Exchange and the LegacyExchangeDN Problem
KB ID 0001468 Problem Why do we have the Exchange LegacyDN? It’s a throwback, from a time when we had our users, and our mail users in different databases. Below you can see the ExchangeLegacyDN for this Exchange on-premise user; /O=First Organisation/OU=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn={something-user-specific} Who cares? Well they are still important, if you send an internal email (to someone in...
PDC Emulator: Cannot Sync Time From External NTP Server
KB ID 0001464 Problem I was involved in a question on Experts Exchange this week where the asker could not get their PDC to sync time from an external NTP server. He was seeing an Event ID 12 Error; Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the PDC emulator for the domain at the root of the forest, so there is no machine above it in the domain hierarchy to...
Dcpromo Error: No Other Active Directory Controllers?
KB ID 0001453 Problem I was trying to demote a domain controller yesterday morning, it was a 2008 R2 Domain controller, (in fact it was SBS 2011). I’d already added a nice new Server 2016 Domain Controller to the domain, and transferred all the FSMO roles, so I was surprised when I tried to gracefully demote the old DC and got this; You did not indicate that this Active Directory domain controller is the last domain controller...
Exchange Update / Install Error: The Error Code Is 8224
KB ID 0001451 Problem I saw this error while attempting to install an update on Exchange 2010, but it can be seen on all flavours of Exchange. This is the ‘gist’ of the error; Organization Preparation Failed Error: The following error was generated when “$error.Clear(); install-ExchangeSchema -LdapFileName ($roleInstallPath + “Setup\Data\”+$RoleSchemaPrefix + “schema0.ldf”) ” was run:...
AD Sites and Services: ‘Show Services Node’ Missing?
KB ID 0001448 Problem While working on an old Exchange system this week I wanted to take a look at the ‘autodiscovery’ SCP in AD Sites and Services. Read any post, and you will se that you need to enable ‘Services Node View’ in AD sites and services. To do that you simply right click then go to View > Show Service Node. However, I didn’t get that option? Solution This was driving me crazy for a while,...
PowerShell: Finding Stale User and Computer Accounts
KB ID 0001438 Problem I do this a lot, (usually prior to big migrations), most organisations have no mechanism for removing old users and computers from Active Directory, some don’t even disable the accounts. Find Users Who Have Never Logged On Use the following PowerShell Command; Get-ADUser -Filter { LastLogonDate -notlike “*” -and Enabled -eq $true } -Properties LastLogonDate | Select-Object @{...