Active Directory: Recovering deleted objects vs groups
Hello, My journey into IT waters was a little bit rough but I'm getting better and better every day. And often, the rabbit holes go not only so deep but there are labyrinths/mazes all over (sounds like...
View ArticleAD traffic between two forests restricted only between PDC Domain Controllers?
Hello guys, Customer company acquired another company. Both companies have own AD forests. Trying to make this brief. We're planning to establish a two-way forest trust between these two forests. Our...
View ArticleGroup membership update without reboot
Hi, If I change the group membership of a Windows 10 or 2008 or 2016 computer will the group membership change without a reboot? Is group membership updated without a reboot, say after a timeout...
View ArticleLinux computer lost trusted relationship
Hello,Linux administrators use ADDS for user authentication and provide roaming profiles using samba. But for some reason computer broke trust with AD (or AD broke trust with PC). Linux administrator...
View ArticleFSMO roles and DC decommissioning
We are having WS2008R2/2012R2 DCs, and have upgraded to WS2016 DCs. Now we are planning to move the FSMO roles to new DCs in our root and child domain. Root forest is empty, and child domain has all...
View ArticleConfusion about CALS
Hello,First off, I apologize if this in in the wrong thread. In my opinion, this forum does not provide enough options in their drop down list for topics. Licensing doesn't even exist.I would like...
View ArticleQuestion on AD LDS User Management
We currently use AD LDS on Windows 2008 server as Directory server for authentication to our Cognos 10.2 reporting application. The user management in AD LDS is done via Cognos Access Manager within...
View ArticleActive directory Migrating a identical user
I want to migrate this user but there is a user on the target AD with a identical username(logon), first name, last name on the target AD. how can I make this work?
View ArticleHow to disable read admin from AD
Hi, In AD any authenticated users can get list of domain admins/users (like Get-ADGroupMember 'Domain Admins'). Tell me please, how i can restrict it or get event for this request? Thanks.
View ArticleExtend Our Schema with a Customized Schema Attribute
Hope I placed this in the correct Forum. We are in need of creating a BadgeNum attribute in our Active Directory Schema - defaults won't do. We have never done this before but would guess that the use...
View ArticleUser Permission
Hi everybody, I would like to created a kind of restricted policy that make the user power :- Joining computers to domain in network - adding/removing users to/from a groups - access to all shared...
View ArticleIs Windows 2019 released or not?
Hi, Is it already available to use Windows 2019 to change my domain controllers? Is the procedure for installing in a domain and changing DCs the same as what we usually do? - Promotion new DCs -...
View ArticleDFSR Database cloning: Copy(as pre-seed) vs copy a database
Hi,I just have a simple question. In order to clone a database from SRV 1 toSRV2 we need to first export the database. Then there is a time to do bothpre-seeding of data plus copying the aforementioned...
View ArticleAD LDS - Create new application partition
Hello!I have two 2 AD LDS instances in one configuration set and I am trying to create a new application partition. I am following an MSDN article (unfortunately I can not provide the link here, I do...
View ArticleDNS - very confused.
Hi All,We are in the process of migrating machines from one domain to another. There is a two way trust relationship between both domains. Last week was the beginning of the Pilot migration and we...
View ArticleWhich inbound ports that a client desktop has to open in order to join AD domain
For security concerns, in our environment we block all the inbound ports of our desktops. However, seems I can't AD domain. However, if I add the following firewall rule:Source: domain controller...
View ArticleNameServers for a DNS Zone not working
Hello,We have a Windows Server 2016 running AD, we added a new Zone to its DNS server and configure that Zone to have not only the internal NameServers, but also its external NameServers, but for some...
View Article10K Users deleted under a OU, which consists of 200K users - Need to find how...
Hi All,We have 4 Domain controllers and we use CyberArk PAM to protect the privileged user login.Some one from the AD Mgmt team lave logged in to one of the AD server (DC01) and accessed JAVA Ldap...
View ArticleLDAP Bind function call failed
I've a clean Win2016 server soon to be our DC. The machine is patched and joined to Winw2008 R2 DC.Everything seem perfect until I run "gpupdate /force" I'm getting the LDAP Bind failed. Our current DC...
View ArticleActive Directory & Exchange Deployment on HCI (Hyper-converged infrastructure)
Dear All,We are planning to deploy AD with Roaming Profile, DNS, DHCP & Exchange server for 1000+ users on HCI.Requesting for the hardware specification/sizing for the same. Regards,Vijaiprabu N.
View Article