On Server 2008 and 2008 R2, if your Domain Controllers aren’t configured to require LDAP signing and disallow simple LDAP binds in plaintext, Active Directory Domain Services logs a warning event on startup, and summary events every 24 hours. A couple weeks ago, I followed the recommendation to enable logging of unsigned and plaintext LDAP [...]
I’ve been working on deploying a load-balanced Remote Desktop Gateway service. I deployed the first farm member, then cloned it to create a second member. The second member was throwing Error events, which has the description "There is no domain controller available for domain CAMPUS." Now, I know that the domain controllers are up and [...]
I’m in the process of deploying a couple new Server 2008 R2 domain controllers. I’m using two IBM blades, each having a pair of Broadcom NICs that I configured in fault-tolerance teams. In trying to verify the configuration of one of the DCs, I used the command: dcdiag /test:dns The output surprised me: Starting test: [...]
During an upgrade of our VMware ESX infrastructure, I ran into an issue with our domain controllers. As part of the process we needed to upgrade the virtual hardware that is part of the guest vm. After updating the domain controller guest’s VMware Tools software, I shut down the guest and select Upgrade virtual hardware. [...]
Working on the Server 2008 hard limit of 5000 attribute values max per query, which breaks our Identity Management process. I’m looking at having to write a clone of LDIFDE that can issue queries using Range Retrieval and then synthesizes a single LDIF entry for groups with more than 5000 members. Safari Tech Books online [...]
It’s June! Cold and rainy?! Gah!! On the list for today: AD Domain Services on Server 2008 and Operations Manager 2007 Operations Manager – verifying current version First, checked the Help | About dialog in the OpsMgr console. Reviewing TechNet article on the SP1 upgrade procedure to look for more details. Post regarding installing hotfixes [...]
Having successfully deployed some agents to some recalcitrant hosts, I’m now trying to address a false positive issue on a DC. I’m getting an error regarding “AD Op Master Respone [sic] Monitor”. The host has a recurring error: AD Op Master Response : The script ‘AD Op Master Response’ failed to create object ‘McActiveDir.ActiveDirectory’. This [...]
Working through the AD preparation for an application install, and I’m logged into the emtpy root domain as a schema admin. Running the setup application, I get an error indicating that I don’t have rights to Organization Preparation ……………………. FAILED You do not have permissions to read the security descriptor on CN=Deleted O [...]
Geoffrey Duke
Sr. System Administrator,
University of Vermont