Automate Forest trust creation

Just a quick note: In case you were not aware – netdom.exe cannot create a Forest trust (inbound or outbound). But you can leverage the S.DS namespace to automate this with a little powershell:     $targetForestName = “targetForest.local” $trustPassword = “PassWord123!23” $TrustDirection = “Outbound”   # see http://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.trustdirection.aspx $Forest  = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest() $Forest.CreateLocalSideOfTrustRelationship($targetForestName,$TrustDirection,$trustPassword)   or both sides:…

0

DC fails logons or experiences LDAP timeouts

DC fails logons or experiences LDAP timeouts This was an interesting one which rolled by recently, and it’s a looong post so I apologize ahead of time.   Let’s start with the end user experience and move on from there: User(s) cannot send mail or retrieve mail from Exchange 2010 server. Well that’s pretty simple…

3

Audit policy not registering audits

  So there was an interesting case which floated my way the other day. The Audit policies in the domain controllers policy was set to the following, and there were no other policies blocking or changing these.   After a policy update the following events were logged: Log Name:      Security Source:        Microsoft-Windows-Security-Auditing Date:          5/23/2011 7:58:56…

22