Category: WIndows Server

IIS Application with WSUS SP2

After installing SP2 of WSUS (KB2720211) and if you activate SSL, IIS application for WSUS not working. There is a lot of error in event viewer. Error id 12052, DSS Authentification web service is not working For fix this error, you must install KB2734608. You can download file here.. When the installation is complete, run …

Continue reading


WDS is closely linked to the DHCP server, however if the two roles are installed on different servers a slight modification to the DHCP needs to be made. In this case it is necessary to add options 67 and 68 at the DHCP level. Option 66 : IP Address of the server Option 67 : …

Continue reading

Retrieve ldap attribute

The lastlogon attribute can help to do some cleanup in its AD database. The recovery of the ldap attribute value can be done in powershell, vbs or dos.

Continue reading

Rename Domain Controller

It is sometimes necessary to rename a server, depending on the role installed some steps are to be applied. Let’s take the example of a domain controller running Windows Server 2012. It is necessary to ensure first of all the functional level. This must be at least Windows Server 2003 level.

Continue reading


An AD forest may contain one or more AD domains, depending on your situation the placement of FSMO roles may be different. In order to carry out a good positioning of the different roles, Microsoft provides documentation on their site that allows you to make the right decision.

Clean up metadata

It has happened to all administrators to find themselves with an isolated domain controller. In this case, after performing a dcpromo /forceremoval, all AD and DNS databases should be cleaned. For this purpose Microsoft gives the procedure that has been carried out. For Windows Server 2003 : For Windows Server 2008 R2 :

Migrate Share on File Server

When migrating a server, it is necessary to retrieve network shares and authorisations.

Continue reading

Join Computer to AD

Since Windows 2000, a user of a domain can be enter up to 10 machines on the domain. When joining to the domain, a login and password is requested. It will be sufficient for a user to enter his username and password. He will be able to do the same for 9 other stations.

Continue reading


Gpo’s are replicated by two systems : AD replication (GPC, the GPO console) and file system replication (GPT contained in SYSVOL, the different components configured). It happens nevertheless that the AD replication goes badly, so we will have a difference between the GPC and the GPT.

Continue reading

Enable AD bin

One of the new features of Windows Server 2008 R2 is the Active Directory Recycle Bin. We can now “restore” a user account that has been deleted. However, this requires a functional Windows Server 2008R2 level.

Continue reading