How can I add a new Administrative Template to an existing (or new) GPO? In a previous article – Understanding Administrative Templates in GPO – I’ve described the purpose of the Administrative Templates section in the Windows 2000/XP/2003 GPO. Administrative Templates are a large repository of registry-based changes that can be found in any GPO…
Last Update: Sep 17, 2024
The Domain Name System (DNS) is the Active Directory locator in Windows 2000. Active Directory clients and client tools use DNS to locate domain controllers for administration and logon. You must have a DNS server installed and configured for Active Directory and the associated client software to function correctly. This article guides you through the…
Last Update: Nov 19, 2024
MS KB 326480 has more info: This article describes how to set up the Active Directory Migration Tool (ADMT) to perform a migration from a Windows NT 4.0-based domain to a Windows Server 2003-based domain. You can use the ADMT to migrate users, groups, and computers from one domain to another, and to analyze the…
Last Update: Nov 19, 2024
How can I administer Windows 2000/2003-based computers using Windows XP Professional-based clients? This article describes how to use the Windows Server 2003 Administration Tools package on Windows XP Professional or how to use the Windows Server 2003 family to remotely administer Microsoft Windows 2000 Server family-based and Windows Server 2003 family-based computers. The following topics…
Last Update: Dec 03, 2024
How can I easily perform management operations in AD from a customized Taskpad? As your AD infrastructure grows, and the number of objects within it constantly changes, you might find that managing the growing number of users, groups and computers is becoming more than a headache. Fortunately for us, one of Active Directory’s best features…
How do I defragment the Active Directory to make it smaller in size? The size of NTDS.DIT will often be different sizes across the domain controllers in a domain. Remember that Active Directory is a multi-master independent model where updates are occurring in each of the domain controllers with the changes being replicated over time…
Last Update: Dec 03, 2024
Background By default, anonymous LDAP operations, except rootDSE searches and binds, are not permitted on Windows 2003 domain controllers. This means that when trying to perform unauthenticated search in Active Directory, you can query for attributes of the RootDSE object only – any other query will result in domain controller requesting authenticated bind to LDAP…
Last Update: Nov 19, 2024
How can I create a large number of users for testing purposes? If you want to create a large amount of test user accounts in your domain or local accounts on your workstation, you can do so in more than one way. On this page I’ll try to list a few of these methods. By…
How does Ntdsutil.exe know it’s in Directory Restore mode? NTDSUTIL is a tool used for many Active Directory database maintenance tasks, such as defragmenting the DB, moving the DB and/or log files to a different place, cleaning the DB and more. NTDSUTIL will allow you to perform many of it’s functions while the DC is…
Last Update: Sep 17, 2024
Backing up Active Directory is essential to maintain the proper health of the Active Directory database. You can backup Active Directory by using the NTBACKUP tool that comes built-in with Windows Server 2003, or use any 3rd-party tool that supports this feature. Backing up the Active Directory is done on one or more of your…
One of the issues that sometimes made managing group policies difficult in Windows XP and in Windows Server 2003 was the non centralized nature of the group policy template files. For example, Microsoft offers downloadable templates that allow you to manage Microsoft Office via group policy. Even so, these templates are not automatically available from…
Last Update: Sep 17, 2024
How do I modify the number of Active Directory objects to search? By default, the Windows 2000 Active Directory searches 10,000 objects at a time. This policy affects all browse displays associated with AD, the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in, and the dialog boxes you use to set permissions for…