Renaming Windows Server Domain Controller
There are 2 ways to rename Windows Server 2008 domain controllers:
- Using command line tool Netdom
- Using System Properties GUI
Both methods are supported, but Microsoft recommends using Netdom command line tool because it reduces delay before clients can use the renamed domain controller (if you use GUI, you have to wait for AD/DNS replication to occur).
Can't delete orphaned DC - Access is denied
Deleting an orphaned Active Directory Domain Controller fails with error:
Windows cannot delete object LDAP:// ........................
Access is denied.
First obvious step is to make sure that your user account has permissions to delete objects in the OU in question.
Object contains other objects. Are you sure you want to delete...
When deleting an object (computer, user, etc) using Active Directory Users and Computers mmc snap-in you may get following warning:
Confirm Subtree Deletion
Object <objectname> contains other objects. Are you sure you want to delete <objectname> and all the objects it contains?
If you cancel the running deletion, the objects deleted thus far will not be recovered.
WARNING: if you select Use Delete Subtree server control check box, all objects within the subtree, including all delete-protected objects, will be deleted, and the deletion cannot be canceled.
Read more: Object contains other objects. Are you sure you want to delete...
Transfering Operations Master / FSMO roles
Here are 5 FSMO (Flexible Single Master Operations) roles and GUI tools that can be used to move these roles between Domain Controllers.
- Schema Master - controls all updates and modifications to the Active Directory schema.
This role can transferred using Active Directory Schema snap-in.
If Active Directory Schema snap-in is not available you need to register required DLL using following command: regsvr32 schmmgmt.dll. On Windows Server 2008 and later this needs to be done in an elevated command prompt. - Domain Naming Master - controls the addition or removal of domains in the forest.
This role can transferred using Active Directory Domains and Trusts snap-in.
- Log Group Policy (.msi) software installation errors
- Disable desktop gadgets via group policy
- Add operation failed. Unable to extract deployment information from the package
- Export Active Directory objects with ldifde before performing changes with ADSI Edit
- Force Applications to be re-installed by Group Policy
- Manage Active Directory and Windows Servers from Windows 7 workstation
- Cannot change user's primary group - button "Set Primary Group" greyed out
- Windows 7 Libraries "some features are unavailable due to unsupported libraries locations. Click here to find more..."
- Allow Windows 7 Clients to Install Network Printer Drivers Without Providing Admin Credentials
- Windows 7 displays "please wait" during group policy software installation