Active Directory Web Services was unable to determine if the computer is a...
Good Morning, I have a problem, where the LDAP port stops responding for a few seconds every 30 minutes.Looking at the Event Viewer, I get the following error message:"Active Directory Web Services was...
View Article"WhenChanged" Attribute timestamp updates without having made changes.
We have a windows 2012r2 based Forest root domain with four DC's.We are noticing that the "WhenChanged" attribute for many Users, even for those who are disabled users, keep updating to some latest...
View ArticleNetwork Path Cannot Be Found for Windows Server 2016
I have been through all the online help forums, videos, and other online research and I cannot seem to find a solution to my problem. I was trying to access folders located on the file share service on...
View ArticlePrevent the laptop from connecting to non domain resources when off network
We have single forest/single domain environment. We identified an issue that a domain joined laptop can connect to a home printer. We are looking for a way to prevent the laptop from connecting to non...
View ArticleGMSA login failure after reboot
We have a GMSA set up for SQL Server for an Availability Group but since a week ago we encountered an issue. Every time we reboot the server, the GMSA account will not be able to logon onto the server...
View ArticleClik here to view.
LADP with SSL authentication failed "The supplied credential is invalid",...
Hi team,I have custom OU in which users are created and using email as username. Following code is throwing invalid credentials error.Here are the queries.1) how to fix this error.2) if we need to...
View ArticleEvent 36886 Schannel
Hello,I am after a bit of advice on the warning event 36886,'No suitable default server cred exists on this system'Most articles i read say you can safely ignore this message if you don't use...
View Articlesecurity log
hello - We have a 2012 mode single domain with 50 Domain ControllersIn 1 of those sites that has a single domain controller the local IT person would like "view" access only to the domain controllers...
View ArticleLDAP Works, LDAPS doesn't, two different domains in the mix
Hi There,Please Bear with me, this issue has been dumped in my lap and it's not my usual area of expertise..Our organisation has two domains (lets say old.net and new.uk, which are in a trust together)...
View ArticleEvent ID 1302 (error 1307) DFS replication service encountered an error while...
Hello.We are at the step 0 of the migration from FRS to DFSR sysvol replication on Windows 2008R2 DC.Every time I run powershell DFSRMIG / GETMIGRATIONSTATE it says:"Unable to create DFSR Migration...
View ArticleMicrosoft Tiered Administration - "Tier 0 Replication Maintenance" Purpose
Hi, I am currently preparing to implement Microsoft's Tiered Administration model + PAWs. I have been following the documentation here:...
View Articlesysvol and netlogon report
Hi,I have 10 DC located in multiple Geographical region.I want to generate a report on sysvol and netlogon includes share and NTFS permission.This report should be based on all domain...
View ArticleNETDOM TRUST error
Hi,I am working on Active Directory Risk Assessment program one of the recommendation is "Disable cross forest TGT delegation"Here is the explanation provided by MSCross forest TGT delegation is...
View ArticleDCDiag & Repadmin Deep Dive!!
Hi Team, Could you please share any link or provide information about DCDiag & Repadmin Tool functionality and how each test works and fetches the details?
View ArticlePKI - LDAPS / KDC Certificate with Certreq private key not exportable
I try to automate cert requests for LDAPS certificate. When i request the my cert template the certificates private key is exportable. But never, when I try with certreq. This is my...
View ArticleRepromoting RODC Fails Because Previous KRBTGT_xxx Account in Recycle Bin.
So, in my environment we have a good number of Read Only domain controllers. Occasionally, i've had to demote one for various reasons. I've run into issues every time where the demotion process moves...
View ArticlePowerShell script for Event ID LDAP
Hi all,according to the upcoming changes by LDAP we have to perform some audit of the logs and find the connections and...
View ArticleClik here to view.
"Enable computer and user accounts to be trusted for delegation" rights is...
Hi all,"Enable computer and user accounts to be trusted for delegation" rights is disabled for Administrator account as shown belowdespite changing delegation option being "Trust this computer for...
View ArticleNew AD Domain Setup server 2019
Hi all,it is a long time ago that i have created a new domain.I used to create a domain with .local.but i understand thats a bad idea.i have to setup a new server 2019 in a new domain.if my top level...
View ArticleDelegate 'info' attribute for security groups
Hi,I need to delegate 'info' attribute for security groups in our Active Directory environment. Since this attribute is not available in delegate wizard, I checked dssec.dat file but it's not even...
View Article