Category Archives: Windows Server

Distribute Google Chrome via GPO


System: Windows Server 2008 R2

First download Google Chrome .msi installer from here and ADM/ADMX package from here.

Create a Distribution Point
To publish or assign a computer program, you must create a distribution point on the publishing server which a shared network folder where you will put the Google Chrome msi file that you want to distribute.

Note: This share must be accessible by your client machine. The client machine will request the file from this location. Verify the share is working correctly and set permissions on the share to allow access to the distribution package
Continue reading

Restore deleted AD object using ldp.exe


System: Windows Server 2008 R2 SP1

First I delete user Jatayu.
RestoreDeletedAD1

Steps to restore username Jatayu:
1. Logon as Administrative privileges(ie.Administrator,Domain Admins) your Windows AD DC.
2. On Windows Start Button type Run type ldp.exe
3. On Ldp click Connection menu select Connect…
4. In the Connect box type your full AD server name then click OK.
(Note: You can check full computer name by right click on Computer select Properties)
RestoreDeletedAD2
Continue reading

Create security group to manage certain OU and computer objects in Active Directory


Scenario:
Create a global security group which have full control priviledge to manage an OU and able to moving computer objects in Active Directory built in Computers container into an OU created earlier without using builtin group Account Operators.

System: Windows Server 2008 R2

Steps:
– Create Global Security group and new OU
1) Logon as Administrative privileges your Windows Server AD DC.
2) Create a Global Security Group,example I create group with name IT AD Admin then I add username test as a member of IT AD Admin group.
ADss1

Continue reading

Enable Active Directory Recycle Bin Win Server 2008R2 using ldp.exe


System: Windows Server 2008 R2 SP1

>> First,raise the forest functional level to Windows Server 2008 R2 using Ldp.exe
1. Logon as Administrative privileges(ie.Administrator,Domain Admins) your Windows AD DC.
2. On Windows Start Button type Run type ldp.exe
3. On Ldp click Connection menu select Connect…
4. In the Connect box type your full AD server name then click OK.
(Note: You can check full computer name by right click on Computer select Properties)
RestoreDeletedAD2
Continue reading

Setup sync time Windows Server 2008 R2 with external NTP server

Note:
a) Time synchronization is an important aspect for all computers on the network. By default, the clients computers get their time from a Domain Controller and the Domain Controller gets his time from the domain’s PDC Operation Master. Therefore the PDC must synchronize his time from an external source.
b) Don’t forget to open the default UDP 123 port for time sync on your firewall.
c) The time service will not change the system time by more than 172800 seconds. Verify that your time and time zone are correct.

Locate your PDC Server. Open the command prompt and type:
C:>netdom /query fsmo

Log in to your PDC Server and open the command prompt.Stop the W32Time service:
C:>net stop w32time

Configure the external time sources, type:
C:>w32tm /config /syncfromflags:manual /manualpeerlist:"time.windows.com"

Make your PDC a reliable time source for the clients. Type:
C:>w32tm /config /reliable:yes

Start the w32time service:
C:>net start w32time

– The windows time service should begin synchronizing the time.
You can check the external NTP servers in the time configuration by typing:

C:>w32tm /query /configuration

– Last, check the Event Viewer for any errors.

If time not change, try manual resync by Run C:>w32tm /resync to force an instant time synchronization.

windows-server-sync-time

References:
> http://defaultreasoning.com/2009/11/16/synchronize-time-with-external-ntp-server-on-windows-server-2008-r2/
> https://community.spiceworks.com/topic/222484-how-do-i-sync-the-time-on-win-server-2008-r2-with-the-internet

How to Delete/Move a Protected OU in Active Directory

error-notice

Note: Im using WIndows Server 2008 R2

1) Log on to the computer as built in administrators group or Domain Admins group.
2) Open Active Directory Users and Computers.
3) Click View, and then click Advanced Features.
view

4) Right-click > Properties on the object of choice, navigate to the Object Tab, then untick Protect object from accidental deletion >> click OK
untick

5) Delete or Move the object that you want to delete or moving.