To change the Schema Master in Active Directory you will need to register a DLL to enable the Active Directory Schema MMC. This MMC is disabled by default as this tool can break active directory completely if you make changes to the schema (think the regedit but for Active Directory).
To start open a run command and type “regsvr32.exe c:\windows\system32\schmgmt.dll”. This dll may also be in the winnt directory depending on whether your server was upgraded from Windows 2000.
If the command is successful you should get the following message.
Next open a clean MMC window by typing “mmc” into the run command.
Click on Console -> Add/Remove Snap-in.
Select the Active Directory Schema and click Add
Right Click on Active Directory Schema as shown and select Operations Master…
Make sure the Current Focus is the server you want to change to and then click change.
Note: Doing a DCPromo on the schema master should move that role to another Domain Controller within your domain, but I would still prefer to move roles off a server your going to decommission before you remove active directory from it.
To add a static route to windows you can use the route command:
To view the existing routes on a machine. Open a command prompt and type the following:
route print
To add a static route:
route add <target> mask <netmask> <gateway IP> metric <metric cost> if <interface>
eg. route add 192.168.1.0 mask 255.255.255.0 10.10.1.1 metric 1
The above static route will only be available till the machine in rebooted. To add a persistane route (one that lives after a reboot of the machine) add the -p switch to the command.
eg. route -p add 192.168.1.0 mask 255.255.255.0 10.10.1.1 metric 1
The following registry key holds the values for static routes.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\PersistentRoutes
As with other command prompt commands you can view all the options this command offers by typing route /? at the command prompt.
One thing that really annoys me about windows is that when you add a machine to a domain the log on to domain defaults to “MachineName (This computer)”. This means that you then need to log into the machine under a domain account and then log off again if you don’t want to get a phone call from your users saying that their domain passwords dont work. This also occurs when you log into a machine using a local account to do some administration. Its such a time waster to have to login just to log out, especially if you are setting up multiple machines at a time.
By presetting the following key via a group policy object within active directory and assigning it to your computer Organisational Unit your computers always have domain name as default:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultDomainName (REG_SZ)
To do this you will need to setup a startup script under the computer policy section.
On your Computer Organisational Unit create a New Group Policy and call it DefaultDomainName.
Under Windows Settings -> Scripts, Right click on Startup and select Properties.
Click Show Files.
Now create the following two files within this folder.
A “DefaultDomainName.bat” containing:
%systemroot%regedit /s defaultDomainName.reg
A “DefaultDomainName.reg” file containing:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“DefaultDomainName”=”YOURDOMAINNAME”
Close the folder and click Add on the Startup Properties window.
Click Browse and select the DefaultDomainName.bat file.
Click Ok -> Ok. Then close out of the Group Policy Editor.
When your computers under that Organisational Unit restart that policy should now be applied.
Windows 2000, Windows 2003 | Wayne | 
February 17, 2010 6:40 pm | 
Comments (0)