Windows 10 clients rejecting multiple certificates at auto-enrollment / renewal
Hello,When my Windows 10 machine certificates enter their renewal period, they go ahead as planned and request their certificate renewals (which are automatically issued by the CA), but then they...
View ArticleCA migration: SHA1 to SHA2 in Windows 2016 OS
Hi,We currently have a single Root CA (AD integrated) in our organization and it uses SHA-1. We have issued some certificates internally by using this CA. So now we need to migrate the certificate...
View ArticleWindows 2008 R2 Directory Services. Upgrade Server 2008 R2 to Server 2016
Hi Team, One of our customer is running AD services on Windows 2008 R2. We are looking to migrate Directory services to Server 2016. What should be the right approach? - Does 2008 R2 supports in place...
View ArticleUpgrading from Windows Server 2008 r2 to Windows Server 2016
Hi,I know you can't do a direct upgrade from 2008 to 2016 so it will be a step upgrade via 2012. However do i need to purchase a full version of 2012 for the sake of a couple hours or can i use the...
View ArticleClik here to view.
can delete perflogs data from additional domain controller ?( C drive cleaning)
Hi Team, I want to clear disk space from C drive which is one of ADC. Kindly help on this . Can we delete last year data folder "data collector" from perflogs folder. plz also suggest what is best...
View ArticleCan't authenticate to PC in another Domain
Hello all, I need some assistance with authentication.I just recently established and validated a Trust to another Domain. For some reason my domain (ABC ) users cannot authenticate to XYZ domain. We...
View ArticleHidden Domain Controllers still showing up in nltest and...
Hi,Getting ready to decommission our legacy domain controllers. In order to assist in identifying any hard-coded applications I have set the DnsAvoidRegisterRecords for the following service...
View ArticleAD domain consolidation\Restructuring.
Hi Team,We are in the process of AD domain consolidation\restructuring, I want to know from first to last what are the things that I need to consider, any response would be of great helpThanks in...
View ArticlePassword Hash
Hey guys,I have done a lot of reading lately and still a bit confused. I would appreciate if someone can answer my questions plainly.So i understand for authentication protocol for a 2008 + domain, its...
View ArticleLinux unable to see unixUserPassword Attribute
After migrating from Server 2003 SFU 3.0 to Server 2012 R2 with IDMU new user accounts are being created with only the unixUserPassword attribute and not the msSFU30Password attribute. Old accounts...
View ArticleMove a Computer to an Active Directory with different credentials
Hi,I want to move computer/device from one OU to another OU using VB Code.The below code is working great under login of service account into target PC.but is there any way to execute below code with...
View ArticleRename a Domain Joined Computer
i've created an OU higharcy and delegated access to a group with full control over all objects and descendant objects. Why cant a member of the group with delegated access rename a domain joined...
View ArticleAD lookup not using domain in 1809
Most of my users upgraded to 1809 in the last week or two and now they are having issues with network resources. The symptom is an active directory user (Scanner) can no longer access their shared...
View Articlefailed to open the group policy object. you may not have the appropriate...
We have a one way forest trust Forest A and Forest B, have created the Universal group and added the members in Forest A. Then added this to a Domain Local group in Forest B.We want (certain) users...
View ArticleDFSR Migration Stuck
A few weeks ago the domain controllers in our Lab domain was attempted to be migrated from FRS to DFS. The domain is at Windows 2008 R2 functionality level and the DC's are on Windows 2019. When the...
View ArticleAdminSDHolder - Deny Change Password for Account
Okay guys, I have an interesting one here. I have a scenario where I need to restrict a service account that is in the Domain Admins from being able to reset or change the passwords of other accounts...
View ArticleUpgrade AD
Hi,We have One domain and which has 10 DC with mix of windows 2008r2, windows 2012 and windows 2016. The current domain functional level is windows 2008 r2. All FSMO rolls are on windows 2008r2 server....
View ArticleOne-Way Trust not working after renaming Domain Controller
Hello,After setting up a brand new forest (dmz.example.com) a one-way trust was created with a trusted domain (example.com), and with brief testing it looked to work. But then I needed to rename the...
View ArticleChange NTDS and sysvol path
Hi, We have to move the sysvol and ntds file to new location on some domain controllers to have the same path. what's the best practice to achieve the target new path?
View ArticleAD Lockout coming from Exchange HUBCAS
I have several account lockout issues in AD and I have traced the lockout and its coming from our Exchange HUBCAS server.How I trace the lockout:1. I used the Account lockout status tool to check which...
View Article
