How to find which *Active* users are not logged in AD for 120 days?
I want to export a listprephare using LDAP and not Powershell bat it can be bothwith all users that haven't logged in on the past 120 days and are still active (not the disabled ones)I need only their...
View ArticleLocal Security Policy cannot be contacted
Hi,We have two Windows 2012 DCs. After the primary DC went down, users were unable to login to an RDP Server and getting error message, "Local security policy cannot be contacted". Does this mean the...
View ArticleADFS
Hi All,I have been asked quite a few questions about our infrastructure and in particular ADFS (Active Directory Federation Services). I have no idea as I don't have anything to do with Federated...
View ArticleRevoke Net user command for non admin users
In my domain local users can fetch users, groups and OU information by using net user or net group commands. I want to restrict local users by accessing such information by active directory. From where...
View ArticleSysvol Authoritative Sync
Hi I have total 3 DCs in my organization. DC1 and DC2 are located on Site A where as DC3 on Site B.Now Sysvol is in inconsistent state on DC1 and DC2 but its fine on DC3.Can i do authoritative sync...
View ArticleConditional Forwarder
Hi,Do we still need to have a conditional forwarders between two domain having a forest level trust over internet connected with ipsec vpn tunnel. If not then how to configure the DNS properly to let...
View ArticleDNS replication time and check DNS
Hello, I have a software that uses DNS and reverse DNS of company domain to work properly. At the moment, in the company, there are two domain controllers. Both of them has got AD, DHCP and DNS...
View Article"whenchanged" attribute on a domain controller
Why does the domain controller change its own "whenchanged" attribute ?Are these changed periodically by the domain controller itself ?What are the causes changes in the attribute ?Recently one of our...
View ArticleActive Directory Domain services monitoring
Hello, I'm using Active Directory on Windows server 2016, other application in my company which works on linux, is connected to my DC. Sometimes this application couldn't synchronize users from my DC....
View ArticleHow to set number of group members?
Dears,We have several locations in our organization that are divided into groups at AAD.Each group has a license assigned that is automatically assigned to members of this group.I would like to limit...
View ArticleLDAP channel binding in Java, what is the eqvivalent parameter to send in...
LDAP channel binding in Java, what is the eqvivalent parameter to send in order to match the Windows server configuration?If the server is configured with 'LdapEnforceChannelBinding = 1 (When...
View ArticleChild domain NS order
HelloI've an Active Directory forest with a parent domain (example.intranet) and a child domain (labs.example.intranet). In DNS zone of example.intranet there is a zone delegation for...
View ArticleActive Directory health reports shows errors
Hi,Few weeks before we migrated our 3 DC's from 2008 R2 to 2016 currently both Forest & Domain functional lever is Windows Server 2008R2, everything seems to be fine but when generated AD Active...
View Article2012 r2 server AD users
dear all,can its possible i am able to make bulk Activer directory users (1400 users) csv format import throughwin 2012 serverany powershell or other option through
View ArticleComputer restarts A critical system process, "failed with status code...
Hello, My computer is automatically restarting, when I consulted the event viewer, the error was as follows:"A critical system process, C: \ WINDOWS \ system32 \ lsass.exe, failed with status code...
View ArticleDoes AD Server 2016 store password hashes using the NTLM algorithm, which is...
I'm unable to find any documentation confirming that Server 2016 (or 2008R2, 2012, & 2019) uses an algorithm other than MD4 (NTLM) to hash passwords stored in Active Directory. Here is an article...
View ArticleRID exhausted
Hello All,we have environment , which has only one win2012 R2 DC , now we are not able to create any user object getting below errorwindows cannot create the object xxxxx because the directory server...
View ArticleAn AD DC for the domain "osteoboon.lan" could not be contacted. (long but...
When I try to join a fully-updated Win10Pro workstation to a newly installed Windows Server 2016 Standard (hostname "wisdom") with a newly configured domain (configured according to this tutorial:...
View ArticleDefault CA certificate expiring, cannot issue past its own expiration date
Server12R2 DC with Single CA in AD that has expiration date in November, installed in 2010.Planning to run All Tasks | Renew CA Certificate to update it. no pending requests, all issued certs in all...
View Articlewindows 2019 Domain controller
Hello All,i need some advise here, we are currently have win2012 r2 dc, and planning to upgrade to win 2019 DC.Please let us know if we have to extend the schema or just get new server with 2019 OS and...
View Article