LogonServer name for user and computers

Hello,
I would like to capture the DC logon server name for which user and computer got authenticated with and report it to SCCM. Could you please help me with the location where this information is stored? Thanks very much in advanced.
Rajiv

I usually just type in a command prompt:
set L
or
%logonserver%, and it will give it to me.
My thoughts are to run your script with administrator elevation, since I don't think running it below that will pull that type of data out.
Ace Fekay
MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
This posting is provided AS-IS with no warranties or guarantees and confers no rights.

Similar Messages

ISE: create rules with AD groups for Users and Computers

Hello,
We've just begun to work with ISE.
Is it the good place to post on ISE, or there is a dedicated forum in another place?
We'd like to create some rule depending of Computer member groups AND Users member groups from AD, but we meet some difficulties.
We've created AD groups for Computers and Users depending of their Department:
Users_1
Users_2
Computers_1
Computers_2
When we create some basics rules regarding one group only:
- with a group Computers_x to attribute a specific VLAN to a computer (when no Windows session is opened), it runs correctly.
- with a group Users_x to attribute a specific VLAN to an user (when Windows session is opened), it runs correctly.
But when we create a rule regarding a group from Computers and one from Users, to attribute a specific VLAN to an user on a specific computer, this rule is not applied.
Is it possible to use ISE on this way?
Thanks for help.
Regards,
Chris

Enable EAP Chaining— if you want Cisco ISE to allow authentication of both machine and user in the same EAP-FAST authentication.
http://www.cisco.com/en/US/solutions/collateral/ns340/ns414/ns742/ns744/docs/howto_80_eapchaining_deployment.pdf

Issuing certificates for user and clients from different forest/domain

Hello,
at first I would like to say that I have made some researches on this forum and in the Internet overall.
I have AD Forest with ~10 sites all over the Europe, DFL and FFL is 2008 R2, right now we are migrating site by site from old domain (samba) to AD.
Last time I have deployed PKI based on offline root CA and 2 Enterprise acting as 2-node Failover Cluster.
Everything in my AD Forest is OK, I mean, autoenrollment works perfect for users and computers from my forest,
now I need to deploy a certificate (for test) to one web-based pbx server in samba domain, there are no trusts etc. Samba domain as well as AD Forest are working on the same network, with routeable subnets in each site, so there is no problem with connectivity,
What are possible way to achieve this goal? I mean to issue cert to client from different forest, so that this client is able to validate it, validate certificate chain and renew it when needed?
I have Installed and Configured CE Web Service and CE Policy Web Service. Now I have configured Enrollment Policies on my virtual machine (being part of different domain), I selected username/password authentication, I am able to request certificate, I can
see all templates which I should see, but when I try to enroll I got an error:
(translated from my language)A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider
My root CA cert is added to trusted publishers for computer and user node as well.
What could be wrong? If you have any ideas or questions, please share or ask.
Thank you in advance.

Everything is clear, I have Certificate Enrollment Web Services installed and configured,
problem is what i get from certutil - TCAInfo
================================================================
CA Name: COMPANY-HATADCS002-ISSUING-CA
Machine Name: COMPANYClustGenSvc
DS Location: CN=COMPANY-HATADCS002-ISSUING-CA,CN=Enrollment Services,CN=Public Key Services,CN=Services,CN=Configuration,DC=COMPANY,DC=COM
Cert DN: CN=COMPANY-HATADCS002-ISSUING-CA, DC=COMPANY, DC=COM
CA Registry Validity Period: 2 Years -- 2016-03-04 12:20
NotAfter: 2019-02-14 12:44
Connecting to COMPANYClustGenSvc\COMPANY-HATADCS002-ISSUING-CA ...
Server "COMPANY-HATADCS002-ISSUING-CA" ICertRequest2 interface is alive (1078ms)
Enterprise Subordinate CA
dwFlags = CA_VERIFY_FLAGS_NT_AUTH (0x10)
dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT (0x40000000)
HCCE_LOCAL_MACHINE
CERT_CHAIN_POLICY_NT_AUTH
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwRevocationFreshnessTime: 18 Days, 4 Minutes, 1 Seconds
SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
SimpleChain.dwRevocationFreshnessTime: 18 Days, 4 Minutes, 1 Seconds
CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=0
Issuer: CN=HATADCS001-COMPANY-ROOT-CA
NotBefore: 2014-02-14 12:34
NotAfter: 2019-02-14 12:44
Subject: CN=COMPANY-HATADCS002-ISSUING-CA, DC=COMPANY, DC=COM
Serial: 618f3506000000000002
Template: SubCA
9e1bea4ffa648e5fe3e9f8c4be3c604c49af04e9
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
CRL 02:
Issuer: CN=HATADCS001-COMPANY-ROOT-CA
ThisUpdate: 2014-02-14 12:16
NextUpdate: 2024-02-15 00:36
d7bafb666702565cae940a389eaffef9c919f07a
Issuance[0] = 1.2.3.4.1455.67.89.5
CertContext[0][1]: dwInfoStatus=10c dwErrorStatus=0
Issuer: CN=HATADCS001-COMPANY-ROOT-CA
NotBefore: 2014-02-14 11:55
NotAfter: 2024-02-14 12:05
Subject: CN=HATADCS001-COMPANY-ROOT-CA
Serial: 18517ac8a4695aa74ec0c61b475426a8
b19b85e0e145da17fc673dfe251b0e2a3aeb05e9
Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Issuance[0] = 1.2.3.4.1455.67.89.5
Exclude leaf cert:
5b309c67a8b47c50966088a4d701c8526072c9ac
Full chain:
413b91896ba541d252fc9801437dcfbb21d37d91
Issuer: CN=HATADCS001-COMPANY-ROOT-CA
NotBefore: 2014-02-14 12:34
NotAfter: 2019-02-14 12:44
Subject: CN=COMPANY-HATADCS002-ISSUING-CA, DC=COMPANY, DC=COM
Serial: 618f3506000000000002
Template: SubCA
9e1bea4ffa648e5fe3e9f8c4be3c604c49af04e9
A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478 CERT_E_UNTRUSTEDCA)
Supported Certificate Templates:
Cert Type[0]: COMPANYOnlineResponder (COMPANY Online Responder) -- No Access!
Cert Type[1]: COMPANYWebServer(SSL) (COMPANY WebServer (SSL))
Cert Type[2]: COMPANYUser(Autoenrollment) (COMPANY User (Autoenrollment))
Cert Type[3]: COMPANYKeyRecoveryAgents (COMPANY Key Recovery Agents)
Cert Type[4]: COMPANYEnrollmentAgent(Computer) (COMPANY Enrollment Agent (Computer))
Cert Type[5]: COMPANYEnrollmentAgent (COMPANY Enrollment Agent)
Cert Type[6]: COMPANYComputer(Autoenrollment) (COMPANY Computer (Autoenrollment)) -- No Access!
Validated Cert Types: 7
================================================================
COMPANYClustGenSvc\COMPANY-HATADCS002-ISSUING-CA:
Enterprise Subordinate CA
A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478 CERT_E_UNTRUSTEDCA)
Online
CertUtil: -TCAInfo command completed successfully.
please put some light on it because it's driving me crazy :/
Thanks in advance
one remark: certutil -tcainfo performed on CA directly is 100% OK, no errors regarding
"A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478 CERT_E_UNTRUSTEDCA)"

"The home folder could not be created because the network name cannot be found" error in AD users and computers

Our home folders are stored on a non-windows NAS device and with Windows XP and 2003 we've always got the above error when creating or modifying users home folders, even when the shares were al ready created and being used.
However this was never really a big issue as the error that popped up was really for information and finshed with a "we've modified the user properties anyway, please create the share manually" type message.
Unfortunately now we are moving to windows 7 and 2008R2, this last part of the the message is missing and it won't accept the correct value.
This issue may be in the way that the NAS device shares the folder, as only the username that matches the folder name can access the share. This behaviour can't be modified.
Is there a way to get Windows 7/2008R2 AD users and computers to behave the same way that Windows XP/2003 does , i.e. don't try and create the share just set the value in the user properties ?
The AD is still at 2003 level and we can still use Windows XP/2003 clients to make the changes but this is a bit of a limitation.

The KB article is almost what we have apart from theitalic underlined
part
Consider the following scenario:
You use a domain administrator account to log on to a computer that is running Windows 7 or Windows Server 2008 R2.
You use the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in to connect to a domain controller.
You open the Properties dialog box of a user account.
The user account has sole access to a shared folder path that cannot be accessed by the administrator account.
You set the Remote Desktop Services Home Folderattribute to the shared folder path.
NoteThis attribute is located on the
Remote Desktop Services Profiletab.
You click Apply or OK.
In this scenario, you receive the following error message:
The home folder could not be created because: The network name cannot be found.
Note If you click Apply or OK again, no error message is returned. However, the setting is not saved.
I think the important bit is
The user account has sole access to a shared folder path that cannot be accessed by the administrator account.
We manually create the shares on our NAS and then just want to enter the path in the profile tab, I suppose the question is how to we stop it trying to create the shares ?

Could we have same name's for User and Groups in Active directory

When iam trying to create a user name " Logistics " under a OU, I am getting a error
"The pre-windows 2000 logon name you have chosen is already in use in this domain. Choose aother pre-windows logon name, and then try again"
We already have a group by the name " Logistics "
Could we have same name's for User and Groups in Active directory?
Thanks in Advance

sAMaccountName attribute is unique. So, the short answer is you cannot.
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile

Windows 2008 Server - Cannot run Active Directory Users and Computers

Hi,
I am running Windows 2008 Server with latest windows updates installed. Directory Services Role also.
I attempt to open Active Directory Users and Computers tool and I get a;
Microsoft Visual C++ Runtime Library error;
"The Application has requested the runtime to terminate it in a unusual way. Please contact the application's support team for more information"
I click ok, then get the following debug info;
Problem signature:
Problem Event Name: APPCRASH
Application Name: mmc.exe
Application Version: 6.0.6001.18000
Application Timestamp: 47919524
Fault Module Name: msvcrt.dll
Fault Module Version: 7.0.6001.18000
Fault Module Timestamp: 4791ad6b
Exception Code: 40000015
Exception Offset: 0000000000029b06
OS Version: 6.0.6001.2.1.0.272.7
Locale ID: 3081
Additional Information 1: 43aa
Additional Information 2: cf3a46656318492c1997480001b6b0e0
Additional Information 3: 3837
Additional Information 4: 92f72e0d0589ff77cef51e0a413aeff6
Read our privacy statement:
http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409
If someone could please assist, it would be very much appreciated.
Regards
B

Hi,
To solidly troubleshoot this kind of issue, we need to debug dump file. A suggestion would be to contact Microsoft Customer Service and Support (CSS) via telephone so that a dedicated Support Professional can assist with your request.
To obtain the phone numbers for specific technology request please take a look at the web site listed below:
http://support.microsoft.com/default.aspx?scid=fh;EN-US;OfferProPhone#faq607
However, I am also glad to share my research.
Some third party applications may lead to this error. Please check if you install other third party applications on Windows server 2008?
Also, please follow the article below to perform necessary steps to see how it's going?
FIX: You receive an "invalid page fault in module MSVCRT.DLL" error message after you install the run-time libraries from Visual C++ 6.0
http://support.microsoft.com/kb/190536/en-us
Hope this helps.
Best wishes
Morgan Che

Active directory users and computers wont start on a dc, "the server is not operational"

In our environment, we have 3 dc's
two which run server 2008 (they work perfectly)
and one never off branch dc that runs server 2008 r2.
We have been having some problems where we feel the replication isnt up too speed(stuff could take up to 24 hours to replicate) and now when i tried opening active directory users and computers i am met with this error window:
We have a third party DNS solution.
How do i troubleshoot this issue?

dc01 (which replicates perfectly with dc02, and vise versa)
dcdiag /test:dns
C:\Users\adminuser>dcdiag /test:dns
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Hostingpartner\ourdc01
Starting test: Connectivity
......................... ourDC01 passed test Connectivity
Doing primary tests
Testing server: Hostingpartner\ourdc01
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : int
Running enterprise tests on : int.domain.com
Starting test: DNS
Test results for domain controllers:
DC: ourdc01.int.domain.com
Domain: int.domain.com
TEST: Delegations (Del)
Error: DNS server: ourdc02.int.domain.com. IP:xx.xx.xx.32 [Broken delegated domain domaindnszones.int.domain.com.]
Error: DNS server: ourdc02.int.domain.com. IP:xx.xx.xx.32 [Broken delegated domain forestdnszones.int.domain.com.]
Summary of test results for DNS servers used by the above domain controllers:
DNS server: xx.xx.xx.32 (ourdc02.int.domain.com.)
2 test failures on this DNS server
Delegation is broken for the domain domaindnszones.int.domain.com. on the DNS server xx.xx.xx.32
Delegation is broken for the domain forestdnszones.int.domain.com. on the DNS server xx.xx.xx.32
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
Domain: int.domain.com
ourdc01 PASS PASS PASS FAIL n/a PASS n/a
......................... int.domain.com failed test DNS
dcdiag on dc01(which can replicate with dc02)
C:\Users\adminuser>dcdiag
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: hostingpartner\ourdc01
Starting test: Connectivity
......................... OURDC01 passed test Connectivity
Doing primary tests
Testing server: hostingpartner\ourdc01
Starting test: Replications
[Replications Check,OURDC01] DsReplicaGetInfoW(PENDING_OPS) failed with error 8453,
Win32 Error 8453.
......................... OURDC01 failed test Replications
Starting test: NCSecDesc
......................... OURDC01 passed test NCSecDesc
Starting test: NetLogons
[OURDC01] User credentials does not have permission to perform this operation.
The account used for this test must have network logon privileges
for this machine's domain.
......................... OURDC01 failed test NetLogons
Starting test: Advertising
......................... OURDC01 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... OURDC01 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... OURDC01 passed test RidManager
Starting test: MachineAccount
......................... OURDC01 passed test MachineAccount
Starting test: Services
......................... OURDC01 passed test Services
Starting test: ObjectsReplicated
......................... OURDC01 passed test ObjectsReplicated
Starting test: frssysvol
......................... OURDC01 passed test frssysvol
Starting test: frsevent
......................... OURDC01 passed test frsevent
Starting test: kccevent
......................... OURDC01 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/04/2013 15:04:29
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/04/2013 15:04:50
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/04/2013 15:10:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/04/2013 15:11:17
(Event String could not be retrieved)
......................... OURDC01 failed test systemlog
Starting test: VerifyReferences
......................... OURDC01 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : int
Starting test: CrossRefValidation
......................... int passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... int passed test CheckSDRefDom
Running enterprise tests on : int.domain.com
Starting test: Intersite
......................... int.domain.com passed test Intersite
Starting test: FsmoCheck
......................... int.domain.com passed test FsmoCheck
The problematic dc03:
Dcdiag gives the same output as dcdiag /test:dns
C:\Users\adminuser>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = OURDC03
Ldap search capabality attribute search failed on server NTSDC03, return
value = 81
We have an infoblox dns server on ip address xxx.y.y.251.
first error in event logs on dc03:
error 1863
This is the replication status for the following directory partition on this directory server.
Directory partition:
CN=Configuration,DC=int,DC=domain,DC=com
This directory server has not received replication information from a number of directory servers within the configured latency interval.
Latency Interval (Hours):
24
Number of directory servers in all sites:
2
Number of directory servers in this site:
2
The latency interval can be modified with the following registry key.
Registry Key:
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Replicator latency error interval (hours)
To identify the directory servers by name, use the dcdiag.exe tool.
You can also use the support tool repadmin.exe to display the replication latencies of the directory servers. The command is "repadmin /showvector /latency <partition-dn>".
i have also go several warning 2088, 2093, 2087.
And errors 1863 pointing to different directory partitions like schema/configuration/domaindnszones/forestdnszones

How to Use 'uid' for AD Users Without Domain Name For User Log in OAM

How to Use 'uid' for synchronized Active Directory (AD) Users into Oracle Internet Directory (OID) Without Domain Name For User Logins in OIDDAS and OAM
We successfully integrated OAM 11g with EBS R12.1.3 Now all the AD user id's stored in fnd_users table as [email protected]
How can we remove @abc.com
We are using OID 11g and OAM 11g
Found the similar note for OID 10G: How to Use 'uid' for AD Users Without Domain Name For User Logins in OIDDAS and SSO [ID 580480.1]
We are in OID 11g.
Any help on this greatly appreciated.

I couldn't find any reference that could be helpful -- Please log a SR and see if this is supported and if the steps are available.
Thanks,
Hussein

How to create "folders" in Active Directory Users and Computers?

Hello Community
    In Windows Server 2008R2 when you go to Active Directory Users and Computer
you will see icons of folders such as:
    - Builtin has a folder icon
    - Computers has a folder icon
    - ForeignSecurityPrinicpals has a folder icon
    - Domain Controller as a folder icon
    - Managed Service Accounts has a folder icon
    - Users has a folder icon
    All of the above folders are visually identical.
    If you right click and select “File” – “New”
on any of the selections the icon
will not look like the folder icon they have their own icons which look different
from the "Folder" icon.
    I would like to create a “Folder” that looks just visually exactly like the ones
mentioned above, how can I create those types of Folders in Active Directory User
and Computers?
    Note: I would like to put users in the folders.
    Thank you
    Shabeaut

Hi,
you should use OUs (an OU is they type of object (folder) that is available for you to easily create.
The object type you are asking about is a "container", and there are various reasons why an OU is more flexible (applying GPO, etc).
Refer: Delegating Administration by Using OU Objects
http://technet.microsoft.com/en-us/library/cc780779(v=ws.10).aspx
and the sub-articles:
Administration of Default Containers and OUs
http://technet.microsoft.com/en-us/library/cc728418(v=ws.10).aspx
Delegating Administration of Account and Resource OUs
http://technet.microsoft.com/en-us/library/cc784406(v=ws.10).aspx
Also: http://technet.microsoft.com/en-us/library/cc961764.aspx
Don
(Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

Security Settings on Domain Node in Users and Computers

When I open Active Directory Users and Computers (dsa.msc) and right click on the domain node (top node of the tree) and select Properties, there is a security tab with the usual dialog for setting permissions.
I assume the Domain Administrator account, Domain Admins, and Enterprise Admins should have full control. But what other groups or users should have what permissions? Are the permissions I set here applicable only to the folders and OUs
in the tree? Why would anyone but Domain/Enterprise Admins need permissions to these objects?
Are there any KB articles or best practices that offer guidance regarding how to set permissions here?

Hi,
Thanks for your posting.
Please check the following articles,
Security Groups
http://technet.microsoft.com/en-us/library/cc960640.aspx
Managing Domain Users and Groups
http://technet.microsoft.com/en-us/library/cc759353(v=ws.10).aspx
http://ss64.com/nt/syntax-groups.html
Regards.
Vivian Wang

Hide all except one object in Active Directory Users and Computers.

Hello,
I have a question.. I need to allow to one group of "administrators" creating users in one OU and adding computers to the domain, nothing else. I allowed them to log on DC using the GPO "Allow log on locally", because I don't want to give
them administrator rights, I allowed them to do these operations on one OU through delegation wizard and now I need to make all OUs, groups etc. invisible to them except this OU. What is the best way how to achieve this? Thank you...
d.

I would disable the ability to allow them to login. I suggest to create a Computers OU that you can delegate to the "admins" to add computers, and don't use the default Computers container.
I assume the admins are using Windows 7 or newer. You can customize an RSAT installation to just provide the ADAC.
Description of Remote Server Administration Tools for Windows 7:
http://support.microsoft.com/default.aspx/kb/958830
Remote Server Administration Tools for Windows 7:
http://technet.microsoft.com/en-us/library/ee449475(WS.10).aspx
Remote Server Administration Tools for Windows 7
http://www.microsoft.com/downloads/details.aspx?FamilyID=7D2F6AD7-656B-4313-A005-4E344E43997D&displaylang=en
Customizing - Installing Remote Server Administration Tools (RSAT) for Windows 7
http://www.petri.co.il/remote-server-administration-tools-for-windows-7.htm
Or if you want to chop it down and control it further, create a custom ADUC with just that OU you've delegated. I've done this in the past and worked fine for my customer:
Delegate an Organizational Unit (OU) in Active Directory Users and Computers (ADUC), then create a custom MMC or customized RSAT
http://blogs.msmvps.com/acefekay/2014/09/04/delegate-an-organizational-unit-ou-in-active-directory-users-and-computers-aduc-then-create-a-custom-mmc-or-customized-rsat/
Ace Fekay
MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
This posting is provided AS-IS with no warranties or guarantees and confers no rights.

Can not open Active Directory Users and Computers

Problem Reported:
Out of the blue this has started happening:
When I go to "Active Directory Users and Computers" I get this message.
"MMC cannot open the file C:\WINDOWS\system32\dsa.msc.
This may be because the file does not exist, is not an MMC console, or was created by a later version of MMC. This may also be because you do not have sufficient access rights to the file.
Additional information:
This is a server that has been in use for 2+ years with active directory users that can and do login everyday.
As far as I know the system has no backup.
dsa.msc IS located in the system32 folder
I am using the administrator account.
OS:
Microsoft Windows Server 2003 R2
Standard x64 Edition
Service Pack 2
Please help with detail. Thank you.

Have you tried to uninstall ADUC administrative tool and re-install it again? If no, please give a try.
This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Get Active Directory User Last Logon
Create an Active Directory test domain similar to the production one
Management of test accounts in an Active Directory production domain - Part I
Management of test accounts in an Active Directory production domain - Part II
Management of test accounts in an Active Directory production domain - Part III
Reset Active Directory user password

RSAT - Active Directory Users and Computers

After installing build 9879, I cannot open Active Directory Users and Computers. I get error message: MMC could not create the snap in. I do not see KB2693643 under installed updates anymore. I've tried to reinstall KB2693643
but I get error code 0x8024001d. Any help would be appreciated.

Hi readabook,
To resolve windows update error 0x8024001d, please rename Software Distribution folder:
1. Click on Start, choose run type in CMD and click OK.
2. Type NET STOP WUAUSERV and press Enter. (leave this window open for later use)
3. Open My Computer
4. Find the folder c:\Windows\SoftwareDistribution
5. Right mouse click on SoftwareDistribution and choose rename call the folder "SDold"
6. Return to the black Window that opened in step 1 type NET START WUAUSERV and click enter
Alex Zhao
TechNet Community Support

Table name for opening and closing stock

Hi gurus,
i want table name for opening and closing stock . How to calculate this opening and closing stock in report.
Murali.

Murali,
Check out in OINM, which maintains all the details of the stock transactions..
Hope it might help you..
Regards
Gattu

What are the table names for CRM and APO?

hi friends,
what are the table names for CRM and APO?
Regards
suneel.

hi Suneel,
check in crm forum
Re: SAP-CRM Tables
BUT051 BP Relationship: Contact Person Relationship
Similar to BUT050 , additionally contains Contact Persons Address data
BUT0BK Business Partner: Bank Data & Details
BP Number, Bank Key, Bank Country Key, Bank Account Number
BNKA Bank Master Data
BUT100 BP: Roles
ADR2 Telephone Numbers (Business Address Services)
ADR6 SMTP Numbers (Business Address Services)
Contains Email Id of the BP.
ADRC Addresses (Business Address Services)
BPs Complete Address Details- City, Country, Post Code, District, Street, Title No Etc
TSAD3T Table containing the Title text against a Title No.
COMM_PRODUCT Master Table for Product
CRMM_BUAG Master table for Business Agreement
CRMM_BUAG_H Header Data for Business Agreement such as Tax Category, Tax Characteristic, Form key, Business Agreement Class. Data in this table correspond to ISU CRMD_ORDERADM_H Contains the Header Information for a Business Transaction.
Note:
1. It doesnt store the Business Partner
responsible for the transaction. To
get the Partner No, link it with
CRM_ORDER_INDEX.
2. This table can be used for search
based on the Object Id(Business
Transaction No).
CRMD_CUSTOMER_H Additional Site Details at the Header Level of a Business Transaction
CRMC_PROC_TYPE Master table Business Transaction Type
CRMC_PARTNER_FCT Definition of Partner Functions
SCPRIOT Priorities for Activities with priority text.
CRMC_PROC_TYPE_T Text for a transaction type
CRMC_ACT_OBJ_T Objective Number and Text for Activities
TJ30T All the status code and text
CRMC_PR_ASSIGN : Transaction Type and its Transaction Type Object.
IBIB : Installed Base/Ibase
IBIN : Installed Base Components
COMM_PRODUCT : Products
CRMC_T077D : customer account groups
CRMD_ORDERADM_H (for header) CRMD_ORDERADM_I (Item data)
CRMD_ORDERADM_H Business Transactions CRM
CRMD_ACTIVITY_H Activity
CRMD_OPPORT_H Opportunity
BUTOO : Customer details
BUT001 BP: General data II
BUT100 BP: Roles
BUT150 BP relationship: Attribute table (test
different
BUT_HIER_TREE Business Partner Group Hierarchy
CDBC_T_PRODUCTID Mapping: Product Id
CDBD_ORGMAN Business transaction - organizational unit -
set
COMC_PRODUCT General Product Settings
COMC_R3_FIELDS Assignment of R/3 material master fields to
CFOP
COMM_CATEGORY Category
COMM_CFGMAT Basic Data for Materials
COMM_HIERARCHY Category Hierarchy
COMP_TYPES Hierarchy Tool: Comparison Type Check
Table
CRMC_CPRICPROC Customer Pricing Procedures
SMOKVBEZ15 Assignment employees to positions
CRMMLSGUID: GUID entry (should match GUID in CRMPRLS)
CRMM_BUT_CUSTNO : Also GUID table (GUID here should match GUID in R/3 table CRMKUNNR)
SMOFSUBTAB : Mapping & Parameters
SMOFDSTAT : Download Monitor (R4AM1)
SMOFFILTAB : Filters (Should match filters in R3AC1 & R/3 Table CRMFILTAB)
SMOFOBJECT Definition of Objects for Download
SMOFOBJPAR Parent Objects of an Object in Table
SMOFPARSFA Middleware Parameter
SMOFQFIND Queue Finder Table for MW-Queue finder
SMOFTABLES Definition of Tables for Download

LogonServer name for user and computers

Similar Messages

Maybe you are looking for