Two Domains on SCCM
Hi All,We have been directed by our Global HQ to merge AD. As a result of this we are in the process of merging objects from our European Domain to GHQ. The aim is to be one forest, Global coverage.The...
View ArticleADMT. Migrate security group and its memership
Hi,I'm trying yo copy security groups between two 2-way trusted domains (interforest). The idea is to create exactly the same security groups in the target domain. I'd like that groups from domain A...
View ArticleWindows Server 2016 CertSrv not created and missing
Hallo,I have a problem on a Windows 2016 DC. I installed the IIS and after this the PKI and the rolls: Web Enrollment service and Network Device Enrollment Service. The CA installed without any error,...
View ArticleBlock 10,000 most used hacked passwords for users login password
I remember seeing a program that connects with Microsoft Identity/Security or AD that blocks users ability to use known hacked passwords for their own.For instance "1qaz2wsx3edc," "passw0rd" and...
View ArticleWhat is a primary Group? What are its functoins?
Why do we need a primary group? I know it is only for Mac OS clients. But what is its exact functionality?What happens when the default primary group of a user "Domain Users" is changed to another...
View Articlewhat is the use of regsrv32 schmmgmt.dll
Can one explain about the use of regsrv32 schmmgmt.dll.Abp
View ArticleGet list of deleted AD users
Hi there.There are people setting up a 3rd party system that retrieves information from our AD.During testing, they found that they could capture the creation of new users and modifications of users...
View ArticleHow to apply fine grained password policy to an OU
I have an OU called TestOU-1. Now I want to apply fine-grained password policies to all the users in TestOU-1. I know fine grained policies can be applied to global security groups and users only. But...
View ArticleWindows Server 2019 AD joint to 2012 Domain
I am trying to join a new Windows server 2019 server to my 2012 R2 domain. I keep getting this error.“Verification of replica failed. The forest functional level is not supported. To install a Windows...
View ArticleQuery DNS for Specific Domain Controller
We are merging two companies and have setup a two-way trust for use with the Active Directory Migration Tool.Due to our network design problems (duplicate IP subnets) the network team has allowed...
View ArticleADFS Related issue
My domain controller on window server 2008 R2i want to install ADFS on window server 2012 R2Is there any possibility?
View ArticleUnable to join a windows 10 device to test domain
Hi,I have built a test lab win VM Workstation to test various upgrade options.I have used Windows2012 R2 as the server and have installed all the necessary options and promoted it to a DC. I have 2...
View ArticleUnable to sync time from Primary DC
All domain controllers and clients are unable to sync their time from PDC and getting below error. PDC is dyncing from another NTP server in our environment. NTP port is accessablealready run /resync...
View ArticleLDAP last authenticated users report
I am using AD LDAP server for authenticating users for CISCO meeting server (CMS) application. I want to take a list of all users with last successful authentication. Also need to take a list of users...
View ArticlePatching Information
Hi Team,A need in simple quick answers. We had run a nessus scan we had found few of the vulnerability for which they had mentioned to install the patches. The patches which they had mentioned is of...
View ArticleKERBEROS - reasons for getting KRB5KRB_ERR_GENERIC from KDC
Hello,Working on a flow with kerberos constrained delegation.Can get a TGT for the user trusted for delegation and flow immediately fails on TGS_REQ / TGS_RSP with KRB5KRB_ERR_GENERIC from KDCWhat are...
View ArticleNot able to uncheck protect object from accidental deletion tab on OU
Hi,I have domain admin rights and I tried to delete one OU it was showing "You do not have sufficient privileges to delete Computers, or this object is protected from accidental deletion". Even when I...
View ArticleAuto-generated AD repliation links does not respect AD topology
Hi to everybody! I have an AD that spans over many geographical sites. I have a main site where all the branch sites connect through S2S IPSec VPN tunnels. Then network is in a "star" topology, so...
View ArticleRemote Desktop Services has taken too long to load the user configuration...
Remote Desktop Services has taken too long to load the user configuration from server \\DC for user administratorEvent Id 20499Ram Prakash Sharma
View ArticleLastlogonTimestanmp Shows Future Date - showobjectmeta shows...
I have several machines that show a last logon in the future.I ran repadmin /showobjmeta DC "OU Paths" >temp.txt and the output for the DC looks like a GUID.Loc.USN Originating DSA Org.USN...
View Article