ADMT (Active Directory Migration Tool) Domain Migration – Part 2
KB ID 0001306 Problem Back in Part One we setup our migration admin account, and installed ADMT. Now, as I’m going to migrate the users passwords I need a ‘Password Export Server’, but first I need to tackle the subject of user SIDs Solution Domain Migrations and SID Filtering Every user has a SID (Security Identifier) it’s the thing AD uses to refer to and apply security to users, (and other objects). This...
Windows – Schedule a Reboot For a Specific Time
KB ID 0000866 Problem If you want to do this, and you do a quick internet search, all results come back as either suggesting using psshutdown or writing a script then scheduling that. I suppose a script is a good idea if you want to reboot at 01:00 every day for example. But what if you want to reboot a client server once at 17:00 and it’s 10:00 in the morning? Chances are, if you’re like me, you will be working on...
Can’t Delete a File or Folder or Take Ownership
KB ID 0000887 Problem I have a portable drive that I carry in my laptop bag that has all the service packs and iso images that I might need. The problem is when I install service packs and updates on clients servers and PC’s, they have a habit of creating folders on my portable drive that are a pain to delete. While tidying up the drive today, it was telling me I did not have the rights to do so. When I tried to take ownership...
Why Securing Your VPN Solution With Computer Certificates ‘Only’ Is A BAD Idea
KB ID 0001055 Problem After a large AnyConnect 4 roll-out, I had the following conversation with a client; Client: Can we change the way the clients authenticate? Me: Yes, no problem what do you need? Client: Well instead of user based certificate authentication, we want to use computer certificates only. Me: Really why? Client: So when we roll out a lot of imaged new machines we don’t need to get the users to log onto them and...
Event ID 1988
KB ID 0000261 Problem Event ID 1988 Active Directory Replication encountered the existence of objects in the following partition that have been deleted from the local…. in other domains in the forest are known as “lingering objects”. Domain controllers are bound by “Strict Replication” and there is an item in Active Directory that’s “hanging about” and needs deleting. Solution Option 1...