2020 LDAP channel binding and LDAP signing configuration changes
Hello, any updates on when are LDAP channel binding and LDAP signing configuration changes are taking place. I know it was push from March 2020 to Mid 2020. but that news was back in February. anyone...
View ArticlePKI-related issue with Domain Controller and "custom" certificate
I'm honestly not sure if this is a PKI-related issue involving AD, or an AD-related issue involving PKI... But there is no PKI-specific option under "Windows Server" for this forum site.What I'm...
View ArticleDomain trust and user credentials
Hi everyone,I am looking for an theoretic answer on the next question: Imagine we have two independent domains A and B.A trusts B, there is one-way trust where A is a resource trusting domain, B is an...
View ArticleDemotion of 2016 Domain controller from Sites and Services
Hello Expters,We have multiple 2016 Domain ControllersWe have demoted one DC from GUI and it was successful , But after removal of DC , this DC still shows in Sites and Services .So , any Idea why its...
View ArticleBitlocker recovery password
I am using a cpp program to search an Active Directory using the IDirectory-Search (ref: https://docs.microsoft.com/en-us/windows/win32/adsi/searching-with-idirectorysearch). For computer objects this...
View ArticleLDAPS, channel binding and ldap signing
Forgive me, with everything going on in the world at the moment I am a bit behind the curve. I am in the process of implementing the required changes for enforced use of the new channel binding and...
View ArticleRenwing the internal CA certificat fails
Hi everyone.My internal CA certificate will expire soon (windows server 2008) and when I proceed to renewing process using the console the wizard end normally no error but when vewing the certificate...
View ArticleTemp file cab_xxxx
Dear allWe are running Domain controller on Server 2008 R2 and I am running out space on c: drive. Does anyone know what program can create files in the Windows\Temp folder that begin with cab_xxxx...
View Articleset logonserver command
guys,i my lab environment, i got 2 dc's. 1 Gui and 1 Core, both 2019, and a W10 Pro client. When the gui is down, and when i use set logonserver at the Pro, it shows me the gui serves as the...
View ArticleEvent log for first & last name changes in Active Directory
Hi Technet,Is it possible to track who has updated a users first or last name in Active Directory?It looks like event 4738 cover most user properties, but I've trawelled the internet and cannot find...
View ArticleInaccessible sysvol
Hi,We have 6 servers 2012 R2 and 1 server 2016 DC's in our domain. 2 of these are in the same subnet and the reset are in different subnets.Today find out that when create a new gpo on the PDC this gpo...
View Articlelingering objects issue in AD
Hi Team,I am facing lingering objects issue but I am unable to delete the lingering objects in the below patch .please help.Path:CN=Deleted Objects,CN=Configuration,DC=test,DC=local Source domain...
View ArticleEvent ID: 2091 FSMO
This issue came up during a dcpromo failure on a windows 2008r2 server. I know I can forcibly remove but I am trying to get to the root cause. I noticed the below event in directory services log....
View ArticleCann't find DC in my Domain created in Windows Server 2016.
I am planning a test to handle an application with a domain user under the domain environment. I don't always use "domains" in my development environment Install Windows Server 2016 on one computer We...
View ArticleFix We can’t sign you with this credential because your domain isn’t available
Good morning and afternoon, Here at my worksite, we are having trouble with Administrators being able to log into user workstations for the sake of making changes to the operating system, installing...
View ArticlePublish CA certificate to Enrollment Services manually
HiWhen you deploy a domain-joined ADCS it automatically put its certificate in the Enrollment Services container in AD to make it possible to enroll certificates from it.Now if I have another CA than...
View ArticleActive Directory ADSync error with non-existent account
Hi! This question is originally posted by me on serverfault but it seems I shouldn't wait for the response there :( I have a weird ADSync error stating that my local active directory contains two...
View ArticlePreventing multiple logins using the same credentials at the same time
Hi Everyone,I have been tasked with trying to implement a GPO (if it exists), to prevent a user from logging in to multiple PC's at the same time using the same credentials. From my research, thus far,...
View Articleldap certiciate question
Hi,So I heard there is one-way and two-way ssl certificate for ldap. When you request for certificate do you need some special parameters for this or the oneway twoway function is more of how the ldap...
View ArticleAD Authentication Policies and Organizational Unit claims
I'm looking into the possibility of using an Organizational Unit claim in an authentication policy, which will require computer objects to be within a specific OU structure for the assigned user to be...
View Article