ADFS 3.0 - sso problems with internet explorer and web application proxy
Hi, we´re implementing an adfs 3.0 based infrastructure combined with web application proxy for single sign on scenarios. Actually, we´ve published 3 web applications: The first application is a kind...
View ArticleAD Web Service Error 1202
We are seeing this error every 1 minute on two Windows Server 2008 R2 domain controllers that were recently installed at a remote site:Source: ADWSError: 1202This computer is now hosting the specified...
View ArticleLDAP request view attribut
Hi all,I try to do in a unique LDAP request to list a specific attribut of a userWith the following request I find john-smith (&(objectClass=*)(name=johnsmith))How to view directly the property...
View ArticleCannot Add/Remove users from unix tab in ADUC due to NIS domain
Recently I noted that one of our universal security groups will no longer allow me to add or remove users from it's unix tab. The error I receive when attempting to do this is:"All the member(s) of...
View Articlecan´t joint windows 7 to 2008r domain
Dear ExpertsI´m getting crazy with this PC, i can´t joint it to the domain can someone help me please? I´m getting this error here: Note: This information is intended for a network administrator. If...
View ArticleActive Directory domain PCs use wrong username format to reauthenticate to...
Hello all,I'm currently trying to implement 802.1x authentication in our network. For users on the domain, we are planning to use single sign-on. Currently users log into workstations using their upn...
View ArticleAD Built-In groups that should be avoided as best practice
I am on a 2008r2 domain. I spoke to a security engineer from Microsoft a few years ago. He mentioned some known issues that can occur from using some of the built-in security groups like Account...
View ArticleUNC across domains; Access Denied
Trying to UNC to the administrative share on a server from one stand-alone domain to another. It prompts for credentials and I've tried various admin accounts from the target domain, but the result is...
View ArticleTimeSync MaxPollInterval and MinPollInterval
From my understanding for domain joined clients, the minpollinterval and maxpollinterval values determine the window where the client polls the DCs for time check. The default values...
View ArticleSetup ADFS with Reduandancy
Hi All, We required 300 user helpdesk to access Web App from different organization (government) So they ask us to setup our environment with ADFS.We are running windows 2008 r2 DC's with Windows 2003...
View ArticleWhy domain functional level should be greater than or equal to forest FL?
We know that domain functional level must be greater than or equal to forest functional level. Why is that so?My perspective is if we set FFL to windows server 2008 r2 and DFL to windows 2003, active...
View ArticleServer 2012 not visable in AD after IP change
Running a single server 2012 in this environment so it hosts everything such as AD, DHCP, DNS etc.I changed the network IP scope due to VPN issues for users who connect from home networks using the...
View ArticleGet LDAP (389) to reply in TCP and not UDP
Setting up RDS based on Windows 2012 in a forrest trust environment I've run into a curious problem. When connecting, the domain added client, will try to contact, not his local DC, but the trusted DC...
View ArticleMember servers "talking" to DC's outside their site
I have a 2008 R2 domain with 4 different sites. I have site links setup so that Sites and Site Links replicate like:1 <--SLa--> 2 <--SLb--> 3 <--SLc--> 4I have member servers in...
View ArticlePfirewall.log file not updating
Hi,I configured Windows Firewall to allow logging in my DC Firewall GPO. settings areLog dropped Packets -enabledLog successfull connections -enabledLog file path and...
View ArticleWindows 2000
Hello,How to migrate windows 2000 domain controller with windows 2008 r2 with same hostname and IP address.Regards,J
View ArticleADFS 3.0 - Not all UPN's gets authenticated.
Hi, We have set ADFS 3.0 with wildcard cert *.domain.com and when browsing to https://sts.domain.com/adfs/ls/idpinitiatedsignon only users with UPN that ends with @domain.com gets authenticated. Users...
View Articlecan anyone help on this?
Hi,We have one forest and one domain with mixed Windows 2003 and Windows 2008 R2 domain controllers. We have one main (corp) site with several branches sites. (like hub and spoke). If I run repadmin...
View ArticleADFS SSO between Resource Partners, clarification required.
Thank you for taking the team to consider my question. I sincerely appreciate your time.I need a clarification (or a link to an explanation) regarding SSO between two resource partners that are members...
View ArticleADFS Windows 2.0 Service stops and gives users an error when logging in to O365
We have a Hybrid Deployment. Existing Exchange 2007 Environment (on-prem) An Exchange 2013 Hybrid (on-prem) O365 Tenant to which we are migrating mailboxes. Users authenticate via ADFS hosted in...
View Article
