Awinish's Technical Blog

Lets continue the journey of learning & Share.!!

Visitors Space

If, you have any query(Technical or Non-technical) or  wish to me point me to specific question, please post here & i’ll respond to it. I have got a permanent full time job as well as personal life, so replying your queries might take time, but reply is sure as soon.

33 Responses to “Visitors Space”

  1. Vikrant said

    Hi Awinish,
    Can you please help me with the install mode on windows server. Also, please clear the doubt regarding :-
    1) While installing a program on windows server 2003 or 2008,do we need to do it in the install mode ? Is it mandatory ?

    • Awinish said

      Install mode was in NT,windows 2000 etc & in older dell hardware which can be turned off, using local admin group membership ID you can install/run any program in windows 2003 or 2008/R2.
      In windows 2008 R2 there is UAC(User access control) which requires any software/application to be installed using runas administrator, reason prevent non admin user to install software. Even though you are member of administrators group, if UAC is enabled, you are required to use runas administrator for installing or launching application, administrator account too is controlled via UAC.

      UAC Overview

      • Vikrant said

        Thank you Awinish for the reply. So, if i understand you correctly, there is no need to go to command prompt and execute the change user /install command to switch to install mode on windows 2k8 R2/windows 7 or windows 2k3 server? I can directly install it using run as admin (on windows server 2k8/windows7) and in windows 2k3, just execute the .exe file? Can you please clarify me on this matter. i appreciate your help.

  2. Awinish said

    Yes, you don’t required to go to cmd to change the mode, speaking truly, i haven’t used till now this install mode, so you require a account which is member of local admin group thats it & in windows 2008 you need to use runas administrator option(UAC can be disabled compromising with risk, but its not recommended) to instll software.

  3. vikrant said

    Thanks a lot Awinish for clarifying the doubt. Really appreciate your help. The link you provided for the UAC was very helpful as well. Will keep you posted when i need help. Thank you.

  4. Awinish said

    You are most welcome..:-)

  5. Sivakumar said

    What is the use of authorive and non authoritive restore mode? when to use this mode and how to do?

  6. Awinish said

    I would presume, you are talking about AD Authoritative/Non- Authoritative restore. Authoritative restore of AD is pushing the changes to other DC’s in the forest where as Non-Authoritative restore means pulling the changes from other DC’s to restored DC.

    Consider, you deleted a object by mistake & you want to restore it back, since object is assigned with USN no, on any modification USN no is updated, so object which was deleted has its new USN no & marked for deletion in TSL.

    Since all the DC’s in the domain has been updated with New USN no on deletion, if you restore the object from backup which is prior to deletion have old USN no than deletion USN no. Once you restore the object it is non-authoritative, but since USN of deleted object is higher, once you restore & reboot, it will check on other DC’s in the forest & will find its USN is older & they have info this object is deleted, so they will delete it back.
    In order to preserver the object we have to mark the object authoritative after restoring the object using backup in DSRM mode.

    Difference between Authoritative/Non-Authoritative restore

    Steps for Authoritative/Non-Authoritative restore

  7. jigs said

    How can i configure two exchange profile in outlook? And can user access the both outlook profile at the same time?

  8. Awinish said

    You are required to have outlook 2010 to configure multiple email profile.

  9. jigs said


  10. jigs said


    We have more than 5 location and each location have ADC. When user join computer to the domain, the computer located by default in Computer OU. And i have manually move this computer to the appropriate OU. is it possible when the user1 join the computer to the domain, the computer automatically move to the not user1 Users OU but it will move to computers OU of the purticular location. We created both OU for each location 1) Users 2)Computers. OR Guide me any other way to solve this problem.

  11. Awinish said

    You can use redircpm & redirusr tool to achieve,what you are asking from your post.

  12. jigs said

    How can i get the user list on daily who is log in to the domain in windows 2008.

  13. Awinish said

    Take a look at below discussions on technet forum.

    Jigs, I would request, please post your queries/questions to Microsoft Technet forum, which can help not only you but all with additional advice from others experts.

  14. Ajeet Singh said

    Great blog I like it.
    much helpful…
    I love AD and Exchange..

  15. Saikat Chatterjee said


    I am really in trouble with my Exchange server. I have an IBM 3650 M3 server with Windows Server 2008 R2 x64. I have installed

    active directory and microsoft exchange server 2010 on it. I have taken a full system backup using Windows server backup. Now the

    problem is I cannot restore the same environment on a different hardware. I have done authoritative system restore on a HP Pavilion

    but after restarting it is giving blue screen error. No way I can get back to the system.

    If full system restore is not possible on a different hardware then please help to accomplish at least two things..

    1. I want all the active directory users with all OUs to be restored on a differnt system with same or different domain name.
    2. Restore the mail boxes on the exchange server and sychronize between AD and the respective mailboxes.

    By doing this I can bring back my exchange server. Can anyone help me?

    Thanks and regards,

    Saikat Chatterjee

    • Awinish said

      System state backup on different hardware is neither recommended nor supported.Even though you can install on similar hardware but in most of the scenarios it doesn’t work due to difference in driver level let it be graphics,NiC or any other.
      Running Exchange on DC is a bad practice, due to various implications like performance, security,not able to contact any other GC apart from the DC it is being installed.

      Don’t try to restore something like this means system state backup of one dc to another as it doesn’t work.

  16. shabeer said

    Dear Mr.Awinish,

    I want to put two DC in different locations. I need to use DC name as my company name (Eg: not ‘abc.local’. What i will do next? Domain name reg is possible freely and it secured?

    • Awinish said

      Domain name registration on internet is not free, but you can use use any domain name hosting internal AD. Domain registration is required when you want to publish your domain on internet. You can have any name as long as its not conflicting with already existing domain in your network.

  17. Imran Khan said

    I have a similar situation. One of our DC which did not have any role just a domain controller to serve the users and other machines in our branch office. Few months before we had to disconnect our branch office from our existing ISP and connect it to another ISP. In this process the domain controller in the branch office did not have any connection and means of replication.

    Now we have brought back the branch office in to our ISP and everything is connected. Now the Domain controller in the branch office has been giving replication error. Also the users are not able to connect to exchange server from their desktop. I changed the DNS for the desktop to point everything to our head office but still. Does it mean we will have to remove all the machine from the domain and re add it to the domain.

    Also you suggested that in this post that we will have to demote and promote problamatic domain controller. I will ask the same question again that do we have to remove all the user machines and servers in the branch office or will not be required since the fresh domain controller is available.

    Another question I would like to find that in this circumstances when you have a domain controller which was not replicating for more than 60 days, can I introduce another domain controller and then demote the problamatic domain controller.

    Any assistance will be highly appreciated.


  18. Mahesh said

    Great blog I like it.
    your each and every blog is very helpful.
    Thank you so much..

  19. Prakash said

    hi awinish

    i got error on DC that “security database on the server does not have a computer account for this workstation trust relationship”. hence i coudn’t able to logon DC. could you help me out to resolve the issue.

  20. Gokul said

    Hi Awinish
    Hope doing well; I could see many articles &references has been provided in this BLOG.. MY wishes to continue the same.

    I need some help regarding the Windows server backup issues on 2008 R2 standrad.. Pls refer the technet quesion and let me know your suggestins>

  21. PNK said

    Hi Awinish,

    I had a query which I thought you were the best one to answer.
    One of our sites has been decomissioned, the site object corresponding to that location is still there in AD sites and services. what are the consideration to be taken before we delete it and possible impacts.
    Please reply.

  22. Hill Tang said


    your blog is so helpful.

    I have a question
    Currently, we have 1 03 DC and 1 08 R2 DC, all the role is now under 03 and 1 07 exchange We want to upgrade the 03 to 2012 and transfer the roles to 08 R2. Do we have to do anything on the exchange or ad? or we just need to upgrade the AD directly? Thanks.

  23. Rajeshkannan said

    Hi I am rajesh Kannan..

    How to sync the DC time with IST time. its lacking 10 mints back..

  24. raj said

    Can u share me ur views on the below thread?


  25. Rajiv said

    I just enable the Active directory recycle bin option in my server 2k8r2 x64 enterprise edition.I was compacting the “ntds.dit” file using ntdsutil command. But I noticed that before the compaction the size of the ntds.dit was 16MB but after compaction instead of reducing its size was 26MB. Can you tell me why this happened so??

  26. RaChen said


    We are using ADFS to implement Single Sign On Solution. Our intended policy was to never expire the password. However we noticed that users are receiving password expiry page and decided to fix it. We changed our group policy setting maxPasswordAge to -9223372036854775808 (never). Still we get complaints that users are seeing password expiry. Will setting the maxpasswordage to -9223372036854775808 (never) will make users change their password once before making it never expire? I don’t see any documentation on this. Please throw some light into this issue.

  27. Sam said

    Hi Awinash,

    I am facing issue with GPO, i have posted same on technet, but still not got correct reply.

    please help me with this

  28. Prashant said

    Hi Awanish,

    We have currently using windows 2003 domain controllers and we want only OS migrate to Windows 2012.
    Is it possible? what are the things I need to consider while I do OS migration?

  29. zahed sohail said

    I have to implement exchange 2016 in xyz.local domain, they have domain hosted…

    The requirement is to just make setup with this, not renaming the domain from xyz.local to

    How should I proceed and where i need to make changes in DNS & records. What additional records need to be created and where..

    Also what about SSL certificate,? Shall I start with .local and redirect in DNS from to xyz.local and what ssl cert should i purchase ( with Domain name ) .

    Please kindly provide me all necessary additional steps that need to be done based on this requirement( in terms of DNS / Redirection from to xyz.local) & DNS records on Internet hosting, SSL certificate.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s