The Historical Answer
With Windows NT, prior to the advent of Active Directory, there was one Primary Domain Controller (DC) per domain, and every other DC was a Backup.
The Modern Answer
When Active Directory was introduced with Windows 2000, domain controllers became fully multi-master. There is no primary domain controller. However, there are two caveats that may confuse you.
Summary: The Synology DS 1515+ is a capable little NAS with a large feature set, but it has some software reliability issues and limited technical support.
The DS1515+ is a compact unit that feels sturdy. It holds five 2.5″ or 3.5″ drives, and 3.5″ drives can be installed without any tools. You will need a Phillips-head screwdriver to install an additional RAM module, but that’s also a very simple process. The fans are also easily replaceable.
You will need to connect the DiskStation to the Internet to install the operating system, which is called DiskStation Manager (DSM). The installation process went smoothly. From a security standpoint, this process is slightly scary, and I hope that the automated installation process used some method to verify the integrity of the operating system.
Once the operating system is installed, there is a nice graphical user interface to manage all aspects of the system. It is possible to enable SSH to allow access to the unit by command line, but the CLI is officially undocumented, and Synology support won’t answer questions about it. The documentation on the Synology support site is pretty thorough, so I won’t go through the process to create a RAID or volumes.
This post documents how to resolve the following error message, which may appear for no particular reason, and flood the Windows event log:
Failed to schedule Software Protection service for re-start at 2116-09-14T16:54:27Z. Error Code: 0x80041316.
The following steps will resolve the error on Windows Server 2012r2, but based on other links, similar steps should work for Windows 8, 8.1, or Server 2012.
The root cause, in my case, was a corruption in the XML files that control task scheduling for the Software Protection service. I am not sure what caused this error, but it appeared to start after a domain controller was not shut down cleanly.
Microsoft’s official documentation reports that another cause may be a mismatch between the permissions used to run the task and the permissions on the files that control the task. However, most people have reported that the problem is caused by corrupted XML files. Also, note that the Microsoft documentation is inaccurate when it states that the task must run as the NETWORK SERVICE account. If the task is triggered by an interactive user logon, it should run as account Interactive.
If you are a Linux or OS X power user, then you’re used to having all the necessary tools built into your OS. When you log into a Windows system (What! No command line?) you may feel lost. These tools and shortcuts will help you be productive on Windows systems.
- Alt-x is a magic shortcut key on Windows 8 and Server 2012. It pops up a little menu in the lower right corner of the screen which contains just the items that an admin needs. Try it!
Microsoft Baseline Security Analyzer (MBSA) is a useful tool for auditing the configuration and update status of Windows computers. Most of the time, its reports are useful and easy to understand. However, some of its responses are baffling, and some of its suggested solutions haven’t been updated since Server 2003. Here is my collection of odd MBSA reports, and how to resolve them.
The use of Internet Explorer is not restricted for administrators on this server
Enable IE Enhanced Security Configuration in the Server Manager