Itunes disc burning
I have Itunes on my Dell laptop with CD drive. It used to work ok but then it stopped so I purchased a remote cd drive to connect via the usb port. I can now play or import from this remote drive but I...
View ArticleFGPP vs Default password policy
I am in the process of setting up FGPP, but am seeing conflicting results. Here is my scenario:-There is no default domain policy. The previous IT team have disabled all settings in the default domain...
View ArticleADFS 4.0 - The certificate key algorithm is not supported
Hello all,I try to use certificate authentication on an ADFS 4.0 server. I used an ECC-256 bit user certificate (ECDSA_P256).ADFS authentication fails with following error in eventlog. Exception...
View ArticleClik here to view.
Default Domain Policy processing failed.
Hi all,I current having an issue with the processing of Default Domain Policy. I having 2 DC in my environment and the the replication is healthy by using repadmin to verified. But when i check group...
View ArticleTest-ComputerSecureChannel is false and minutes later is true
I have no clue how to troubleshoot secure channel but it appears I am having secure channel issues. When I run Test-ComputerSecureChannel the results return false and minutes later the result is true....
View ArticleClik here to view.
Shutdown dc results in offline hosts
Hi,We have a customer with 2 DC`s running Windows Server 2012 R2.They said that if they shutdown DC1 then no one is able to login.Then I tried it, but I seem to be able to login, one client did take...
View ArticleAD Kerberos question
Hi All! We currently run Microsoft Advanced Threat Analytics, and we quite often get the following error for Windows client PCs and ADFS servers: Encryption downgrade activity The encryption method of...
View ArticleWindows Server 2008 SP2 Standard - Compatibility Matrix
Hi,I have an existing Windows Server 2008 SP2 Standard Edition assigned as domain controller. I would like join Windows Server 2012 R2 machine into this existing domain. Whether this is possible. Is...
View Articleldp say forestFunctionality: 0 = ( WIN2000 ); but is W2008
Hello, I'm try to add a new W2016 DC to my domain (2 DC W2008 R2 already presents), I can't procede to promote W2016 to DC because says that forest level is W2000.In both DC W2008, in mmc gui, "Active...
View ArticleFailed DCPROMO - First Domain Controller of a new Child Domain
HiI'm trying to create a new child domain (F) in a mixed 2012R2 / 2016 DC environment best pictured as follows Root / \ A B / | | \ C D E FSummary of domainsRoot - 2012...
View ArticleOld Domain Controller reappears in DNS
I needed to virtualize the only domain controller (2008 r2) to solve the problem of dying hardware. I temporarily promoted a 2016 server to a DC, and transferred the FSMO roles, and let everything...
View ArticleWindows server 2012 DC Promo fails The directory service on XYZDC has not...
No FSMO Role on this DC,The server was being promoted, after reboot, I could login in but could not open anything from system32 "Access Denied" after a while it fixed itself this error but now DNS...
View ArticleA user account was changed by ANONYMOUS LOGON
Hi All,I have a few DCs. When i review the security logs i can see a lot events like the below: A user account was changed. Subject:Security ID: ANONYMOUS LOGONAccount Name: ANONYMOUS LOGONAccount...
View ArticleActive Directory mobile profile problem.
I've tried to sync my mobile profiles. But there is one error. Person, we can called her "one", have computer with Windows 10 Pro on it, Active Directory on Windows 2012 Server standard. "One" can...
View ArticleUser rights to download
The Users in my Domain only have User rights. However some of our users needs rights to be able to download files from the Internet and open them. They cannot do that with user rights. They get...
View ArticleGuidance for creating "Penalty Box" OU
Hey DS Gurus!I have a requirement from our Security department to create a Penalty Box OU that will be used to quarantine machines that may have been compromised by a virus or malware. The objective...
View ArticleDomain Controllers OU
Using Active Directory, I am looking into creating a new computer object and adding it into the Domain Controllers OU. I am not building a server and adding it to the domain, only going into active...
View ArticleScript to check if there are users logged on in a server(s)
Hello, I was wondering if any of you could help me with the following. I need a better script to check if there are users log in a server(s). Right now what I am doing is... get the server name and...
View ArticleDomain Admin User Permissions
Hello. Here is my objective: Create a new AD account and add it to the domain admins group. This account is going to be used as a "honey" account. It should never be used for anything except as bait...
View ArticleProper Domain Delegation in non-standard environment
Hello all! We are an IT shop that is working on deploying proper administrative AD delegation on our domain. We are working through the information provided by Microsoft and trying to fit it to a...
View Article