AD Trust Selective or Forest Wide Authentication
Hi EveryoneI have a question regarding AD TrustWe have a single forest with mutiple domain which have and incomming trust with another domainThe trust is set up like this*Forest Trust*Domain Wide...
View ArticleHow can I display active directory attribute msDS-GroupMSAMembership value on...
I have set the value -PrincipalsAllowedToRetrieveManagedPassword which indirectly updates the attribute 'msDS-GroupMSAMembership' on Active Directory and its Syntax is "NT Security Descriptor",Now I...
View ArticleAzure Joined Machines alerting they need to lock and unlock using their...
I recently added a 2019 DC to a 2008 DC environment. Machines are all Azure joined. After installing the new server, users who use a PIN to sign in now receive an error that they need to lock their...
View ArticleDFSR sysvol replication issue Event 5008
Hi ,I have 4 DC which is 2012 R2 located as below.HQ - AD1HQ - AD2 (FSMO all roles)Site 1 = AD3Site 2 - AD4Having an issue with AD4 which is in site 2 for group policy sysvol folder sync. we have...
View ArticleActive directory domain level encryption
Hey guys , i need help with my Active directory domain lab. I want to have a folder on my domain that is open for sharing and security for everyone , have a user from a client computer create an...
View ArticleMigrate Rackspace VM to Azure
Hello,In Rackspace, we have a VM running windows server 2008 r2 domain controller so we would like to migrate the existing users/groups to the new VM windows 2016 or 2109 in Azure - can't seem to...
View ArticleClik here to view.
Active Directory synchronization
Hi Folks,I have several DC's divided over two sites;Site 1: DC1, DC2, DC3Site 2: AZ-DC1, AZ-DC2When I take a look in AD Sites & Services the replication between the sites and the DC's is configured...
View ArticleClik here to view.
Event ID 2088 Active Directory error on my Domain Controller
hi everyone, hope you can help... I got some errors on one of the DCs in active directly. #################### # Background #################### In the site, i have two DCs. dc02and dc03. DC02 is...
View ArticleQuery related to LDAP Simple Binding after installing March Security update
Hi,I know that in march there is a security update coming https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190023 I'm assuming that once the update is applied/installed that the...
View ArticleConversion of Domain Controller from Evalualtion version to licensed
I have a domain controller running on 2016 Datacenter Evaluation version and the license is left only for few days now.I want to make it licensed since the DC is critical (Production DC in a multi -...
View ArticleWindows hello for business not working on 2019 DC
Hello,we have a hybrid environment with AAD and On-Premises active directory.we also have a working setup of windows hello for business, where users can logon on their pc using pin,fingerprint,etc.a...
View ArticleExport list of all users with their management hierarchy from AD
Hi,I need to export a list of all users from an OU with not only their manager but also their Managers managers Manager, I can easily export the manager as this is an attribute on the users profile but...
View ArticleLDAP Queries on user accounts
I am currently busy with a new AD structure. Basically moving accounts around, creating, re-naming, and deleting OUs, etc. There are tons of AD accounts that are being used for LDAP queries that have...
View ArticleGroup policy - executable from network cannot open network connection
Hello, I have computers in domain environment. Regular users cannot open network connection from executable which is located on network drive. To be more specific: I want to run WinSCP from network....
View ArticleSemantic database analysis for the Active Directory database
Hi,May I know the benefits of doing "Semantic database analysis for the Active Directory database".How often I need to perform the semantic check.Is there any event id system will generate to intimate...
View Articlesyntax error
Hi All i am executing the below script in Powershell ISE i am getting the error experts guide me on this.$Input = "((Office -like '*Singapore*') and ((departmentNumber -eq 1234) or (departmentNumber...
View ArticleDFSR not working Event_ID 6104
So setting up a new AD server to replace an existing but having problems getting it to sync so i can turn the old server off. Event viewer has: The DFS Replication service failed to register the WMI...
View ArticleBlocking internet access in active directory servers
Hello EveryoneWe have active directory environment with internal DNS setup in our environment. As per security recommendation, we need to block internet access in our active directory...
View ArticleUserCertificate and Certificates attribute.
In the userCertificate and Certificates Attribute. Inside my AD, I have a user who did not generate these attributes when logging in to workstations, so they do not have personal certificates in...
View ArticleSPN HOST/IP overrides
Hi guys,I'm trying to configure additional SPNs leading to the IP address of the server for TERMSRV and HOST. The server is the domain controller.setspn -S TERMSRV/172.29.2.19 Sec-Lab-Win19 setspn -S...
View Article