How to: Windows 2012 Server deploy remote domain controllers using Server Manager – part I of II

A great new feature whitin Windows 2012 Server is the possibility to manage servers remote through the Windows Server Manager. In part one of this blogpost, I’m going to deploy a new domain controller to my existing domain in my lab environment through the GUI. In part two of the blogpost, I’m going to deploy again a new domain controller. But now I’m going to use Microsoft Powershell.

I already installed two clean Windows 2012 Servers with the right IP configuration. The servers are added to the Windows Server Manager within my first domain controller, so we’ve the possibility to manage this servers! As you can see, in the begin there’s only one domain controller available.

1.) Login to the existing domain controller of your domain
2.) Open the Server Manager
3.) Navigate to All Servers
4.) Select server SERVER1
5.) Select Manager – Add Roles and Features
6.) Click Next
7.) Select Role-based or feature-based installation
8.) Select server SERVER1
9.) Select server role Active Directory Domain Services and click Next
10.) Click Add Features to install the right Windows features to manage your Active Directory environment
11.) In the confirmation screen, click Install
This will install the server role and features only, not configuring!
12.) After the installation succeeded succesfully, click the red flag on top of the screen
13.) Navigate to Post-deployment Configuration and click Promote this server to a domain controller
14.) Supply the right credentials and click Next
15.) Type the Directory Service Restore Mode (DSRM) password and click Next
16.) In the review screen, you can save the Powershell script to perform this actions automatically the next time.
17.) After the configuration is finished, you’ll see the new domain controller within:
Active Directory Users and Computers
Active Directory Sites and Services








Cool free Windows 8 app…Server Posterpedia

Microsoft has released a great new free Windows 8 app…Server Posterpedia!Server Posterpedia is an interactive app that uses technical posters as a reference for  understanding Microsoft technologies.

You can download the app using the following URL: or in the App Store! How cool is that!



How to: Change the current Schema Master in Windows 2008 R2

Today I had to perform an Active Directory upgrade. I installed some new Windows 2008 R2 domain controllers. After a succesfull installation, I wanted to transfer the FSMO roles to the new domain controller(s). Four of the five went well, but how to transfer the Schema Master…?? There was no MMC snap-in available! This is the trick…

1.) Open a command prompt
2.) Type the command: regsvr32 schmmgmt.dll
3.) Open the Microsoft Management Console (mmc)
4.) Add the following snap-in: Active Directory Schema
5.) Right-click on the snap-in and select Change Active Directory Domain Controller
6.) Select one of the new installed domain controllers
7.) Right-click again and slect Operations Master
8.) Hit Change and select OK
9.) The Schema Master role is now transfered to the domain controller
10.) Check all the FSMO roles with the following command netdom /query FSMO



How to: Create users for testing purposes

If you want to create a large amount of test user accounts in your domain, you can use the following command to quickly add all the user accounts! This will save you a lot of time…. 😉

FOR /L %i in (1,1,100) DO dsadd user “cn=User%i,ou=Gebruikers,dc=exchange,dc=local” -samid User%i -upn User%i@Exchange.local -fn User%i -display User%i -pwd P@sswOrd -disabled no

Create new users in Active Directory with DSADD

Today I was testing some things in my Exchange 2007 environment. For this test I’ve to create 100 new users in Active Directory. So I’ve created a little script that made all the new users for me.

In this script I use the command line tool dsadd.

dsadd user “CN=Testuser01,OU=Gebruikers,DC=testlab,DC=local” -upn testuser01@testlab.local -fn testuser01 -pwd P@$$W@rd
dsadd user “CN=Testuser02,OU=Gebruikers,DC=testlab,DC=local” -upn testuser02@testlab.local -fn testuser02 -pwd P@$$W@rd
dsadd user “CN=Testuser03,OU=Gebruikers,DC=testlab,DC=local” -upn testuser03@testlab.local -fn testuser03 -pwd P@$$W@rd
dsadd user “CN=Testuser04,OU=Gebruikers,DC=testlab,DC=local” -upn testuser04@testlab.local -fn testuser04 -pwd P@$$W@rd
dsadd user “CN=Testuser05,OU=Gebruikers,DC=testlab,DC=local” -upn testuser05@testlab.local -fn testuser05 -pwd P@$$W@rd

Changing multiple passwords in Active Directory

All of you now that you cannot change multiple passwords of the user objects in the Active Directory through the Grafical User Interface (GUI). You’ve to click all the users one by one and so you can change the password of that specific user. There’s some good news 🙂 Default in Windows Server 2003 and Windows Server 2008 there’s a command net user. With this command you’re abble to change the password of multiple users in the Active Directory. Let’s do this in my testenvironment.

  • Open the commandline
  • Run the following command, net user. Now you get an overview of all the user objects in the Active Directory
  • Open notepad
  • Copy and past the right user and add the following things
  • net user <username> <password>
  • Be sure that the new password meets the configured Password Policy of your Defautl Domain Policy.


So you can see this will save you a lot of time….. 😉

Join domain batchfile

With the following script you can yoin a workstation to a domain. Copy the script into notepad and save it as an batchfile.

@echo off

cd \Temp\Tools
netdom.exe JOIN %COMPUTERNAME% /Domain:corp.local

 /UserD:WSimport /PasswordD:*** /OU:”OU=Workstations,DC=corp,DC=local”

Make sure the user you use in the script has administrative rights, so this user can join the workstations into de domain corp.local.