tips and tricks

repadmin /showreps /v
netdom query fsmo
repadmin /syncall
repadmin /showreps
dcdiag /e


The logon process for how a system connects to a DC is pretty striaghtforward (read: Simple, but not easy)
1. Workstation comes online and queries DNS SRV records to find all DCs
2. Workstation attempts LDAP connection to ALL DCs found.
3. Workstation queries DNS for site information.
4. Workstation compares site information received with its own network ID.
5. Workstation attempts LDAP connection to all DCs in its site
6. If no DCs in its site respond, Workstation attempts LDAP connection to all DCs in the domain
7. First DC to respond is where the Workstation attempts to authenticate.

To use Nslookup to verify the SRV records, follow these steps:

1.On your DNS, click Start, and then click Run.
2.In the Open box, type cmd.
3.Type nslookup, and then press ENTER.
4.Type set type=all, and then press ENTER.
5.Type _ldap._tcp.dc._msdcs.trentva.local

change logon server
setx tvadc01 %LOGONSERVER%


The Active Directory Recycle Bin in Windows Server 2008 R2

do this on the fsmo role holder

Enable-ADOptionalFeature ‘Recycle Bin Feature’ -Scope ForestOrConfigurationSet -target ‘trentva.local’



%d bloggers like this: