Showing posts with label domain controller. Show all posts
Showing posts with label domain controller. Show all posts

Tuesday, July 26, 2016

log on as a service is greyed out on domain connected computers

I found Log on as a Service to be greyed out in local security policy for my domain member server (running Win 2008 R2).  It looked like this:


























It is greyed out because the setting is defined in group policy management by a domain controller and not in local security policy.  I was able to edit the setting here on a domain controller here:

In my case, I had to log on to one of my Windows 2008 R2 domain controllers and open Group Policy Management and go to Default Domain Policy where I could go to edit the log on as a service for the entire domain.

The setting is located here:
















And editing the value looks like this (right click on default domain policy and choose edit):


 






Posted by at 1 comment:
Labels: , , , , , ,

Friday, April 16, 2010

all DCs in a small environment should be a global catalog server

I'm reading through some documentation that recommends that, in small networks, all domain controllers should be global catalog servers as well.

To make a domain controller a GC server, follow these steps:

1. Start the Active Directory Sites and Services snap-in.
2. In the console tree, double-click Sites, and then double-click the sitename where
your server resides.
3. Below the Site, double-click Servers, double-click your domain controller, right-click
NTDS Settings, and then click Properties.
4. On the General tab, click to select the Global catalog check box to assign the role of
global catalog to this server if it is not already enabled.
Posted by at No comments:
Labels: , , , , , ,

Thursday, February 25, 2010

using an SBS 2003 box after a 2008 migration

Typically, you wouldn't use your SBS 2003 box after you've done an SBS 2008 migration. In my most recent upgrade, I did need to use it. I had Filemaker Pro 9 on the SBS 2003 box, which apparently can't be installed on 64 bit Server 2008. As part of the 2008 migration, I took the SBS 2003 box out of the domain and put it in a workgroup and demoted it to a member server. Not being in the domain wasn't a big deal - Filemaker didn't need to be in the domain - the clients just needed to see the server over TCP/IP. However, the server kept shutting down every two hours or so saying that the server needed to be a domain controller. The easy solution was to put the server in a new domain and run dcpromo. Problem solved.
Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)