Renew subordinate CA certificate
Hello,I want to renew the CA Certificate of my sub CA. When I right click the issuing CA and chose "renew ca certificate" I chose not to change the private key. After this, the CA services are...
View ArticleError "the account must added to the allowed list for this RODC" while...
Hi All, I am using server 2012r2 for both primary DC and RODC. I am getting below error (the account must added to the allowed list for this RODC) while pre-populating user created on the primary DC...
View ArticleHow to manually remove a duplicate TRUST_ACCOUNT from active directory?
Hi,I have a user account in my AD which is a TRUST_ACCOUNT , and also is a duplicate, I mean it has DN in the form of :CN={DomainName}$\0ACNF:{GUID},CN=Users,DC=XXXXXX,DC=comhow can I remove this...
View ArticleMicrosoft DNS TTL Setting
Dear Team,I have a Microsoft DNS server installed on Windows 2008 R2 SP1, in DMZ for all my company SystemsThe Default TTL for all forward zones is 24Hours (1 day) . How can I change the Default TTL to...
View ArticleClik here to view.
Custom Attributes in AD
I have created a custom attribute in AD, it is visible in the user properties but when running powershell to create a new user the custom attribute is not usable.The create user script is attached, the...
View ArticleChange Domain Controller IP address and Host name with Old demoted Domain...
Hello Team,I would like to know whether is it advisable to use old demoted DC IP address and host name to the newly promoted Domain Controller.And If it is Yes than, what is the Best Practice to do it...
View ArticleADMT migration
Hello everyone, I would like to consult with the ADMT migration tool, what the change user and computer SID in the domain.
View ArticleRun an app with admin's right
Hi.....i have an app on my client's system that needs admin's right for starting.... I know that i can use RunAS app buti'm looking for another way in windows ((((10))))....also I've triedTask...
View ArticleThis server is the owner of the following FSMO role, but does not consider it...
Hi,What is this error i getting in the server. I did domote the server all FMSO role are currently mapped to this server only but still why i am getting this error?This server is the owner of the...
View ArticleConfigure detailed Auditing in AD 2016
Hi,Please help me to understand the below logs use case. If we enable these logs will my domain controller face any performance issues. Enabling these will consumes more space ? on C drive. Configure...
View ArticleClik here to view.
Command Line to add permission on User object
Hello,I would like to have command line for Giving Full permission to an user object, below is the screenshot where i would like to give permission to one user for another user object.
View ArticleClik here to view.
retrieving and writing to a container object with powershell
Hello,i ran into an issue when i got the request to copy a description attribute from one container object to another container object. The problem here is that the description string is very long and...
View ArticleClik here to view.
getting below error while restoring AD user from ldap.exe
i dont know why i am getting this error, unable to restore the user.user is lab06cn=usersdc=lab dc=comcan someone help on this.
View ArticleClik here to view.
GPO - Minimum password length = 15 not applying
Hello,I got trouble to activate the 15 characters minimum password length =15 to my Windows 2016 domain servers.The Domain Controllers are on 2012 r2 OS.Details :Domain default GPO : set the password...
View ArticleAccess to Active Directory without being logged on a domain ?
Hello, I’m an industrial vision software engineer, and a customer asked us to add a feature in some of our softwares, running on Win7 and Win10 computers. This feature requires that the software should...
View ArticleDeploying LAPS in broken Forest
Hi there, we have implemented LAPS successfully in a single domain TEST environment but have had issues when deploying to a forest.I believe this is due to replication not working between the...
View ArticleCertutil script
Hi folks,Running Server 2016 R2 VMs hosting a three tier CA and need help putting together the certutil commands to: - Query the CA database - Locate all user cert objects associated with provided...
View ArticleCan AdminCount be set to 1 on any accounts in Active Directory
Can AdminCount be set to 1 on any accounts to protect them even if they are not member of any privileged groupsGuru
View ArticleLDAP Authentication Issue
HelloWe have a third party solution integrated to our active directory (Windows Server 2008) via LDAP, For certain users authentication is failing with the following message:"User found in active...
View ArticleNeed help renew domain controller authentication certificate.
Need help renew domain controller authentication certificate.
View Article