Password settings container in AD deleted
In ADSI-Edit we can't see the CN=Password Settings Container anymore. So we can't create Fine-Grained Password Policies in AD. Is there a way how to rebuild/restore the Password Settings Container?
View ArticleClik here to view.
"Enable computer and user accounts to be trusted for delegation" rights is...
Hi all,"Enable computer and user accounts to be trusted for delegation" rights is disabled for Administrator account as shown belowdespite changing delegation option being "Trust this computer for...
View ArticleHow can I display active directory attribute msDS-GroupMSAMembership value on...
I have set the value -PrincipalsAllowedToRetrieveManagedPassword which indirectly updates the attribute 'msDS-GroupMSAMembership' on Active Directory and its Syntax is "NT Security Descriptor",Now I...
View ArticleCan I create an LDAP query against AD, that means SamAccountName must be at...
HelloCan someone please help me with a question, I want to use an LDAP filter (I do not want to use PowerShell cmdlet)if I have two users whose SamAccountName are Fred another user AnthonyI know I can...
View ArticleGMSA login failure after reboot
We have a GMSA set up for SQL Server for an Availability Group but since a week ago we encountered an issue. Every time we reboot the server, the GMSA account will not be able to logon onto the server...
View ArticlePrevent the laptop from connecting to non domain resources when off network
We have single forest/single domain environment. We identified an issue that a domain joined laptop can connect to a home printer. We are looking for a way to prevent the laptop from connecting to non...
View ArticleActive Directory domaine Services error message
Hi ,I am facing problem with my DC (Windows server 2019) , i get error message when i launch active directory users and computer :error message :naming information cannot be located because library not...
View ArticleTwo DC, DC2 doesnt work after turn of DC01
Hello GuysI need some help, This is my situation I had DC00 running Windows Server 2008 r2, But we decide to move to Windows 2012 Standard. I use a virtual machine (win2012) to set a simulation moved...
View ArticleConvert a Global group to Local
Hi,I'm unable to convert a global group to local?Should I create new group?
View Article"WhenChanged" Attribute timestamp updates without having made changes.
We have a windows 2012r2 based Forest root domain with four DC's.We are noticing that the "WhenChanged" attribute for many Users, even for those who are disabled users, keep updating to some latest...
View ArticleIssue adding relying party - An error occured during and attempt to read the...
Hi,I followed this guide to set up an ADFS 2.0 lab environment. The only difference that I have is that I did not set up the ADFS server and the WIF application to be on the same box but rather on 2...
View ArticleNetwork Path Cannot Be Found for Windows Server 2016
I have been through all the online help forums, videos, and other online research and I cannot seem to find a solution to my problem. I was trying to access folders located on the file share service on...
View ArticleI want to local user(previous) Profile will have in active directory user
Dear Team,I joined one user in Active directory, but i want to take previous profile tools (example: mail, software, other short Cut tools in previous profile) to Active directory user, how can the...
View ArticleEvent ID 1005 - ADWS on domain controller 2016.
Hi, I am getting Event ID 1005 - ADWS on domain controller 2016. Detail :Active Directory Web Services could not change its advertising state. The Netlogon service might not be running. Restart...
View ArticleNewest LastLogon date is very different than LastLogonDate
I'm working on collecting user logon data for audit and governance purposes. We want to disable accounts after a certain amount of inactivity. Previously we had been using LastLogonDate but I know that...
View ArticleMultiple CAs - Autoenrollment on network level
Hi,we have multiple CAs in various sites. If a client or user requests a certificate, which CA will be addressed first? Which aspects is it dependent on or how can it be controlled which CA is used for...
View ArticleSingle Forest ,& SIngle Domain VS Multiple Forest with Multiple Trees and Domain
Dear Experts , We are working with customer having 6 entities with 6 Separate Domain ,Recently the customer is planning to use Azure Active Directory and Move to Cloud , and start using Office 365...
View ArticleNew AD Domain Setup server 2019
Hi all,it is a long ago i created a new domain.I used to create a domain with .local.but i understand thats i bad idea.i have to setup a new server 2019 in a new domain.if my top level is for example :...
View ArticleDCDiag & Repadmin Deep Dive!!
Hi Team, Could you please share any link or provide information about DCDiag & Repadmin Tool functionality and how each test works and fetches the details?
View ArticleFinding the source of repeated AD account lockouts
Hello,On a Windows Server 2008 R2 domain, I have turned on auditing to try and determine the source that keeps locking out an admin account every 30 minutes or so. Looking at the security event log on...
View Article