11. December 2013 · Comments Off on Windows Server 2012 – Migrating FSMO Roles · Categories: Microsoft · Tags: , , , , ,

A new server has been added to the forest as a new domain controller, on the new server after launching PowerShell command line, Use the Move-ADDirectoryServerOperationMasterRole command to transfer all the FSMO roles. Each role corresponding to a number :


Role Name Number
PDCEmulator 0
RIDMaster 1
InfrastructureMaster 2
SchemaMaster 3
DomainNamingMaster 4

Moving FSMO roles

Move-ADDirectoryServerOperationMasterRole -Identity “DC01” -OperationMasterRole 0,1,2,3,4

08. August 2012 · Comments Off on How to configure the directory to require LDAP Server signing · Categories: Microsoft · Tags: , , ,

How to configure the directory to require LDAP server signing

Using Group Policy

How to set the server LDAP signing requirement
  1. Click Start, click Run, type mmc.exe, and then click OK.
  2. On the File menu, click Add/Remove Snap-in.
  3. In the Add or Remove Snap-ins dialog box, click Group Policy Management Editor, and then click Add.
  4. In the Select Group Policy Object dialog box, click Browse.
  5. In the Browse for a Group Policy Object dialog box, click Default Domain Policy under the Domains, OUs and linked Group Policy Objects area, and then click OK.
  6. Click Finish.
  7. Click OK.
  8. Expand Default Domain Controller Policy, expand Computer Configuration, expand Policies, expand Windows Settings, expand Security Settings, expand Local Policies, and then click Security Options.
  9. Right-click Domain controller: LDAP server signing requirements, and then click Properties.
  10. In the Domain controller: LDAP server signing requirements Properties dialog box, enable Define this policy setting, click to select Require signing in the Define this policy setting drop-down list, and then click OK.
  11. In the Confirm Setting Change dialog box, click Yes.