Best practice for this scenario - Windows server 2008 R2 Standard
Hello,We have still a one DC running on Windows Server 2008 R2 Standard version 6.1. Since we already own Windows Data Center 2016 with SA we are planning to upgrade the DC and setting up a second DC...
View ArticleKerberos and MIM
HiI am trying to make everything authenticate with AES256 in our domain(s)However, one service account(used with MIM) still authenticates with RC4. The traffic is between two domains. Other traffic...
View ArticleLsass.exe crash during IADsUser->ChangePassword() (faulty module: msv1_0.DLL)
Hai,When I try to change a network user's password using ADSI's IADsUser->ChangePassword(), the server machine where my application is running is getting rebooted.Error code during...
View ArticleClik here to view.
LDAP issue after hardening both Domain Controllers
Hi team,Recently I had been asked to apply some GPOs to both Domain Controllers in order to improve security. I applied them and after restarting both Domain Controllers the LDAP protocol stopped...
View ArticleUnable to modify the wellKnownObjects attribute when changing default...
Hello, I'm preparing for the 70-640 exam. In attempting to redirect the default domain computer OU, I entered the command redircmp "CN=CLIENTS,DC=contoso,CD=com". I get the error -unable to modify...
View ArticleUpgrade Domain Controller
Hi!What is the simplest way to upgrade a Microsoft Domain Controller from 2008R2 to 2019 version?Should I migrate from version to version (ex: from 2008 to 2012, then from 2012 to 2016 and so on) or...
View ArticleKerberos Pre-Authentication Failed ID 4771 (code: 0xE)
Hello,I would like to seek assistance on how to track the service or application that is causing this event failed. I am seeing a lot of this error from multiple machines so I am expecting all are...
View ArticleDuplicate Computer objects created automatically
Hi team,Created a computer object in SQL OU of a particular domain , but after joining the windows 2016 to the domain , I am seeing 2 computer objects for the same server in Computers OU and one in...
View ArticleThe server with this IP address is not authoritative for the required zone?
Hi team, I created two Forest with 1 DC in both. Checked Reverse Lookup zone is created. The issue I'm facing is with conditional Forwarders which is on entering the IP address, I'm getting "The server...
View ArticleI am using ADFS 3.0 with WID database and i want to know backup and restore...
Hi Support,I am using ADFS 3.0 with WID database and now i want to plan to move ADFS on new hardware.Can you share the best option and help me to share the backup and restore process.
View ArticleHA of DC
Good morning,I have two machines that I plan to put in a Hyper-V cluster. Since it is a small lab environment, one of the machines hosts a virtualised domian controller (the only one).Is it feasible to...
View Article20 Thousand Logon Audit Failures on a 6 User Network - All coming from...
Yep. It is making me nuts. And no matter which anti-malware solution I try to use, I can find nothing. I have login audit failures for user A coming from workstation C and user C coming from...
View ArticleUnable to connect to domain
I just recently created a AD DS and I can't seam to join from another computer on my network. I believe it to be a dns issue because im not able to ping the domain But I can't seam to figure out what...
View ArticleClik here to view.
migrating sbs 2011 fsmo roles to new win2019 server
hello,Little help. New Windows 2019 server, old SBS 2011. Joined domain, started the process to complete domain setup, raised level from 2003 to 2008. Both servers are now DCs but the 2019 Server...
View ArticleMultiple CAs - Autoenrollment on network level
Hi,we have multiple CAs in various sites. If a client or user requests a certificate, which CA will be addressed first? Which aspects is it dependent on or how can it be controlled which CA is used for...
View ArticleEvent ID 1005 - ADWS on domain controller 2016.
Hi, I am getting Event ID 1005 - ADWS on domain controller 2016. Detail :Active Directory Web Services could not change its advertising state. The Netlogon service might not be running. Restart...
View ArticleNETDOM TRUST error
Hi,I am working on Active Directory Risk Assessment program one of the recommendation is "Disable cross forest TGT delegation"Here is the explanation provided by MSCross forest TGT delegation is...
View Articlesysvol and netlogon report
Hi,I have 10 DC located in multiple Geographical region.I want to generate a report on sysvol and netlogon includes share and NTFS permission.This report should be based on all domain...
View ArticleLastLogonTimeStamp and PingFederate SSO
There is so much information on Lastlogontimestamp but I still cannot find a definitive answer to this.We have PingFederate SSO running to authenticate users. Ping is configured to authenticate with...
View ArticlePrevent the laptop from connecting to non domain resources when off network
We have single forest/single domain environment. We identified an issue that a domain joined laptop can connect to a home printer. We are looking for a way to prevent the laptop from connecting to non...
View Article