Apple ip

hi evevyone does know if , how windows server 2012 cmdlets (more 50) and install them on windows 7 workstation? found articles to install ad module , few others, everytime sit @ workstation , open powershell i'm missing bunch of cmdlets, net tcp/ip , on. so there way them on windows 7, 1 shot, can administer servers. regards ernie prescott hi, following discussion might of help missing powershell 3.0 cmdlets in windows 7 (disable-netadapter) i move thread powershell forum, perhaps, might additional inputs there. regards, santosh i not represent organisation work for, opinions expressed here, own. posting provided as is no warranties or guarantees , confers no rights. blog | wiki Windows Server  >  Windows PowerShell

hello i have gpos in test environment (server  2008 ) , wants transfer gpos production server ( server 2012 ) there no trust between them , domains different. pls me how can transfer gpos real server (2008 2012). thanx hi, thanks post. based on experience, key challenge when migrating group policy objects (gpos) 1 domain or forest information in gpo specific domain or forest gpo defined. when transferring gpo new domain or forest, may not desirable, or possible, use same settings. can use migration table reference users, groups, computers, , unc paths in source gpo new values in destination gpo. work migration tables http://technet.microsoft.com/en-us/library/cc754682.aspx besides, following blog provides method of migrating gpos via powershell: three steps migrate group policy between active directory domains or forests using powershell http://blogs.technet.com/b/ashleymcglone/archive/2014/04/28/three-steps-to-migrate-group-policy-with-powershell.aspx sim

hi there, we have 2 active gpo's. 1. general desktop users applied accross company, 2. laptop users connect remotley our network. i using a test laptop apply laptop users policy to. have added laptop (computer object) policy , logged computer myself (an authenticated user). authenticated users subject general desktop users gpo, policy overriding laptop gpo. is there way can force laptop gpo take control, policy , the computers in policy? thanks in advance! hello, beckyboo123. in gpos, have hability take more or less precedence. review ou want modify , move or down gpo want. regards. oscar abad -- freelance consultant mcitp enterprise administrator mcitp server administrator mcts microsoft exchange server 2010, configuration mcts windows server 2008 r2, server virtualization http;//www.aprendeinformaticaconmigo.com http://www.serverswin.com Windows Server

hi, we have been deploying windows 2008 r2 enterprise recently. does version support 32-bit applications? we have service pack 1 installed also. build 7601.   it not seem support 32-bit applications. and getting error messages when installing wow64.   any info appreciated. thanks.   javier lao tech hardware analyst public works it city of houston hello, as microsoft not responsible other vendors software such list doesn't exist. please contact vendor about, if application talking supported, if yes , have problems please post here , add application. also see: http://www.microsoft.com/windowsserver2008/en/us/supported-applications.aspx  and http://www.microsoft.com/windowsserver2008/en/us/appcompat.aspx best regards meinolf weber disclaimer: posting provided "as is" no warranties or guarantees , , confers no rights. Windows Server

hello, i used previous os windows vista adding argument /span on client reach office computer under windows 7. but didn't managed on windows 10 remote desktop client reach office pc (on windows 7). my monitors have same resolution 1920*1080. the resolution on office pc dual 2048*1152. thank reading issue. best regards, hi, please try use /multimon switch see whether works. in addition, testing purpose, may lower resolution see happens. here related article below you: using multiple monitors in remote desktop session https://blogs.technet.microsoft.com/enterprisemobility/2009/07/01/using-multiple-monitors-in-remote-desktop-session/ best regards, amy please remember mark replies answers if , un-mark them if provide no help. if have feedback technet subscriber support, contact tnmff@microsoft.com. Windows Server  > 

i have windows server 2003 standalone root (which offline).   have enterprise subordinates on both 2003 , 2008.  now repalce 2003 standalone root new server running 2008r2.  path doing this?  can following- bring new standalone root, new server name server-x, re-use same root ca names rootca , import backed db/certs, update links , go? rich if existing root ca member of workgroup path simplier: 1) backup existing ca certificate, db, registry configuration 2) setup new standalone root ca. during installation wizard prompted generate new keys or import pfx file. select option , import existing ca certificate. after role installation restore ca database , registry configuration settings. if necessary modify cdp , aia extensions. my weblog: http://en-us.sysadmins.lv powershell pki module: http://pspki.codeplex.com Windows Server  > 

ok, have wsus , running on new windows 2012 build.  it's syncing microsoft correctly.  i'm seeing updates.  i'm able approve them , them ready send out unwashed masses here @ office. however, life of me, cannot single client see server.  i've got gpo setup correctly.  (i believe.)  however, know it's more basic that, because if attempt hit http://<servername>/iuident.cab ?  ie promptly reports me website can't found.  if go "normal" http://<servername>, iis8 banner shows in glory. now...i'll first admit iis isn't forte...but have sneaky suspicion has run amok, or foul within state of iis.  (not denmark, assumed literate types.) any suggestions start digging iis determine connection between iis , wsus might broken?  and really, really, helps if assign group have access gpo you've created.  once went ahead , created , assigned computer group?  worked champ.

hi, having issue in server 2008 host record in ipv6. problem began when changed server name. shows both old , new records server name. have 2 dns servers 1 2003 , 1 2008. have manualy deleted the records both. when forced replication entries don't show , shouldn't. after several hours somehow puts record back. idea getting old server name from? no issues ipv4.... hi there, have enabled dns scavenging on dns server ? can please tell how many nic adapters server has please see below article http://support.microsoft.com/kb/246804 sainath windows driver development Windows Server  >  Platform Networking

hello about 2 weeks ago logged on 1 of our servers , ever since have been getting locked out randomly no reason. please help thanks josh hello josh there quite lot of  reasons behind problem. there couple of things should verify in order solve this. check similar thread , let know if helpful.   need troubleshooting account lockout but in nutshell: there are plenty of reasons account being locked out. important reasons listed below: some services use credentials in their start up process. have determine if have correctly set user , password services in " services.msc" check  credential manager  for wrong configured user , passwords. mapped drives wrong credential can cause "login failure" event. check your environment for "conficker" worm. there handy tool detecting conficker in network can downloaded from  here.   e ventually event "login failure" can lead account lockout problem. must check event viewe

hi all, is possible have dfs namspace server working as a branchcache server !!  hi, generally use either dfs or branchcache provide similar function (for accessing files on local site). if dfs repliation set, seems not need use branchcache in same time. what's exact enviroment?   branchcache dfsr hardware infrastructure required none, if running in distributed cache mode need file server in branch office types of data cached smb2, http, https smb1 , smb2 what drives caching user reading data brings data cache administrator defines data set replicated , replication schedule cache lifetime “least used” data evicted cache when under disk pressure. otherwise, data not accessed in 28 days aged out data never expires file version seen clients clients latest content central server clients see version of content has been replicated branch

i have been playing nps few days , basics.. it's not going planned. what wanted achieve nps server used radius authentication server in our aerohive (wired & wireless) solution. want prevent access our network unauthorized devices. therefor whipped basic vlan category. vlan 1: servers every server wired on fixed location. these switchports defined on vlan 1. vlan 2: trusted devices devices need network access printers, access control devices, mfc's, etc. verified mac address vlan 5: domain computers the computer account has member of domain computers. these verified there computer object name. vlan 6: trusted alien computers other computer devices not member of our domain need access our network. verified mac address. vlan 10: ip phones hardware phones need access pabx. mac or switchport. if possible, i'd prefer mac because people use patch port @ of phone wired connection. vlan 20: guest every other request should placed in vlan 20. kind of fa

hi all, operating system - windows server 2012 r2 we have set 3 tier ca hierarchy. root ca->subca->issuing ca ndes service installed @ issuing ca. we have developed client application retrieve crl issuing ca via scep protocol. we error "transaction not permitted or supported" reply in client issuing ca ndes. on viewing event viewer @ issuing ca, can see "event id : 45, says "ndes cannot match issuer , serial number in device request certification authority (ca) certificate" -------------------------------- we have reviewed implementation of client multiple times. filling issuer , serial number information "issuing ca certificate" device crl download request. testing purpose, have tried fill same "ca root certificate" "enrolled certificate device received signed issuing ca". the same error happens 2 tier hierarchy well. -------------------------------------------------------- however crl retrie

i'm trying setup basic wsus update strategy testing computer group , production computer group. i'll talk windows 7 keep simple. i've created custom update view called windows 7 show me updates windows 7 products (w7 updates, office updates, silverlight). have created 2 computer groups: testing computers , production computers (they're both nested under computers). want through custom windows 7 update view, select updates , approve them testing computer group, once i've verified updates good, want approve same updates production computers group. far have not figured out intuitive way keep track of updates have been approved testing computer group , production computer group. so make easy this, i've created 2 custom update views named "approved updates testing computers" , "approved updates production computers." i've selected these custom update views show approved updates respective group. ideally can go approved updates testi

hi all, i'm having issues with script i'm building, want create 1 storagepool with 1 physical drive 2 available disks, then create virtualdisk , volume with 1 disk in storagepool, initialize disk, format volume - the run same remaining disk so far can script building storagepool both available disks get-physical -canpool $true can't specify 1 disk -friendlyname below script -canpool $true works  $drivelogs = "sqldblogs" $physicaldisks = get-storagesubsystem -friendlyname "storage spaces*" | get-physicaldisk -canpool $true new-storagepool -friendlyname $drivelogs -storagesubsystemfriendlyname "storage spaces*" -physicaldisks $physicaldisks | new-virtualdisk -friendlyname $drivelogs -provisioningtype fixed -usemaximumsize | initialize-disk -passthru |new-partition -driveletter e -usemaximumsize | format-volume get-volume -driveletter e | set-volume -newfilesystemlabel sqldblogs specifying 1 disk 2 available (which i'm trying

i message when check windows 2008 r2 server event log go custom view server roles file server then event viewer cannot open event log or custom view. verify event log service running or query long event log file corrupted 1500 besides can check these links   http://www.howtogeek.com/howto/windows-vista/fixing-event-viewer-cannot-open-the-event-log-when-viewing-system-logs/ http://technet.microsoft.com/en-us/library/cc738322(v=ws.10).aspx regards, ravikumar p Windows Server  >  Windows Server General Forum

i learned module became available, it's available on windows 10 devices, not windows 7. i've updated powershell on win7 machine using windows management framework 5.1 update , powershell version 5.1.14409.1005, version i'm seeing on win10 machines 5.1.15063.0. is pki module available win7 or need keep using makecert.exe though it's been deprecated? if pki module available win7 need it? i'm looking pki module developed microsoft , included in wmf 5.0, not third party pkitools module. \_(ツ)_/ not available windows 7. \_(ツ)_/ Windows Server  >  Windows PowerShell

i keep getting message windows closed application protect computer , data hi, as meinolf said please provide details this might occur because of dep check link below http://ask-leo.com/what_does_to_help_protect_your_computer_windows_has_closed_this_program_mean_and_what_do_i_do.html disclaimer: posting provided as-is no warranties or guarantees , confers no rights. please remember click “mark answer” on post helps you, , click “unmark answer” if marked post not answer question. can beneficial other community members reading thread. Windows Server  >  Windows Server General Forum

i have been running windows 10 few weeks no problems. month update came out downloaded it. point on front , audio jacks don't work, usb's do. have tried different earphones , no luck. i'm guessing a new fault os? i have resolved myself. update not support quality device set to.  for people having issue in future help http://microsoft-news.com/heres-how-to-fix-sound-drivers-issues-on-windows-10-build-10130/ Windows 10 Insider Preview  >  Windows 10 Insider Preview General

<?xml version="1.0" encoding="utf-8"?> <unattend xmlns="urn:schemas-microsoft-com:unattend"> <settings pass="windowspe"> <component name="microsoft-windows-setup" processorarchitecture="amd64" publickeytoken="31bf3856ad364e35" language="neutral" versionscope="nonsxs" xmlns:wcm="http://schemas.microsoft.com/wmiconfig/2002/state" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"> <upgradedata> <upgrade>true</upgrade> </upgradedata> <imageinstall> <osimage> <installfrom> <metadata wcm:action="add"> <key>/image/index</key> <value>windows server 2016 serverdatacenter</value> </metadata> </installfrom> <installtoavailableparti

dear all, we have dell server 2950 connected t dell md3000 , md 1000 , configured nas server today 1 of user complained unable access share resources on nas server try open rdp denied ping successful when login on nas server physically takes more time normal when open task manager not showing network devices menu , ram 4 gb utilize out of 8 gb re-booted nas server,when check event found below lots of times event id: 2019 source: srv type: error description: server unable allocate system nonpaged pool because pool empty. so after resarch if found , read below mention link indicates happends due multiple issues http://support.microsoft.com/kb/822219 but in event viewer found , warning before srv following event id: 2013 source: type: warning description: f: disk @ or near capacity.  may need delete files. so found main issue of problem space correct problem ? need valuable comments regards, osama hi osama, as said, worth have try o

is there way view user's connected printers on 2008 r2 terminal server? appears feature has gone away in r2. also, how can turn on logging of printer redirection see printers or don't connected correctly? we've turned off easy print. orange county district attorney hi, are member of local print operators group on rdsh server?  please open command prompt , enter whoami /groups verify group membership.  should see builtin\print operators in results.  should not necessary, if have uac enabled (the default), may want try right-clicking on print management , choosing run administrator.  make sure print operators enabled in security token, although again print management should automatically elevate enabled.   uac turned on print operators disabled normal processes. print management should work fine--it not require server print server.  use viewing redirected (and local) printers on rdsh servers. thanks. -tp

what srv records? hi, an srv record used map name of service dns computer name of server offers service. can find out more info on srv resource records in following technet article: http://technet.microsoft.com/en-us/library/cc961719.aspx regards, salvador manaois iii ceh ciwa mcse mcsa mcts mcitp ---------------------------------------------------------------------------- bytes & badz : http://badzmanaois.blogspot.com my passion : http://www.flickr.com/photos/badzmanaois my scripting blog : http://sgwindowsgroup.org/blogs/badz   Windows Server  >  Directory Services

2003 active directory terminal services 2003 -- looking move ts server 2008 -> 280 desktops xpsp3, have 2 dcs 2003, , additional 8 server 2003 std.  have 3 server 2000 machines , 1 server 2008 std (domain member). server 2000 machines run citrix metafame xp, delivering apps.  moving ts apps on server 2008.... 1 server @ time. if move ts licensing server 2008, server 2000ts licenses continue work? is, can follow prompts , migrate our existing 2000 , 2003 licenses 2008 server without losing them?  have additional licenses server 2008 ts clients. hi, w2000 ts licenses not valid 2008. need 2008 ts , server cal's http://technet.microsoft.com/en-us/library/cc754034(ws.10).aspx w2000 licenses continue function clients connecting w2000 ts servers, not ones connecting w2008 though. also keep in mind can not go w2000 w2008. as highly recommend go 64bit hence next release w2008 r2 available in 64bit. citrix technology professional , pubforum.net founder , linkedin , ts training

hello, powershell 3.0 novice , want add feature first ever production script tool. the script below local user accounts remote computers listed in a .txt file export .csv format.  how can incorporate local groups each local user account member of?  each local user account retrieved want list local groups member of. get-ciminstance -classname win32_useraccount -filter “localaccount=’true’” -computername (get-content c:\ps\<listofcomputers>.txt) | export-csv c:\ps\<name>_localuseraccounts.csv (export .csv) your insight appreciated, matt, ps 3.0 novice matt hi matt, give try: get-content .\computerstocheck.txt | foreach { $adsi = [adsi]"winnt://$_" $adsi.children | {$_.schemaclassname -eq 'user'} | foreach-object { $groups = $_.groups() | foreach-object {$_.gettype().invokemember("name", 'getproperty', $null, $_, $null)} $_ | select-object @{n='computername';e={$adsi.name}},@{n='userna

the step step guide instructs me use stand alone ca complete lab, i've done , success great greg. now need enterprise subordinate ca. i've done following modifications at hra (same box nps), configure "use enterprise certification authority" and chose available template (systemhealthauthentication) then test results, it's quite weird. the hra did request certificate, it's name "npsservername.mydomain.com", , installed on clients (both domain , non domain clients) it suppose "clientcomputer$.mydomain.com" right? what's reason, please help, thank much mcse mcitp:ea ccnp hi andrew, we've exchanged emails on issue already. think that setting certificate template properties "supply in request" on subject name tab fixed problem. you had interesting results @ first caused certificate "unauthenticated system health authentication" i've seen happen couple other times. issue resolved after 10 minutes. going to inve

i had guy before me make bunch of group in ad don't need , not sure do.  need know if there ps script can run , see if these group attacted to any folder.  need find way clean ad and this is big part of it. thanks can give.   you might want try shareenum and accessenum http://technet.microsoft.com/en-us/sysinternals/bb897442.aspx http://technet.microsoft.com/en-us/sysinternals/bb897332.aspx i not represent organisation work for, opinions expressed here own. this posting provided "as is" no warranties or guarantees , confers no rights. - .... .- -. -.- ... --..-- ... .- -. - --- ... .... Windows Server  >  Directory Services

hi all, i'm having myself reacquantied offline files after swearing oath stay away them when mixed folder redirections around xp launch timeframe. suffice i've had no real dramas working offline files in own right, i'm having problems working them via group policy settings. in essence, need redirect documents documents folder located within unc mapped home drive. can represented as: h:\ ( \\domain.edu.au\dfsnamespace\%username% ) h:\my documents as assumed unc, dfs namespace. so far, i'm @ point documents correctly made available offline - being second bullet point covered. however, can't seem achieve resolving requirement first bullet point made permanently offline. i'm using following 2 group policy settings: computer configuration/policies/administrative templates/network/offline files: administratively assigned offline files = enabled; computer configuration/policies/administrative templates/network/offline files: subfolders available o

greetings! recently i've been seeing windows server update services event 10052 (can't send email notifications) errors in our wsus server application log. error means wsus unable send windows update notification information , via e-mail, , yes, have not received such mail wsus server while.  however, thing not understand can send , receive test mail wsus server fine. means that it that problem not lie smtp server or network, rather wsus server itself. also, windows update programs applied server in question recently, that may have something it. so strange. have ideas going on? hi, event id 10052 indicates invalid server specified or not have permission required complete operation. this issue can occur if specified incorrect exchange server computer or if server cannot reached. verify the configuration,and if persists,you may ask in exchange forum see whether there possible issues. best regards, clarence please remember click “mark answer” on post helps

how can listing of usernames , sid out of nt4 domain controller? far have been able see sid's users have logged on physically controllers not users in nt4 domain. technet hi, nt server has been unsupported long time,  uh..from 2005? http://support.microsoft.com/gp/lifewinfaq#windows nt server tools available nt hard find not mention meet needs here. check here see if here: http://www.microsoft.com/resources/documentation/windowsnt/4/server/reskit/en-us/resguide/sresfrnt.mspx?mfr=true http://support.microsoft.com/ph/3188 rgds Windows Server  >  Migration

microsoft baseline security analyzer (mbsa) easy-to-use tool designed professional helps small- , medium-sized businesses determine security state in accordance microsoft security recommendations , offers specific remediation guidance. improve security management process using mbsa detect common security misconfigurations , missing security updates on computer systems. if have questions it, please post it. hello, and question mbsa is? best regards meinolf weber disclaimer: posting provided "as is" no warranties or guarantees , , confers no rights. Windows Server  >  Windows Server General Forum

hi, in script want restart  a server , wait until server run next command. i know in posh 3 can use -wait need use posh 2 what best way?  restart-computer  -computername $svr  -asjob thanks you a endless loop until server again restart-computer $server do { sleep 10 # sleep 10 secs, test ping }while (!(test-connection $server)) issue see is, can successful ping, if server isn't up, , still booting. depending on next tasks, may or may not run correctly. if find post has answered question, please mark answer. if find post helpful in anyway, please click vote helpful. don't retire technet Windows Server  >  Windows PowerShell

we have direct access deployed in our production domain/sub net.  we have 2 domains- production , training.  we da work across both domains inside our firewall.  we have 1 way trust relationship setup between production , training. when using da trust relationship not work.  i can not ping computername.training.com can inside our firewall.  however can ping computername.production.com fine.  da works fine accessing production resources. i attempted add training.com dns/dns suffix search list infrastructure server setup (step 3).  added name suffix , ip of our training dns server did not work.   what next steps/is possible?  do need configure da server on training domain , somehow connect da server on production network?  do need assign training network adapter current da on production static ip training domain/sub net?   da deployed using 1 network adapter.  firewall setup a  nat rule setup public ip internal lan ip on  port: 443.   we bit new da these correct questions ,

i have backup server running win2008r2 veeam. it's using builtin iscsi initiator connect storage. i'd serve storage that's directly connected (dell md1000), backup server.  can run microsoft iscsi software target software acts target? break existing iscsi initiator settings? hi carltonw1, my lab 2012/r2 . i installed new 2008r2 , seems doesn't support iscsi connect . best regards elton ji we trying better understand customer views on social support experience, participation in interview project appreciated if have time. helping make community forums great place. Windows Server  >  Windows Server General Forum

i have 700 stand alone machines need point @ wsus server via registry settings.  testing now, have dozen pointing there now.  @ of locations getting prompted "updates have been installed , system needs restarted" -- or effect.  is there way can supress , windows update prompts?  these systems pos terminals.  - au scheduled friday @ 1am , got call location getting prompt (12 hours later).  these machines on automatic schedule reboot - happen. here registry settings:   [hkey_local_machine\software\policies\microsoft\windows\windowsupdate] "wuserver"="http://wsus.retail.mydomain.local" "wustatusserver"="http://wsus.retail.mydomain.local" "elevatenonadmins"=dword:00000000 [hkey_local_machine\software\policies\microsoft\windows\windowsupdate\au] "noautoupdate"=dword:00000000 "auoptions"=dword:00000004 "scheduledinstallday"=dword:00000006 "scheduledinstalltime"=dw

hi, can answer me such strange issues. i have belong to  domain administrators , domain admins d drive on windows server 2008 r2, when trying modify file, indicate me "access denied"   thanks, charles how troubleshoot ntfs , share permissions http://networkadminkb.com/kb/knowledge%20base/windows2003/how%20to%20troubleshoot%20ntfs%20and%20share%20permissions.aspx   also disable uac, on 2008 r2. http://technet.microsoft.com/en-us/library/cc709691(ws.10).aspx to turn off uac click start , , click control panel . in control panel , click user accounts . in user accounts window, click user accounts . in user accounts tasks window, click turn user account control on or off . if uac configured in admin approval mode, user account control message appears. click continue . clear use user account control (uac) protect computer check box, , click ok . click restart now apply change right away, or click restart later , , close use

hi, when run certutil -verify -urlfetch on 2 different certificates issued same issuing ca, response quite different , raised concern online responder not working should. here 2 outputs.. output nr1. crl (null): issuer: cn=server fqdn thisupdate: 2015-04-14 21:05 nextupdate: 2015-04-22 09:25 39c5508bc895eef3e97d8b611d1fa1fc17d3db19 issuance[0] = 1.2.752.113.10.1.1.1.1 vgc-pki cps application[0] = 1.3.6.1.5.5.7.3.2 client authentication application[1] = 1.3.6.1.5.5.7.3.1 server authentication output nr2. crl 323e: issuer: cn=ca logical name thisupdate: 2015-04-14 22:05 nextupdate: 2015-04-22 10:25 222195864225835a025a52015d5dca5fc2c71f30 issuance[0] = 1.2.752.113.10.1.1.1.1 vgc-pki cps application[0] = 1.3.6.1.4.1.311.54.1.2 remote desktop authentication why first output missing crl number , why produce response server fqdn , not ca logical name? by way, running 2012 r2 on , online responder. please me understand. kind regards mikael hi 

que tal amigos bueno tengo el siguiente problema quiero editar algunas directivas con el archivo gpedit.msc pero algunas no me permite como por ejemplo la directivas de contraseñas. trabajo con windows server 2003 r2 standar edition sp2 saludos. en un servidor en grupo de trabajo, e iniciando sesión con un administrador, se puede cambiar perfectamente la directiva de contraseñas. si no eres administrador directamente no abre el gpedit. otro es el caso si el servidor es un controlador de dominio, en cuyo caso aparecen deshabilitadas las opciones si entras por gpedit.msc ya que se deben manejar nivel de la default domain policy por favor, explica cuál es exactamente el síntoma porque la expresión "no me permite" no provee información para poder ayudarte ¿están deshabilitadas? ¿no abre el cuadro? ¿no abre el gpedit? guillermo delprato - mvp-mct-mcitp-mcts-mcse mcitp: server administration mcts:active directory/network infrastructure buenos aires, argentina

hello, i have following problem: * have default domain policy linked @ domain level. * domain controllers in same ou (domain controllers) * no block inheritance enabled on domain controllers ou * default domain policy set enforce. , have no other password policies * domain functional level 2003 dc1 getting default domain policy + pw policy according rsop and result dc2 , dc3 getting default domain policy not account policy's ( password policy any idea? thanks, arjan hi arjan, based on research, in each domain, gpmc uses same domain controller operations in domain, pdc default, in order avoid synchronization issues. would please tell dc1 pdc emulator ? if yes, behavior normal, can refer kb article below: some security policies displayed "not defined" in rsop snap-in on windows server 2003, 2008 or 2008 r2 based domain controller http://support.microsoft.com/kb/927908/en-us you can verify if account policies have been replicated dc2