Here's a little something I learned when trying to enable the functionality of the Active Directory Module for Powershell a few weeks back on a Window Server 2008 R2 box. This module is also available on Windows 7, and the solution below is the same for it.
In order to make this feature work, you need AD Web Services enabled on at least one Server 2008 R2 domain controller in your domain. In our case, the domain controllers are Server 2003-exclusively. So, I did a little digging and found that you can install AD Web Services on Windows Server 2003 and/or Windows Server 2008 and it would then allow the AD Module for Powershell to interact with Active Directory, which means the Server 2008 R2-exclusive Powershell cmdlets will then work.
We did this on a handful of 2003 DC's in our environment without any problems. However, when we launched the AD Module for Powershell on our 2008 R2 server, it still couldn't connect to the AD Web Service on any of the DC's. We got the following message:
Windows PowerShell
Copyright (C) 2009 Microsoft Corporation. All rights reserved.
WARNING: Error initializing default drive: 'Unable to find a default server with Active Directory Web Services running.'.
PS C:\Windows>
Copyright (C) 2009 Microsoft Corporation. All rights reserved.
WARNING: Error initializing default drive: 'Unable to find a default server with Active Directory Web Services running.'.
PS C:\Windows>
After doing some digging, I found the information I was looking for. The AD Module uses DS_WS_FLAG to find an ADWS instance. This information can be used to locate a DC with ADWS instance, when a client will specify the additional DS_WEB_SERVICE_REQUIRED flag in the DC request. The problem? Server 2003/2008 DCs don't understand this new flag. To correct this, an additional hotfix has to be installed, KB969249 (for Server 2003) or KB967574 (for Server 2008).
The workaround for this is to specify the server at which your Powershell query will be directed, via the -server option. But that can become a problem later if the server you are pointing at goes away, is down for maintenance, etc.
So, if your AD Module for Powershell won't connect to your installation(s) of AD Web Services, you may now know why and know what to do to fix it.
No comments:
Post a Comment