Can A Domain Trust Another Domain With The Same ‘Root Domain’ Name?
KB ID 0001288 Problem About a month ago I was with a client to do some investigation/consultancy, they were a large company with their head office in the UK and a number of other offices around the world. They had a number of domains and sub domains and wanted to consolidate them all into a new domain. Well that’s all OK, but the UK company has been purchased by a large American company, who were putting a lot of pressure on...
Windows – A Delegation For This DNS Server Cannot Be Created
KB ID 0001287 Problem When promoting a server to be a domain controller, you might see the following error, “A delegation for this DNS server cannont be created because the authoritative parent zone cannot be found or it does not run Windows DNS server. If you are intergrating with an existing DNS infrastructure, you should manually create a delegation to this DNS server in the parent zone to ensure reliable name resolution from...
Changing the Windows 10 Browser, So It Isn’t Edge
KB ID 0001284 Problem I’ve seen one person use Edge as their browser in a business environment. I’ve got nothing against it, (I use a macOSX anyway). But I had a client that asked me how to make sure his machines are set to NOT use Edge as the default browser. I’m going to use Internet Explorer instead, but you can do the same with Chrome or Firefox depending on your browser of choice. Solution What I’m going...
Stop Windows Servers ‘Locking’ with Group Policy
KB ID 0001283 Problem Servers locking themselves after a period of inactivity is, (in most cases) a good thing. But on my test network that only I use it gets a bit annoying switching between machines and constantly having to unlock Windows all the time! Note: For obvious security reasons don’t do this on a production network! Solution Create a new GPO linked to your computer OU, (or edit an existing one). Edit the policy....
Windows – Forcing Domain Group Policy
KB ID 0001282 Problem I’ve written hundreds of posts about doing things with group policies. Every time I finish one, I write a couple of paragraphs on how long to wait, or how to force the policy etc. So I’ve finally got round to writing a post I can simply reference! How Long Before Group Policy Changes Are Applied? This is something that hasn’t changed since I was doing Windows 2000 exams 🙂 The default interval...
Windows – Deploy and Configure Photo Screen Saver via GPO
Screen Saver via GPO KB ID 0001281 Problem I was tasked with working out how to do this for a client a couple of weeks ago, so I thought it would make a decent article. I’m going to have a central server share, with some photos in, then I’m going to copy them down to all the clients, and finally set their screen saver to use those photos as a ‘slide show’ screen saver. I’ve done this with Windows 10...
Windows 10 Create a WMI Filter for Group Policy
KB ID 0001267 Problem I was messing around with some GPO’s for client today to replace ‘Edge’ as the default browser, (with IE11). To make the whole process more efficient, I wanted to use a WMI filter toapply the policy only to Windows 10 machines. Before this used to be simple enough, you just set the Windows version in a WMI query. But because it searches for a string e.g. 6.1 (for Windows 8.1), that’s...
Move AD Group Members to an OU
KB ID 0001266 Problem I got asked to do this at work this week, PLEASE BE AWARE, moving users about within AD may drastically change the way your ‘User Group Policies’ are being applied. So do some Group Policy Modelling beforehand, to avoid any problems. Solution In the example above, I’ve got ten users in a security group called ‘Source-Group’. For simplicity, they are all in the same source OU as well,...
Windows Server – Locating, Transferring, and Seizing FSMO Roles
FSMO Roles KB ID 0001257 Problem I’ve written about transferring and sizing FSMO roles, (Flexible Single Master Operations) before, see the following article; Transferring Your FSMO Roles Now you have a PowerShell Commandlet to help ‘Move-ADDirectoryServerOperationMasterRole’. FSMO Roles : Solution As before you can view your FSMO role holders, by using the following command. netdom query fsmo To transfer them to...
Event ID 1030 and 1058
Event ID 1030 KB ID 0000119 Problem Event ID 1030 and 1058, Windows cannot query for the list of Group Policy objects. A message that describes the reason for this was previously logged by the policy engine. and Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=<domain name>,DC=com. The file must be present at the location <<domain name>sysvol<domain...