In the elevated command prompt, copy and paste the command below and press Enter.
gpupdate /target:computer /force
When successfully finished, you can close the command prompt if you like.
In the elevated command prompt, copy and paste the command below and press Enter.
gpupdate /target:computer /force
When successfully finished, you can close the command prompt if you like.
There is a way to create Default Domain GPO. There are two GPO created when you promote a member computer or a stand-alone server to domain controller.
These two GPOs are :
These GPO are stored in the SYSVOL folder. Netlogon service creates two permanent GUID for these two GPO under SYSVOL folder:
\Windows\SYSVOL\sysvol\domain.com\policies\GUID
Domain GPO GUID {31B2F340-016D-11D2-945F-00C04FB984F9}
DC GPO GUID {6AC1786C-016F-11D2-945F-00C04FB984F9}
Windows OS identifies default domain policies by its GUIDs located in SYSVOL folder. These GUIDs are unique for Default Domain Policy and Default Domain Controller Policy created by default.
You can use the following steps to create GPOs manually:
1. Open ADUC
2. Right click on Domain_name.com > Property
3. Switch to Group Policy tab
4. Create a policy named “Default Domain Policy” or you can rename it if you want. AD Tools queries default domain policies by their GUIDs located in SYSVOL folder and not by name.
5. Click this GPO > Property > note down the GUID of this GPO created.
6. Go to SYSVOL folder and change the GUID to default domain policy or default domain controller policy.
7. Next you need to use a small script using ADSI to set this unique GUID into GPT of this policy in AD database. You can also edit Schema manually to do so.
You can use the ADSI Snap-in to create the GUID in GPC of that GPO.
Source to copy:
File system junctions are used extensively in the Sysvol structure and are a feature of NTFS file system 3.0. You must be aware of the existence of junction points and how they operate so that you can avoid data loss or corruption that may occur if you modify the Sysvol structure.
Sysvol uses junction points to manage a single instance store. Junction points are also referred to as reparse points (directory junctions and volume mount points). A junction point is a physical location on a hard disk that points to data that is located elsewhere on your hard disk or on another storage device. Junction points are created when you create a mounted drive. The following diagram is an example of a typical Sysvol structure for a Windows 2000-based domain controller:
\Sysvol | |____<Domain> | |____Policies | |____Scripts | |____Enterprise | |____Policies | |____Scripts | |____Staging | |____Domain | |____Enterprise | |____Staging Areas | |____Enterprise junction> = Sysvol\Staging\Enterprise<Br/> | |____<Windows2000_domain.microsoft.com> junction> = Sysvol\Staging\Domain | |____Sysvol | |____Enterprise junction> = Sysvol\Enterprise | |____<Windows2000_domain.microsoft.com> junction> = Sysvol\Domain |
In a single instance store, the physical files only exist one time on the file system. However, in Sysvol, the physical files are located in the following locations:
-or-
The additional folder structures are reparse points that redirect file input/output to the original locations. The following table lists the folders in Sysvol that contain junction points and the locations to which these junction points resolve:
Sysvol Folders | Junction Point Location |
---|---|
Staging Areas\Enterprise | Staging\Enterprise |
Staging Areas\DNS_domain_name | Staging\Domain |
Sysvol\Enterprise | Enterprise |
Sysvol\Windows2000_domain.microsoft.com | Domain |
This configuration maintains data consistency by making sure that a single instance of the data set exists. Additionally, this configuration permits more than one access point for the data set. For example, Sysvol\Domain or Sysvol\Sysvol\Windows2000_domain.microsoft.com, as described in the example that appears earlier in this article, allows for redundancy but does not allow for duplicate files.
Junctions graft the namespace (any bounded area in which a specific name can be resolved) of the destination file system location to an NTFS volume. An underlying reparse point permits NTFS to transparently remap an operation to the destination object. As a result, if you modify the data in the Sysvol structure, changes occur directly on these physical files. Additionally, if you perform a cut-and-paste operation or a copy-and-paste operation with these folders in the Sysvol structure that contains junction points, the cut-and-paste operation or the copy-and-paste operation occur in the junction point information.
Microsoft recommends that you avoid performing a cut-and-paste operation or a copy-and-paste operation on the Sysvol structure, especially when you perform the paste operation on the same server. If you perform a cut-and-paste operation or a copy-and-paste operation on the Sysvol structure, a copy of the junction point information is created. This does not result in a copy of the actual data. Instead, a copy of the junction point information only is created. If you modify any of the files that appear in that folder, you modify the source files directly.
Microsoft recommends that you do not modify the Sysvol structure. This recommendation also applies to backup and restore operations of the Sysvol structure. By default, if you back up Sysvol by using NTBackup.exe, the backup file includes a backup of the folder’s junction point information. If you restore a Sysvol structure from a backup file to a different location on the same server, do not restore the junction point information. To do so, use the advanced restore options.
Microsoft recommends that you do not modify any files directly to Sysvol without understanding the behavior of junction points and how these points affect Active Directory in your enterprise.
Note Under Windows Server 2003, if you copy %systemroot%\SYSVOL, you do not copy the junction points. However, under Windows 2000, if you copy %systemroot%\SYSVOL, you do copy the junction points.
By default, virtual machines don’t support Hot Add (add RAM) and Hot Plug (add vCPU). You need to enable this capability on a per-VM basis in order to use it. To do so, you must first shut down the virtual machine since you can’t modify these settings while it’s running. Then, open the virtual machine’s properties, navigate to the Options tab and choose the Memory/CPU Hotplug option in the Advanced section. At the right-hand side of the window, note that there are two section – one for memory and one for CPU. Choose the options you like and then click OK. After this setting is changed, you can restart the VM.
Now, when you look at the VM details, notice that you’re provided with the maximum hot-add memory for the VM. In this case, that’s 64 GB.
When I look at the system properties for the VM, here’s what I see: 4 GB of RAM and 2 processors.
While the VM is running, I’m going to increase this to 6 GB of RAM and 3 processors.
Without a reboot, here is what I now see in the system properties.
And he’s a look at the Task Manager showing 3 CPUs and 6 GB of RAM
If you’ve successfully hot added RAM or CPU to a running virtual machine, respond to this posting (or, leave a response to my forum posting) with your operating system, edition (standard, enterprise, etc), service pack level/kernel version, and architecture (32/64-bit). If enough people respond, I’ll compile all of the results into a usable format and republish it.
Hi all,
Processor, Core, Logical Processor, Virtual Processor, thread, Hyper Threading : many terms that create a lot of confusion in many times, specially with Virtualization.
Today i will explain these terms and i’m sure that after a deep reading of this blog, no one will ask the question about that, again.
My reference will be always Microsoft and Hyper-V, and i will respond the following questions:
1- What is the difference between Processor, Core, Logical Processor ?
2- What’s a Virtual Processor ?c
3- How can i calculate how many Virtual Processor my physical machine supports ?
4- My application runs today in a physical machine with 1 processor and 4 cores, how much virtual processor do i need if i decide to virtualize this machine ?
So it’s time to answer :
1- What is the difference between Processor, Core, Logical Processor ?
Processor : It’s the physical components that comes with server, responsible of all processing operations, a server can have more than one processor (1, 2…), we talk so about a multiprocessor server (bi-processor in case of 2).
Core : Inside your physical processor, you can have more than one operations unit, called Core. We can say that a core is like a processor, so 1 Processor with two Cores is like 2 processors with 1 Core (I insist is like not equal). Today all processors are multi-core, and for servers, we usually find 4 or more cores processors (aka Quad Core or more).
Logical Processor : As explained before, we have processors and cores. Normally a Core can handle one thread (aka operation) in the same time (processor time slot). But when the technology Hyper-Threading is activated and supported, the Core can handle two threads in the same time than one (it’s more complicated but i’m touching the point). The number of thread in a machine is the number of logical processor. So if you want to know how much logical processor do you have, just count the total number of threads.
So how to count that:
Cores Count = Processor Count * CoresCountPerProcessor
Logical Processor Count = CoresCount * ThreadCount
Examples :
So how where to see how much processors, cores and Logical processors my server have:
2- What’s a Virtual Processor
In virtualization, when you create a virtual machine you do assign to it a processor : Yes, we need that for the virtual machine to run and to make operations. But the question is what do we really assign to it ?
Like vRAM, VHD, Virtual network interface, we can assign to a virtual machine a Virtual Processor (VP). In an easy way, it’s a physical processor TimeSlot that will be given to the virtual machine. So when i assign a Virtual Processor to a virtual Machine, is like i rent a computing time from the processor, a piece of the processor
how much VP can i assign to a virtual machine: Good question and we need to know that : The number of virtual processor we can assign to a virtual machine depends on two factors:
Another factor is to not exceed the host operating system limit, you can check the following table:
System | Resource | Windows Server 2008 R2 Hyper-V | Windows Server 2012 RC Hyper-V | Improvement Factor |
Host | Logical Processors | 64 | 320 | 5× |
Physical Memory | 1TB | 4TB | 4× | |
Virtual CPUs per Host | 512 | 2,048 | 4× | |
VM | Virtual CPUs per VM | 4 | 64 | 16× |
Memory per VM | 64GB | 1TB | 16× | |
Active VMs per Host | 384 | 1,024 | 2.7× | |
Guest NUMA | No | Yes | – | |
Cluster | Maximum Nodes | 16 | 64 | 4× |
Maximum VMs | 1,000 | 4,000 | 4× |
3- How can i calculate how many Virtual Processor my physical machine support ?
4- My application runs today in a physical machine with 1 processor and 4 cores, how much virtual processor do i need if i decide to virtualize this machine ?
There’s no exact formula to convert from physical needs to virtual needs when talking about processors.
But the today used formula is : Physical Core = Virtual Processor
So if your application need 1 quad core processor in a physical need, you can say that it’s need 4 virtual processors as a virtual machine.
We highly recommend that you monitor the virtual machine performance and seeing if there’s a need to add more virtual processors.
Source:
Active Directory is what is called a directory service, it stores objects like users and computers.
A domain controller is what the server running Active Directory is called.
You can have multiple domain controllers for many reasons, like redundancy so should one server fail, people can still login in and access things like joined computers using another domain controller while the first server is being fixed.
Just is small example of how Active Directory is to be used:
Forest (examplecorp.local)
– Domain (headoffice.examplecorp.local)
— Domain Controller A
— Domain Controller B
— Computer A, users can login to the computer using their account on using either Domain Controller A or Domain Controller B depending on different factors.
— Computer B, same
— Computer C, same
– Another Domain (seattleoffice.examplecorp.local)
— Same structure for local Seattle office
Only one Domain Controller in a domain can handle can tasks like the Global Catalog and such. This is usually called the Primary Domain Controller (PDC) and the task of things like the Global Catalog can be changed to any Domain Controller should that be needed.
Should you plan on using Active Directory then you should read up on it because it is a very complex piece of software and if you configure it wrong you will could potentially spend hours trying to figure out what went wrong.
Paul Bergson wrote this brilliant script that queries active directory and gives you a wealth of information that can be used to audit active directory.
I have slightly modified this script and added a few lines to get information like the email address and the exchange home server of the user using the mail and msExchHomeServerName attributes.
You can download the modified script here.
How the script works:
It queries Active Directory using LDAP for a bunch of known user attributes and writes them to a .csv file in the same directory as the script. The file is will be named yyyymmdd_audit.csv
NOTE: I am NOT the original author of this script. Please give all credit to Paul Bergson who is an MVP for Directory