Archive for the ‘Active Directory’ Category

How to: Configure a “Boot to desktop” group policy for Windows 8.1

New in Windows 8.1 is the “Boot to Desktop” feature, where the user can choose not to boot to the Windows Tiles, but directly to the desktop! That’s a really nice feature if you ask me! How can we centrally configure and manage these feature for all my users or just a group of users? Exactly, through a group policy with User Preferences. It’s a user settings, so you could also use RES Workspace Manager for example.

1.) Navigate to your Group Policy Management Console
2.) Create a new Group Policy and disable the Computer Settings
3.) Open the policy and navigate to User Configuration / Preferences / Windows Settings / Registry
4.) Create a new Registry Item
5.)  Choose for Hive “HKEY_CURRENT_USER” and Navigate in the Key Path to:
6.) The Value name is “OpenAtLogon
6.) Choose the Value type “REG_DWORD
7) The Value data is:
Boots to Desktop = “0″
Boots to Start Menu = “1″
8.) Attach the group policy to a organizational unit(s) and login to your Windows 8.1 machine!

2014-04-16_10h33_44    2014-04-16_10h33_55    2014-04-16_10h35_15

2014-04-16_10h44_40    2014-04-16_10h44_50    2014-04-16_10h45_18

2014-04-16_10h45_31    2014-04-16_10h46_12    2014-04-16_10h46_33

2014-04-16_10h47_03    2014-04-16_10h52_42

Released: Exchange Server 2013 RTM Cumulative Update 1

Yesterday, the Microsoft Exchange Team has released Cumulative Update 1 for Exchange 2013 RTM. CU1 is the minimum version of Exchange 2013 required for on-premises coexistence with supported legacy Exchange Server versions. The final build number for CU1 is 15.0.620.29.

This is the Exchange 2013 product level required for co-existence with previous versions of Exchange, being Exchange Server 2010 SP3 or Exchange Server 2007 SP3 Rollup 10.

The Exchange Team provided a description of the major changes in CU1. You will find the announcement here;
Here are some of the major changes in CU1:

  • Includes Address Book Policy Routing Agent (info);
  • Allows group memberships to be managed by groups (again, as it was possible in Exchange 2007 but not in );
  • Access to Public Folders you have added as favorites via your favorites menu either in Outlook or Outlook Web App (still no regular Public Folder tree access though);
  • EAC has been enhanced and now includes Unified Messaging management and migration options;
  • Many probes, monitors, and responders have been updated and improved over the RTM release;
  • Get-HealthReport cmdlet has been streamlined and its performance has been optimized;
  • Supports the Exchange Server 2013 Management Pack for SCOM 2007 R2 and SCOM 2012 (due at a later date);
  • High Availability changes

You can download Cumulative Update 1 for Exchange 2013 here.

Be aware, this update requires some preparation first. So be carefull and read the release notes before hitting the install button ;)

Z-Hire Active Directory, Exchange, Lync User Creation Tool

Z-Hire automates the IT account creation process for Exchange mailbox, Active Directory, Lync accounts, Office 365 cloud and SalesForce cloud deployments. With just a click of the button, your Exchange mailbox, and Active directory user and Lync accounts will be created simultaneousy. This tool can also create and set custom settings for Office 365 accounts using templates. Z-Hire serves as the platform for new hire accounts by allowing auto-creation of major IT user accounts with the option for custom scripts. Z-hire will increase your new hire user account deployment time by 600%, without the need for complicated and expensive identity management solutions. This tool makes creating Active Directory users a breeze. Some of the features include:

- Environment Auto detection (AD/Exchange/Lync/Office 365/SalesForce)
- Copy existing Active Directory User to Z-Hire Template (new in version 4.8.1)
- Support for Active Directory user, Exchange Mailbox, Lync 2010, Office 365 user and SalesForce user accounts
- Template based deployment (allows consistency for all user accounts)
- Office 365 account creation with major attributes
- Active Directory user account creation with major attributes
- Active Directory group selection
- Active Directory user duplicate SamAccountName verification
- Lync 2010 account creation supporting all policies
- SalesForce user creation support all major attributes
- Faster performance (compared to previous version)
- Best of all, this AD User Creation Tool is free!

System Requirements
- Windows 7 X64 w/ .NET 3.5 (Domain Joined)
- Windows Server 2008 X64  w/ .NET 3.5 (Domain Joined)
- Windows Server 2008 R2 X64  w/ .NET 3.5 (Domain Joined)

Permission Requirements
- Ability to create Active Directory user
- Ability to create Exchange Mailbox
- Ability to create / enable Lync user

Supported Environments
- Active Directory (all versions)
- Exchange 2007 (all versions)
- Exchange 2010 (all versions)
- Lync 2010 (both Standard and Enterprise versions)
- Office 365 Cloud
- SalesForce CRM Cloud

Download Z-Hire tool on Microsoft Gallery

Server Posterpedia v2 available in the Windows Store!

Yesterday, Microsoft has released the new version of the Posterpedia App. This is very nice app, available in the Windows store. Server Posterpedia is an interactive app that uses technical posters as a reference for  understanding Microsoft technologies.

There are posters available for Microsoft Hyper-V, Exchange, Server 2008, SharePoint, Windows Azure, SQL, etc.

You can download the app using the following URL: or in the App Store!


How to: Windows 2012 Server deploy remote domain controllers using Server Manager – part II of II

A few weeks ago I’ve posted an article about how to remotely Install a domain controller within Windows 2012 Server using the Server Manager.

How to: Windows 2012 Server Deploy remote domain controllers using Server Manager – Part I of II

Since Windows 2012 Server, creating a new domain controller is much eassier then ever before. There is another option to create a new domain controller….Yes, using Windows PowerShell!!

As you can see in part I of the post, there are two domain controllers. I have installed a clean Windows 2012 Server within my labenvironment, called Server2.

1.) Logon to Server1 with the Administrator account
2.) Open Windows PowerShell
3.) Type the following command:
Install-WindowsFeature -Name AD-Domain-Services -ComputerName Server2
4.) After the Windows feature is installed succesfully, type the following command:
Invoke-Command –ComputerName Server2 –ScriptBlock {Import-Module ADDSDeployment;Install-ADDSDomainController –NoGlobalCatalog:$False –CreateDNSDelegation:$False –Credential (Get-Credential) –CriticalReplicationOnly:$False –DatabasePath “C:\Windows\NTDS” –DomainName “” –InstallDNS:$True –LogPath “C:\Windows\NTDS” –NoRebootOnCompletion:$False –SiteName “Default-First-Site-Name” –SysVolPath “C:\Windows\SysVol” }
When prompted for credentials, enter the username and password of your domain administrator account!

In my labenvironment, I have used the following parameters:
-ComputerName, this is the name of the new domain controller
-NoGlobalCatalog:$False, the new domain controller becomes also an Global Catalog Server
-CreateNDSDelegation:$False, there are no ohter DNS servers available for DNS delegation
-Creadential(Get-Credential), before executing the command, there will be an popup asking your admin crerdentials
-CriticalReplicationOnly:$False, this entry specifies whether the installation operation performs only important replication before a restart and then skips the noncritical and potentially lengthy part of replication. The noncritical replication occurs after the role installation is complete, and the computer restarts
-Databasepath, the location of the ADDS database (NTDS.DIT)
-DomainName, specifies the fully qualified domain name of your domain
-InstallDNS:$True, the new domain controllers becomes also an DNS server
-LogPath, this is the path of the fully qualified, non-UNC directory on a hard disk on the local computer that will  host the AD DS log files.
-NoRebootOnCompletion:$False, there will be no reboot at the end of the installation
-SiteName, this is the name of your Active Directory site where the new domain controller becomes a member of
-SysVolPath, this folder contains all content replicated to the other domain controller (NETLOGON and SYSVOL directories)
5.) After executing the commands above, and the installation has finished, the new domain controller becomes vissible in your Active Directory environment
6.) All you have to do now is waiting for the next Active Directory replication, so all your domain controllers are synchronized





How to: Windows 2012 Server deploy remote domain controllers using Server Manager – part I of II

A great new feature whitin Windows 2012 Server is the possibility to manage servers remote through the Windows Server Manager. In part one of this blogpost, I’m going to deploy a new domain controller to my existing domain in my lab environment through the GUI. In part two of the blogpost, I’m going to deploy again a new domain controller. But now I’m going to use Microsoft Powershell.

I already installed two clean Windows 2012 Servers with the right IP configuration. The servers are added to the Windows Server Manager within my first domain controller, so we’ve the possibility to manage this servers! As you can see, in the begin there’s only one domain controller available.

1.) Login to the existing domain controller of your domain
2.) Open the Server Manager
3.) Navigate to All Servers
4.) Select server SERVER1
5.) Select Manager – Add Roles and Features
6.) Click Next
7.) Select Role-based or feature-based installation
8.) Select server SERVER1
9.) Select server role Active Directory Domain Services and click Next
10.) Click Add Features to install the right Windows features to manage your Active Directory environment
11.) In the confirmation screen, click Install
This will install the server role and features only, not configuring!
12.) After the installation succeeded succesfully, click the red flag on top of the screen
13.) Navigate to Post-deployment Configuration and click Promote this server to a domain controller
14.) Supply the right credentials and click Next
15.) Type the Directory Service Restore Mode (DSRM) password and click Next
16.) In the review screen, you can save the Powershell script to perform this actions automatically the next time.
17.) After the configuration is finished, you’ll see the new domain controller within:
Active Directory Users and Computers
Active Directory Sites and Services








Cool free Windows 8 app…Server Posterpedia

Microsoft has released a great new free Windows 8 app…Server Posterpedia!Server Posterpedia is an interactive app that uses technical posters as a reference for  understanding Microsoft technologies.

You can download the app using the following URL: or in the App Store! How cool is that!



How to: Change the current Schema Master in Windows 2008 R2

Today I had to perform an Active Directory upgrade. I installed some new Windows 2008 R2 domain controllers. After a succesfull installation, I wanted to transfer the FSMO roles to the new domain controller(s). Four of the five went well, but how to transfer the Schema Master…?? There was no MMC snap-in available! This is the trick…

1.) Open a command prompt
2.) Type the command: regsvr32 schmmgmt.dll
3.) Open the Microsoft Management Console (mmc)
4.) Add the following snap-in: Active Directory Schema
5.) Right-click on the snap-in and select Change Active Directory Domain Controller
6.) Select one of the new installed domain controllers
7.) Right-click again and slect Operations Master
8.) Hit Change and select OK
9.) The Schema Master role is now transfered to the domain controller
10.) Check all the FSMO roles with the following command netdom /query FSMO