Delete AD Computer Accounts that are inactive for 30 days
Greetings,Could you please tell me how to disable inactive AD Computer accounts more than 30 days of inactivity.I have used the following command to locate unused computers objects in the last 4...
View ArticleReset Logoncount in AD
Hello,Is it possible to set the "logoncount" parameter for the computers to 0 ? (Powershell ?)I want to do this to have a "fresh" look at the use of our PC's.Thanks,Sven
View ArticleADFS Windows Authentication inserting ADFS server hostname as domain name in...
Hi All,I just setup ADFS on 2012 for SAML2. Unfortunately this was shoved Production by the departmemt we set this up for without enough testing. We are having an issue I was hoping that you could shed...
View ArticleNew domain new subnet problem
We were trying to add a new domain tree to our forest/domain with windows 2012 r2 but the promotion of the new domain controller for the new domain tree failed. Everything goes well until the final...
View Articleshould I concern these old 13508 logs?
We have several different sites with mixed windows 2003 & windows 2008 DCs. Some DCs get event 13508 but no event 13509 almost one month ago. Now, no event 13508 on the current log (after...
View ArticleMigrating SID history WITHOUT migrating user
We have 2 single-domain forests with a 2-way forest trust. We have identical user accounts in both domains. Is it possible to migrate just the SID history from one domain to the identical username in...
View ArticleInfrastructure Master FSMO on a server which is also a GC
Hi All,Recently, one of our admins created a new child domain. The domain is spread across 3 sites, and there are 3 DCs' on each site and every DC is a GC server. I have now taken over the...
View ArticleLinux
Windows 2008 R2 Domain Controller with Certificate AuthorityWe have a linux box on our domain that needs a PKCS#7 certificate.Everything works great for all other certs on our Windows system I just...
View ArticleLocal ADUC Security mismatch
Hoping someone may have a suggestion to point me at.Our AD is 2008 R2:Scenario: Go to the OU and open up properties on a user account. Select the Security tab - then click Advanced. Select the...
View ArticleCopy / Backup Users data file to another location / network location within...
I have network envirenment with Window Server 2008 R2 with about 50 Windows XP clients. I want to schedule copy / backup of specific user (working in my network, apart of those have left but their...
View Articleactive directory subnets
hi,we have multiple sites and subnets on different vlans. most active directory sites and services have two domain controllers.we have had a few projects come up where we have had to create a couple...
View ArticleDCDIag Assistance
Hi, im getting a lot of best practise analyser errors and warnings etc. I had an old lab DC that I demoted and joined to a new 2012 DC as a secondary DC.I have numerous errors and dns just doesn't...
View ArticleADFS compatibility with SSL Offloading
Hi Allwe are going to Implement the ADFS 3.0 in Farm with Hardware load balancer, we have query that is ADFS support the SSL Offloading.Thanks in AdvanceJP
View ArticleQuestion on Active Directory Account Policy "Password Never Expires"
Hi everyone,I have been asked by my lead to do an analysis on the user account attribute "Password Never expires".Here's the situation:Our current domain account/password policy is set to 6 chars and...
View ArticleWhen does a DC advertise itself after promotion?
When does a DC advertise itself after promotion?
View Articlenot replicate anymore?
Hi all,Mixed Windows 2003 DCs and Windows 2008 DCs We have 7 different sites We have one DC gets journal wrap error and use burflags to fix it Now, if I drop one txt file in the netlogon folder on one...
View ArticleADMT 3.2 - Can it migrate Server 2012 servers?
Looking to do an interforest migration. Current DC's are Server 2003. Moving to new domain and forest which will have Server 2012 eventually. Going to install ADMT 3.2 on Server 2008 R2, setup Server...
View ArticleStale host names still being reported from active directory
I am installing Symantec endpoint protection client software & the deployment wizard displays the computers on the network I can authenticate to & push the software to. this is my problem let...
View ArticleProtect password hash when delegating user management rights.
We want to implement a user management policy that protects the password hashes of active directory user accounts. As such we want to grant our account administrators rights to those OUs that they...
View Article
