Cannot enable TLS for LDAP
My configuration (php 5.6, apache 2.4, Windows 10) I use ldap_start_tls() function. I have add root cert to C:\OpenLDAP\sysconf\certs. ldap.conf: TLS_REQCERT demand TLS_CACERT...
View ArticleCan an application always running with different users
Hi,I am having an enterprise application (which can't be stop due to business need), always running on Windows 10. To access the machine our team (10 members) use the single domain account, password of...
View ArticleRename old 2008R2 DC and give new 2016 DC the old one's name & certificate
Hello,I am planning to upgrade a domain that has DCs running 2008R2 to 2016 this weekend. One of the DCs has an TLS /SSL certificate and I want to keep using this cert that has the FQDN of the old DC...
View ArticleRenew Code Signing Certificate same key?
Currently have an internally issued code signing certificate that expires next year 2021. We want to stay ahead of this and renew the certificate now, a year ahead, but aren't quite sure on some of the...
View ArticleClient Workstations - Group Policy Objects not applying
We already open all this ports on our AD environment going to the 2nd AD Domain, but we would also like to identify which ports should be open, going to client workstations.Apparently both of our AD...
View ArticlePrompt for Credentials when Accessing DFS share in Trusted Forest!!!
Hi Team, We are having an issue when accessing DFS share but no issue in accessing file share directly from other Trusted Forest(which was running fine earlier).If file share is accessed directly using...
View ArticleForest trust validation permissions
Hi,Does anyone know what the explicit permissions needed for being able to validate a trust? I know you can add to Domain Admins or Enterprise Admins, etc but I would like to be able to give a...
View ArticleCreate a security group in AD for ( 10 machines which should allow the logged...
Hello Folks,I need to create a security group for 10 computers in AD, Which ever users logons to those machines he should have full logon rights.Appreciate the feedbackThanks !
View ArticleWindows Server 2012 inplace upgrade from Windows Server 2008 Standard R2
While installing Windows Server 2012 R2 Standard, the system does a compatibility check and informs that it needs to run adprep.exe . On checking with Windows Server 2012 R2 under sources folder there...
View ArticleClik here to view.
GPO not applying to windows 7 clients
a GPO is not applying to windows 7 clients ,creating an issue where users without domain admins cannot administer the clients. We have mixed 2008 R2 and 2016 domain controllers, with functional level...
View ArticleStrange "reset password" behavior
Hi there,we have a root domain (i.e. company.de) with some subdomains (i.e. lab.company.de & prod.company.de). Our admins (they are all created in prod.company.de) have the right to reset passwords...
View Article"The replication operation was preempted" and DNS unavailable
Hello,i have promote new domain controller, now it almost 6 hour after it first reboot for complete promotion. I noticed got three issue:1. Error opening DNS on new promotion server" Server could not...
View ArticleDomain controller DNS configuration
Hi,I have the following domain controller setup;On-PremiseDC1 (FSMO roles) DC2 DC3AzureAZ-DC1 AZ-DC2On the Azure DC's event 4015 is logged in the DNS eventlog. Also some DFS replication errors on DC1...
View ArticleConversion of Domain Controller from Evalualtion version to licensed
I have a domain controller running on 2016 Datacenter Evaluation version and the license is left only for few days now.I want to make it licensed since the DC is critical (Production DC in a multi -...
View Article(SOLVED) Active Directory: Changing end of logon usernames?
Not sure if I posted this in the right section, but...Currently all our users are configured to log on to the domain with the FQDN [username]@cfvna.local.I'd like to change it to cfvna.org, for...
View ArticleWindows hello for business not working on 2019 DC
Hello,we have a hybrid environment with AAD and On-Premises active directory.we also have a working setup of windows hello for business, where users can logon on their pc using pin,fingerprint,etc.a...
View ArticleBSOD STOP: c00002e2 Error Status: 0xc000007a windows server 2008 sp2
Hello Happy New Year to all! My question has been asked before but the solutions do not apply to my problem, or at least they do not solve it. I have a former domain controller that degraded it...
View ArticleChanging in / Changing out Domain Controllers
Hello,I just stood up a replacement Domain Controller (Windows Server 2019) to replace the last 2008 R2 we still have live.This will leave us with 1 Server 2019 DC and two Server 2012R2 DC's.I have a...
View ArticleHow to set the "Manager can update membership list" on an Active Directory...
In Active Directory, you can set a managed by group or user for a group and there is a checkbox in the UI for "Manager can update membership list". I have been able to set a group or user via a Python...
View ArticleMy last and only DNS server crashed
Hi all,As I said in title, my last and only DNS server crashed. Now I have a server with Windows Server 2012 R2. It's the only one Active Directory server in my domain. There's even a Microsoft...
View Article