Hi there,

I'm trying to setup a hybrid configuration with Exchange 2010 and Office 365 and I'm unable to complete the Office 365 Hybrid Configuration Wizard. I seem to have an error completing the wizard and I'm getting an error HCW8001. Looking through the Microsoft documentation, its saying that you need to enable Dirsync.

I've then connected onto the Azure AD shell and typed in Set-MsolDirSyncEnabled -EnableDirSync $true. From the Office 365 Azure AD dashboard, it's saying that AD sync is enabled.

What else can I do to get this part to work?

Regards,
Javier

People,

What's the difference between: VMware Horizon and VMware Horizon Mirage ?

My goal is to be able to deploy personalized virtual desktop (VDI solution) so that the users in my company can use it like a Terminal Server but it is deployed from one Golden Image for standardization.

Previously in Citrix world, it is XenDesktop, but in VMware I'm not sure.
VMware ThinApp is the tool/software which can be used to deliver virtualized application running on the Terminal Server like XenApp.

Thanks,

Hi

We had a lot of issues with ad and finally got it back running. But now we have this error popping up all the time.

The processing of Group Policy failed. Windows attempted to read the file \\kaufmann.local\sysvol\kaufmann.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.

The path does not exist but the path

\\kaufmann.local\SYSVOL\kaufmann.local\Policies\{897AA57E-AE53-4C48-B595-4F5EE94B51A1}

How can I fix this so it uses the new path?

To add some information

• Windows 2016 Server
• Virtual Machine
• The only Active Directory Server at the moment.

Hello Experts,

My client runs a hybrid organization with following specs:

On-PREM

Several Windows 2012 R2 DCs
Single-forest/single domain
ADFS internal
WAP servers

All mailboxes in the cloud distributed among to different tenants

Azure AD connector server one for each tenant. Both tenants use same source AD authoritative to sync to the tenant. Some information is synced to Tenant 1, and other information is synced to tenant 2.  

One domain is called companyx.com

For business reasons, they created another UPN suffix that calls for another domain[technically is not a Windows domain],and the name is companyw.com

Azure:

Multiple Windows 2012 R2 DCs
ADFS internal servers [primary server resides in the cloud, secondary internal ADFS servers are on PREM]
Express route between on prem and Azure

The organization uses a domain called companyx.com to sync users/contact/OU to tenant 1, by using AzureADconnectorserver1. This tenant and domain follow the Federated identity model as per link below

https://blogs.office.com/en-us/2014/05/13/choosing-a-sign-in-model-for-office-365/

There are also some OUs /users/ that are also synced to the second tenant for the domain companyw.com.

Moderm Authentication is enabled for the federated domain named companyx.com. The second domain or UPN that also uses same authoritative AD on prem, is not federated for some reason.

Having said that, here are the questions:

For a single forest/domain in a …

Hello all, we have many servers on domain, i can login to all of them fine, but whenever myself or any other admin tries to login to server08 we are logged in with a temp profile with the below message.

Windows could not load your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. Windows could not load your profile because a server copy of the profile folder already exists that does not have the correct security. Either the current user or the Administrators group must be the owner of the folder. 

Select all Open in new window

any ideas ?

Hello Experts,


I was assigned with a new task from one of my clients where he is looking to replace an old VB script that maps network drives based on some criteria.


I need to know what option would be the best even if writing a new PowerShell script or work with group preferences in AD.

The current logon script :

Maps several network drives to multiple folders for different departments.

If a machine is part of an OU, then the script will map several network drives

If an user is member of an specific group in AD, and based on sort AD attribute, then the logon script will map specific network drives.

As u can see, there are different conditions to map network drives for users based on their department, the computer machine assigned and some AD attributes.

Based on your experience, what option is feasible? PowerShell logon script or group preference, or something else?

Hello - i'm trying to set a screen lock time of 60 minutes for users who login to our RDS Server running Server 2016.    I've tried various Group Policy and local settings but can't seem to find the correct one, or some other policy is applying the current 10 minute policy, but haven't been able to locate that either.   Can you assist?

Hi All,

we are doing a project in which we are upgrading all windows 2008 domain controllers to windows 2016 server (VMs)
The one which will be done first have NPS role, and is a certificate server as well (doesn't hold any FSMO roles)
any guidelines which can assist in the upgrades and demoting the old server?

Thanks.

Spun up a DC too fast.  Wonder now how to change a DNS Domain name from domain.local to domain.com and also a NetBIOS name.  
Worth the stretch or easier just to wipe and reinstall?
DC Win2016 Server Standard.

Environment: Single forest, single domain, 3 DC's all holding a copy of the  GC
DC's are: 2012, 2008R2

Have a Windows 7Pro workstation that I want to do some GPO testing on.
I am a domain admin
If I run 'gpupdate /force' on the WS, I get:

My LOGONSERVER is "SERVERNAME1"

If I browse to the policy folder that is referenced by the error,  I notice that the :
"......Policies\{9F698386-2D66-47E5-88A1-D5EBCD7E0112}\User"  folder is EMPTY.
And there are USER policies configured...

I've tried a sync of the 2 2008 servers against the 2012 server , with no affect
Note: We used to manage GPO's on one of the 2008 servers, now we do so on the 2012.
Is there something not working right because we added the 2012 DC into the domain?

Many thanks for any help/guidance..
Rich

Hello People,

when a user goes to the lock screen in windows 10 they should see an option that says 'reset password'.

this does not show on any of the windows 10 domain PC's. why would this be?

whenever a user says they want to reset the password i do it through active directory for them. i know that users can go into user accounts and start doing things in there but almost all users do not have access to this location and is far more difficult for a general user than going to a button which says 'reset password'.

where has it gone - i have only just noticed this issue but could have been present for a long time?

Peggiegreg