168.1.1
DHCPv6 IAID ... 335068178
DHCPv6 Client DUID ... 00-01-00-01-1B-C1-2C-DF-F8-BC-12-5-21-90
DNS Servers ... ::1
...................... 127.0.0.1
NetBIOS over Tcpip ... Enabled -
Renaming all computers and joining them to new domain
Hi guys,
I'm really hoping someone can help me out. I'm an IT Admin with no actual training (please don't ask lol) so I'm not very knowledgeable and everything I've learned has been by reading forums and trial and error.
What I need to do is: rename all of the computers on our domain (about 160 of them) to a simple naming system (we'll say comp1, comp2, etc), join them onto a new domain and reconnect the appropriate printers to each. Also, for some reason it is required
I manually enter the DNS server IP in order for it to see the new domain and be able to connect.
In the past, I've learned that you have to reboot machines between both renames and domain changes so I understand that. What I'm trying to figure out is if I can do all of this by running some sort of "script" or by a group policy or something
instead of doing everything manually (which will require an entire weekend since I have 8 locations to do this for). The machines are WinXP and Win7 and our AD server is 2008 R2.
Also, how does deleting DNS/DHCP records affect anything if I were to delete them during this process? Am I supposed to for a big rename project like this? I only ask because when I've accidentally named a computer to a name that was already on the network,
that caused an issue with DHCP. If you do have time to help me out, I appreciate it but I'll have to request you speak in somewhat laymen's terms. I apologize in advance if I frustrate anyone :)You can script that using netdom.exe: http://support.microsoft.com/kb/298593/en-us
For the DNS records, their updates should be done automatically if you have Dynamic Updates enabled on the DNS level. As for stale DNS records, they will be removed automatically if aging and scavenging is already configured.
How to secure DNS updates on Microsoft DNS servers: http://social.technet.microsoft.com/wiki/contents/articles/21984.how-to-secure-dns-updates-on-microsoft-dns-servers.aspx
How DNS aging and scavenging works: http://social.technet.microsoft.com/wiki/contents/articles/21724.how-dns-aging-and-scavenging-works.aspx
This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Get Active Directory User Last Logon
Create an Active Directory test domain similar to the production one
Management of test accounts in an Active Directory production domain - Part I
Management of test accounts in an Active Directory production domain - Part II
Management of test accounts in an Active Directory production domain - Part III
Reset Active Directory user password -
Is it possible to join a Windows server domain?
Hi, We have a mixtures of Windows and Mac clients at school. We have recently had installed a Windows Server 2003. The windows all work well - but other than as a file server can I expect more from the macs? Is it possible to join the windows domain - and log in as different users so that different network drives are mounted at log in? Thanks in advance!
Hi, We have a mixtures of Windows and Mac clients at
school. We have recently had installed a Windows
Server 2003. The windows all work well - but other
than as a file server can I expect more from the
macs? Is it possible to join the windows domain - and
log in as different users so that different network
drives are mounted at log in? Thanks in advance!
Yes. The server does not have to be running Services for Macintosh.
If the server is running Active Directory, you'll have to work with the windows admin people to create the AD account.
Otherwise, you'll just hae access to the shares.
On the Mac, I think the AD options are under Directory Services.
To map drives at login, the easiest way is to write an Applescript, save it as an application, and add it as a login item.
I can't recall the exacy syntax, but for each drive, the script should look something like this:
Tell Application "finder"
try
mount "smb:\\windows.server.ip.address\sharename"
end try
You will get a user id/pw/domain prompt for each share.
For e-mail, assuming they use Exchange, you'll need exchange server 2000 SP 2 or higher with OWA, IMAP, and LDAP active on the mail server to be able to access mail through Entourage or Apple mail.
Otherwise, you'll be limited to Outlook Web Access.
Printing: Standard IP,LPR, or appletalk printer setup. -
GPO Template to secure Computers joined to a 2012 Domain
Hi,
We are looking to implement a "Quarenteen OU" for new machines that join our domain. I've found out how to change the behavior of assigning machines to a different OU than the Computers OU using the redircmp command. Does anyone have
a good "template" resource of default security polices to assign a new Server/destkop machine that gets placed into such a quarenteen OU to ensure its secure before moving it to a different/seperate OU? I'm currently looking for knowledge base
articles that cover this. Any help would be greatly appreciated.
Thanks,
Kevin C.Hi Kevin,
Based on description, we can follow the suggestion provided by Martin to assign security policies to these machines.
SCM provides ready-to-deploy policies and DCM configuration packs based on Microsoft Security Guide recommendations and industry best practices, allowing
us to easily manage configuration drift, and address compliance requirements for Windows operating systems and Microsoft applications.
Regarding SCM, the following articles can be referred to for more information.
Microsoft Security Compliance Manager (SCM) - Getting Started
http://social.technet.microsoft.com/wiki/contents/articles/1866.microsoft-security-compliance-manager-scm-getting-started.aspx
Microsoft Security Compliance Manager
http://technet.microsoft.com/en-us/library/cc677002.aspx
Security Compliance Manager (SCM)
http://technet.microsoft.com/en-in/solutionaccelerators/cc835245.aspx
Best regards,
Frank Shen -
Powershell Joining against a Different Domain Controller?
Hey can someone help me out here. We have about 11 DNS servers in our organization, and trying to do a test. We are trying to join a workstation to the domain against one of these servers but I get the following response:
Of course names have been changed to protect the innocent!
PS C:\Users\Administrator> Add-Computer -Credential bob\BobAdmin -DomainName bob.net -Server Server.bob.net
Add-Computer : Computer 'TestWorkstation' failed to join domain
'bob.net\Server.bob.net' from its current workgroup 'WORKGROUP' with
following error message: This operation is only allowed for the Primary Domain Controller of the
domain.
At line:1 char:1
+ Add-Computer -Credential bob\BobAdmin -DomainName bob.net -Serv ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (TestWorkstation:String) [Add-Computer], InvalidOpe
rationException
+ FullyQualifiedErrorId : FailToJoinDomainFromWorkgroup,Microsoft.PowerShell.Commands.AddComp
uterCommand
Any Advice?Hi Usgrcm,
To add local computer to domain, please refer to the steps below:
1. Add domain DNS address on computer.
2. Run the script below:
Add-Computer -DomainName domain.com -Credential domain\administrator
3. Restart local computer.
If there is anything else regarding this issue, please feel free to post back.
Best Regards,
Anna Wang -
Can I join my Sun Solaris 8 server running Samba to a Windows 2000 domain so that all the users that logon or use shares will authenticate thru the domain controllers with their Win accounts?
I dont want to create 1500 Solaris accounts.there is a sun product called Sun PC Net Link that could help you
synchronazing user accounts in Windows env. and Solaris
you can map the accounts from one env. to the other.
we use this product since many years and have migrate fm
windows NT to Windows 2000 Terminal Server without major
problems, including user maps.
good luck ...
[email protected] -
Unable to join virtual machines to domain controller
Hello all
I am studying for MCSE 2012 R2 and have decided to move from VMware Esxi 5.5 to Hyper-V in Server 2012R2.
I built the host (Server 2012r2) and so far 3 VMs (all are Server 2012R2 VMs) . I promoted one of the VMs to a Domain controller and things appear to have installed with no issue. This is what I have done so far:
Added Static IP addresses for all VMs
Configured each VM's DNS setting to use the DC
When I try to join one of the virtual servers to the domain controller this is what I get.
Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "wolfpack.local":
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.wolfpack.local
Common causes of this error include the following:
- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals.
This computer is configured to use DNS servers with the following IP addresses:
10.0.0.14
- One or more of the following zones do not include delegation to its child zone:
wolfpack.local
local
. (the root zone)
Phil BalderosHi Phil,
I have noticed that the domain is wolfpack.local but two VMs has another DNS suffix "home.network" .
Please remove it and join it to domain again .
Best Regards
Elton Ji
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.
Hello Elton and thank you for the response.
I was looking at that same setting on my VM and its empty.
Phil Balderos
Maybe you are looking for
-
What comp. monitor is considered latest/best? and what cables do I use?
Hi there, I´ve read quite some posts but am still not sure about what to do. I hope there is someone who really knows how and what to help me a hand. My questions relates to setting up the new MM with dual displays, 1 for HDTV to watch movies and num
-
Dear Parag, We have a following scenario: 1.Invoice raise to vendor account. 2.Bill of exchange accepted entry passed.(f-36) 3.Bill of discounting entry pass (f-33) Now in this scenario the customer has unable to paid the invoice amount to bank and b
-
How can i install ios7 in iphone 4s
how i install ios 7 in iphone4s
-
How to extract HR master data into MS outlook2007
Hi Gurus, We want to populate the SAP HR master data(eg: user's job title, Reporting to, Working hours, EMP ID, etc..)into MicroSoft outlook contact list.( or AD) So, other users can easily find out about the mailed user or Team Lead.. Is there any
-
Remove or Diable the Create Button in Calendar iview
Hi everyone, This is in regards to the Calendar iView in collaboration room. I created a team room and added SAP Calendar in that.When I view it, I see the "Create Appointment" button which I would like to remove. The users should not be able to crea