Posts Tagged ‘Active Directory’

Adding users to sharepoint across a trust (One-Way or Two-Way)

July 31st, 2013

To have users from a trusted domain show up in the peoplepicker, you have to let sharepoint know about the trust. To do so run the following command based on which scenario you are in:

Two-Way Trust
STSADM.exe -o setproperty -pn peoplepicker-searchadforests -pv forest:goldentemple.corp;domain:postholdings.com -url http://sharepoint/

One-Way Trust
STSADM.exe -o setproperty -pn peoplepicker-searchadforests -pv forest:yourprimarydomain.com;domain:trusteddomain.com,username,password -url http://yoursharepointsite/
For one-way trusts you will also need to run the following command on all front-end servers in your farm with a key that you make up:
STSADM.exe -o setapppassword -password key

http://technet.microsoft.com/en-us/library/cc262051%28v=office.12%29.aspx

Tags: , ,
Posted in Uncategorized | Comments (0)

Binding iMac to Active Directory Error – Invalid Username and Password

July 11th, 2011

Problem

Binding iMac to Active Directory Error – Invalid Username and Password
Keywords: iMac, apple, bind, active directory

Platform

iMac Snow Leopard

Symptoms

Computer was working just find. One day it just stopped being able to authenticate users. The screen would just shake.

Fix

Did an unbind to remove it from the domain and rejoin it. It originally would not unbind gracefully. I deleted the AD object so that when it was rejoined it would not have issues with an existing object. This didnt work. It still gave me the invalid username/password error. Did some looking and found the following fix. NOTE this will delete all of your directory configs, so you should make notes of the domain/host names for the different directory bindings that you have. It will delete them ALL (Open Directory, active directory, etc.):

sudo rm -rdfv /Library/Preferences/DirectoryService
sudo rm -rdfv /var/db/dslocal/nodes/Default/config
sudo killall DirectoryService

Once this is done reboot then try to bind again.

Note: I saw another resource that mentioned to look at the time of the computer as that could be why it lost connection with AD and subsequently why it could not authenticate.

Tags: , ,
Posted in Uncategorized | Comments (0)

Shared printers not able to be added from Server 2008 R2 Print Server

September 2nd, 2010

Problem

Shared printers not able to be added from Server 2008 R2 Print Server Posted By: Larry Woods Date: 8/20/2010

Keywords: Group Policy object did not apply because it failed with error code ‘0x80070709 The printer name is invalid.’ This error was suppressed., Check Printer Name

Platform

Windows 7 Client, Server 2008 R2 Print Server

Symptoms

When trying to connect to printers that were being deployed through group policy an error is logged on the client: Group Policy object did not apply because it failed with error code ‘0x80070709 The printer name is invalid.’ This error was suppressed. If you manually browse to the FQDN server name and double click on the printer it will give you an error to check the printer name. However if you browse to the NetBIOS name it will allow you to add the printer.

Fix

I found the following websites:

http://social.technet.microsoft.com/Forums/en-US/winserverprint/thread/1f6af4e6-3388-4b11-8953-e36f7383e7eb http://support.microsoft.com/kb/979602 The pertinent information is: Enable CNAMEs (or alternate non DNS Strict Names) on print servers
If you can ping the print server and authenticate, but the server still fails it is likely you need to enable this setting on the server for CNAMEs to work on print servers.

Type this in at a command prompt:
reg add HKLM\SYSTEM\CurrentControlSet\Control\Print /v DnsOnWire /t REG_DWORD /d 1

In my case the DNS situation caused this issue. Its public and internal Fully Qualified DNS Name (\\printserver.area.domain.com) was differend from its Fully Qualified Domain Name (\\printserver.domain.com). When trying to add the printer, the printer server does a check and sees that you are trying to add the printer as the fully qualified dns name and errors out because it can only serve the printer as the fully qualified domain name.

Tags: , , ,
Posted in Uncategorized | Comments (0)