AD Trust – How to locate the DCs?

This is what looking for quite some times duo to Trustship across multiple sites.

 “The first DNS query for a DC in another forest will look for a DC in a site that matches the client’s site in its own forest.”
Old post in year 2008

Posted in Uncategorized | Leave a comment

AD Blogs-Reference

REBELADMIN – tech detail & how to

Posted in AD | Leave a comment

W2K3 AD FRS SYSVOL Issue – resolved

DEV AD has 3 DCs, and one DC has Journal Wrap Error, and other 2 DCs have no “SYSVOL” & “Netlogon” shared which means…. what ? you know.

One month ago, cloning this AD for a vendor to conduct the POC for AD 2012 upgrade, and they spent almost 1 day to trouble shoot this FRS issue and the result was to rebuild one of DC (I guess since the DC name was changed).

It is time to relook this issue and be ready for the upcoming project, but the solution is not that challenge

1. Refer a) & b) to resolve the Journal Wrap Error in the problematic DC, but FRS still not work

Note: Renaming the jet folder was a good idea

2. Refer c) to solve the FRS issue with D4 in one DC, and D2 in other 2 DCs. THANKS


a. The value for BurFlags registry key will AUTOMATIC returns from D2/D4 to 0 after re-start FRS service

b. Need to restart Netlogon service to enabling “NETLOGON” share






Posted in AD | Leave a comment

E2K10 – Legacy items – SendConnector

Just encounter the same problem to Disable/Remove a legacy SendConnector (“BGH-BOS”) in E2K10, and resolved based on the reference URL

Set the value to 4535486012416


Posted in Exchange 2010 | Leave a comment

Add Email Headers for Outlook (MAPI) – VBScript

It is quite easy to add the email headers for SMTP message, but NOT that straight forward for Outlook. Below is the way and tested in Outlook 2010

  • Dim ToAddress
  • Dim MessageSubject
  • Dim MessageBody
  • Dim MessageAttachment
  • Dim ol, ns, newMail
  • ToAddress = “”
  • MessageSubject = “Subject-TEST xxx ”
  • MessageBody = “Message Body –xxx ”
  • MessageAttachment = “D:\abc\message_zdm.html”
  • Set ol = WScript.CreateObject(“Outlook.Application”)
  • Set ns = ol.getNamespace(“MAPI”)
  • ns.logon “whoami”,”mypassword”,true,false
  • Set newMail = ol.CreateItem(olMailItem)
  • newMail.Subject = MessageSubject
  • newMail.Body = MessageBody & vbCrLf
  • newMail.Attachments.Add MessageAttachment
  • Set pa=newMail.PropertyAccessor
  • pa.SetProperty “{00020386-0000-0000-C000-000000000046}/X-IBE-Encrypted”, “class=SecureMail; version=3”
  • pa.SetProperty “{00020386-0000-0000-C000-000000000046}/X-IBE-Encrypted-Agent”, “vendor=Voltage; product=Encryption; version=x.x.x”
  • ‘ validate the recipient, just in case…
  • Set myRecipient = ns.CreateRecipient(ToAddress)
  • myRecipient.Resolve
  • If Not myRecipient.Resolved Then
  • MsgBox “unknown recipient”
  • Else
  • newMail.Recipients.Add(myRecipient)
  • newMail.Send
  • End If
  • Set ol = Nothing


Reference: to be updated

Posted in Exchange 2010 | Leave a comment

ESX Affinity Rules – Notes

Somehow need back to ESXi 5.5 for AD upgrade and to understand some advanced features, i.e Affinity Rules

How to Configure VMware Affinity Rules for DRS and Storage DRS

  1. Goal 1: VM-VM Affinity
  2. Goal 2: VM-VM Anti-Affinity rule
  3. Goal 3: VM-Host Affinity rule
  4. What is the difference between Must and Should rules?
  5. What about VM-VM affinity rules and HA?
  6. What about Storage DRS, are there affinity rules related to it?
  7. What about the Virtual disks of a single VM? – VMDK Anti-affinity
  8. Affinity rules are a powerful tool
Posted in VMWare | Leave a comment

AD Upgrade – Known Issue – KB2989971

25 June 2015

It turns out that weird things can happen when you mix Windows Server 2003 and Windows Server 2012 R2 DCs

UPDATE: The hotfix is now available for this issue! Get it at

Symptoms include:

1. When any domain user tries to log on to their computer, the logon may fail with “unknown username or bad password”. Only local logons are successful.

2. Operating Systems on which the issue has been seen: Windows 7, WS2008 R2, WS2012 R2

3. This can affect Clients and Servers(including Domain Controllers)

4. This problem specifically occurs after the affected machine has changed its password. It can vary from a few minutes to a few hours post the change before the symptoms manifest

Posted in AD | Leave a comment