[VULNERABILITY ADVISORY] Microsoft Security Advisory ADV190023 Microsoft...
Hi,This is with regards to Microsoft Advisory:[VULNERABILITY ADVISORY] Microsoft Security Advisory ADV190023 Microsoft Guidance for Enabling LDAP Channel Binding and LDAP SigningThus this mean...
View ArticleReplication issue between the Sites DCs
Hi Guys, we have a domain and two sites, one head office and a branch in different City. Head office has two DC as DC1 and DC2 on Windows 2008 R2 and also a DC3 in branch Windows 2008 R2. now the...
View ArticleDCDIAG failed system log
We have a newly promoted Domain Controller that’s our first 2019 box in the domain. Our other DC is a 2012R2 box (we’ve migrated to DFS-R already). After promoting it to a DC I ran DCDIAG and got the...
View ArticleWindows 2003 server to Windows 2016 Server Upgrade , RDS ISSUES
Dear all,I have two Windows Server 2003 as Domain controllers with replication working very well, as they are old, i decided to upgrade them to Windows 2016 Server by creating two new windows server...
View ArticleAzure AD pass-through authentication
Hi, I currently use ADFS for SSO authentication. The screen that appears for external users is a popup window for entering user and password. When we change to (Azure AD pass-through authentication)...
View ArticleDelegation not working (Helpdesk users to unlock admin user's Accounts...
Hi,We have a requirement where a security group of helpdesk users is required to unlock admin accounts. I understand if the user is member of domain admin account than it is not possible to delegate...
View ArticleAdding machine to AD Domain.
Hello,We are trying to add a windows 10 with winver 1809 machine to AD Domain.Adding the machine to domain is successful but the domain root certificate is NOT getting added toMMC -> Certificates...
View ArticleAfter updating Exchange 2016 to latest CU 15, having major DNS errors!
Hello All, I have a network that was upgrading their Exchange to the latest CU 15. During the upgrade the process stopped around 98%. They rebooted the servers(Exchange 2016, PDC running CA and a...
View ArticleClik here to view.
Clients not authenticate with RODC
Hi All, I have setup the LAB for RODC testing. But i didn't create RODC account before promote the server to RODC. I have noticed that users not login to RODC. Site configured and add users to PRP....
View ArticleComputer account behaviour if it enabled after 50 days
I have set up a script that disable computer account if it is not used in 90 days.Here my query is , if i enabled that account after was disabled 50 days before then what will be computer account...
View ArticleDesign Overview Poster
Hi,I am looking for a "poster" that shows all port openings with arrows between Domain Controllers and Windows 10 clients / Windows Servers.Is there any Microsoft official posters ?Thanks for...
View ArticlePassword not required flag set to true on defaultaccounts
Hello Everyone,I was checking my domain for blank passwords. I found more than 100 users with Passwd_NotReqd flag set to true.Before setting it to false, I would like to know if there are any users in...
View ArticleUnable to find cause of account lockouts
We are having accounts get locked out, from the logs on the DC in the security log we see event ID 4776 for these users but the source workstation is blank. on the DC we have the netlogon log and I can...
View ArticleDFSR SYSVOL folder not replicating
Hello all,I have inherited a Server 2012 Essentials environment at a customer's, and I am currently trying to migrate to Server 2019 Standard. From all I read it should be a normal procedure except for...
View ArticleNeed to purchase Exchange Server CAL if AD CAL exist
HiI have Windows Server with 50 user CALS and want now to add an Exchange Server 2016 to the same domain. Do I need also to buy 50 Exchange Server CALs?Does not the 50 CALs for the AD Server be enough?
View ArticleCan we use 2FA(two form authentication) on Windows server active directory?
Can we use 2FA(two form authentication) on Windows server active directory?
View ArticleDomain Join with RODC in DMZ
Hi All, We are planning to create one way trust and putting RODC in Trusting forest DMZ. All the AD firewall ports are going to open. I can add users to the RWDC and add to the PRP Allow group for...
View ArticleLDAP Channel Binding and Signing issue
I am having issues with Macs connecting to the domain and I just want to understand what the error message means. The following client performed a SASL (Negotiate/Kerberos/NTLM/Digest) LDAP bind...
View ArticleEvent ID for Changes to AD User "Job Title" and "Manager" in Organization Tab
Hello, I am trying to monitor changes to AD users, but I can't seem to find the event ID that generates when a change to User's job title/manager is made. If anyone knows which event ID monitors this,...
View ArticleGpupdate Error
Hi,I am getting the below error when entering GPupdate in server 2012. How to address the below issue.provide me the step by step troubleshooting. Computer policy could not be updated successfully. The...
View Article