Gpupdate: Windows Could Not Locate the Directory Object
KB ID 0001625 Problem Saw this on a Windows client on my test network; User Policy update has completed successfully. Computer policy could not be updated successfully. The following errors were encountered: The processing of Group Policy failed. Windows could not locate the directory object OU=Top-Level,OU=computers,DC=PeteNetLive,DC=com. Group Policy settings will not be enforced until this event is resolved. View the event details...
Add The ‘Group Policy Management Console’
KB ID 0001615 Problem On a Domain Controller you will get Group Policy Management, (by default) listed under administrative tools. But if you have a ‘Management Server’ of a ‘Jump Box’, that you want to install the tool onto, (without making it a domain controller!) Then do the following; Option 1: Install GPMC with Powershell This is the quickest and simplest option! Open a PowerShell Windows and execute the...
Windows Group Policy – Disable The Local Windows Firewall
KB ID 0001090 Problem I’ve got nothing against the Windows firewall, it’s certainly a lot easier to manage now than it was back in the XP SP2 days. But I find a lot of clients still just ‘want it gone’ and, providing they have a decent corporate firewall in front of them that’s fair enough. Solution 1. On a domain controller or a client running the remote administration tools > Windows Key+R >...
Exchange Exporting Mailboxes to PST Files
KB ID 0001360 Problem Applicable To: This procedure works on all versions of Exchange Newer than Exchange 2010 SP1 (update rollup 8). If your Exchange server is OLDER than that you will need to use the following link; Exchange 2007 / 2010 (Pre SP1)- Export Mailbox’s to PST files The following procedure exports a user mailbox to a PST file on a network share. Solution Note: Not Even ‘Exchange Organisation Administrators”...
PowerShell: Find Computers Last Logon Date
KB ID 0001612 Problem I had to find the last time a particular server had logged on for a client the other week, so we knew for sure it was dead! Solution The two commands you may need are; Locate Servers Last Login Time Get-ADComputer -Filter {OperatingSystem -Like ‘*SERVER’} -Properties lastlogondate,operatingsystem | Select name,laslogondate,operatingsystem Locate Clients Last Login Time Get-ADComputer -Filter...
Group Policy Preferences and Client Side Extensions
Group Policy Preferences KB ID 0000389 Problem Group Policy Preferences (GPP) first came in with Server 2008 and were enhanced for Server 2008 R2, To be able to apply them to older Windows clients, you need to install the “Client side Extensions” (CSE), You can either script this, deploy with a group policy, or if you have WSUS you can send out the update that way. From windows 7 onwards they are already installed....
Adding a Windows Server 2019/2016 Domain Controller
KB ID 0001262 Problem Once upon a time, adding a domain controller that was running a newer version of the Windows Server family involved opening command line and schema prepping, and GP prepping etc. Now all this happens in the background when adding a 2019 domain controller and the wizard is doing the heavy lifting for you. Solution 2008 to 2019 Domain Controller 2008 to 2016 Domain Controller Obviously the server needs to be a...
Moving Certificate Services To Another Server
KB ID 0001473 Problem If you are retiring a CA Server, or there’s a problem with the server and you want to move Microsoft Certificate Services to another server, the procedure is pretty straight forward. BE AWARE: We are moving the CA Server Name , NOT the Server Name (FQDN), the two things are NOT the same, (you might have called them the same thing!) But a Certificate Authority has a name of its own, and that’s what we...
Forcing Azure AD Connect Sync
KB ID 0001590 Problem If you are using Azure AD Connect, (AAD Connect) to sync your on-premise Active Directory with Azure AD (i.e. for Office 365), then there may be times when you need to manually ‘force a replication’ because by default it’s going to take 30 minutes between each normal ‘delta replication’ Solution If you are directly on the server that’s running Azure AD connect, then use the...
PowerShell: Add All Members of an OU to a Security Group
KB ID 0001589 Problem I’ve written in the past about ‘Bulk Adding Users from CSV files, into Groups’. But what if you want to add ALL users in a particular OU into a security group? Solution The syntax is; Get-ADUser -SearchBase ‘OU=Source-OU,OU=PNL,DC=pnl,DC=com’ -Filter * | ForEach-Object {Add-ADGroupMember -Identity ‘SG-Test-Group’ -Members $_ } Here I’ve got 20 users that need adding to a group, in this...