This post will show you how to create Organizational Unit in active directory using command line. Lets say we want to create OU named “TestUsers” in root of our Testdomain.com domain. To do it open command line on your Windows server 2008 and type:
dsadd OU cn=TestUsers,dc=testdomain,dc=com
This post will show you how to install domain controller role on your Windows server 2008 using answer file. Lets say you have answer file “NewDCInstall” which is readied for domain services install. Open command line and type:
dcpromo /answer:NewDCInstall
This post will show you how to use command line to export active directory data to CSV file. Lets say we want to export all objects from Organizational Unit named “FinanceUsers” to exportusr.csv file. Open command line on your Windows server 2008 and type:
csvde -d “ou=FinanceUsers,dc=testdomain,dc=com” -f exportusr.csv
You have Windows server 2008 and want to install Read Only Domain Controller role on it? First you need to prepare your domain before you can do this operation. For that open command line on your Windows server 2008 and type:
adprep /rodcprep
How to #CMD by Thomas
I got situation when administrator deleted OU named “Secred” by mistake. Location of this OU was OU=Secret,OU=PrivUsers,DC=mydomain,DC=com.
To restore it first of all we need to perform non-authoritative restore. To perform it boot your Windows server 2003 into Directory Services Restore Mode (F8 when booting server) and restore latest system state backup with OU secret in place.
Note, if you dont know DSRM password, check this article how to reset it.
After system state restore dont reboot server.
It is time to start authoritative restore. To do that open command line and type:
ntdsutil and press Enter
authoritative restore and press Enter
restore subtree “OU=Secret,OU=PrivUsers,DC=mydomain,DC=com” and press Enter
Confirm that authoritative restore should increase version numbers when prompted and exit ntdsutil by typing quit two times. After that reboot server into normal mode.
In this post you`ll see how to join your Windows server 2008 Core to domain named testdomain.com using user ID testuser. To do that type in command line:
netdom join %computername% /domain:testdomain.com /userd: testdomain.com\testuser /passwordd:*
If you think that your active directory can be corrupted you should perform integrity check. To do that you must boot your Windows server 2003 into Directory Services Restore Mode. How to do that you can can check in article named “Windows server 2003 – How to access Active Directory services restore mode remotely”. After login open command line ant type:
Ntdsutil and press Enter
Files and press Enter
Integrity and press Enter
I think all you know that in order to access active directory services restore mode you must press F8 when booting your server and then select Directory Services restore mode from boot options menu. But how to do that if your server is at remote location and you can reach it only via Remote Dektop connection (Start>Run mstsc /console). Nope, no ILO too…
There is a way! Connect to that Windows server 2003 via rdp and open boot.ini file in notepad. Then add following text to the end of the boot.ini file:
/SAFEBOOT:DSREPAIR
Save boot.ini file and reboot server. After reboot connect with RDC (Start>Run mstsc /console) and login using Local Administrators account.
After you will finish your work with server in Directory Services Restore Mode dont forget to delete that extra line you added to boot.ini.