Security-Kerberos Event ID 9 - Smart Card not working for Login due to CRL...
We have 8 computers that users were able to login with a Smart Card on one day. The next day they couldn't. Everyone else can login with a Smart Card without issue. These users can login with their...
View Articleuser account is removed from a Active directory security group (server 2008...
Hello !i add many times a user in a AD security group, but the user is removed automatically after a day. What i don't understand is that other users have been added to the same group but they are...
View ArticleMSA Account Naming Rules?
Hi, this is originally from https://social.msdn.microsoft.com/Forums/sqlserver/en-US/f15bd9f3-2e14-42e1-a6d0-576f7dd74ded/msa-account-naming-rules?forum=sqlsetupandupgrade. Does anybody know of any...
View ArticleSlow Logons from branch office
We just moved an office of ours in a branch office to another building. The office is in Miami and is normally connected to our Tampa main office via an MPLS connection. The connectivity to our Tampa...
View ArticleADFS 2012 R2 + DirectAccess + Office 365 = Display 2 certificates and...
I'll describe the situation and hope someone can point me in the right direction.We have enabled ADFS sign on for office 365. We have several laptop users who connect from all over the place and...
View ArticleLSASRV - SPNEGO (Negotiator) - 40960
We have established a relationship of trust between a Windows 2012 domain and another Windows 2003. In Windows 2003 DC I have published this error. As I can fix?The Security System detected an...
View ArticleChanging IP of domain Controller (Server 2008)?
I'm considering changing the IP on a 2008 Domain Controller. Server is also running DNS, anything that I should be aware of to look out for?
View ArticleNewbie questions about ADDS
It has always been my impression that with ADDS you are able to really lock down systems and permissions much more than with standard users vs administrator.Is that true, or can you get the same...
View ArticleSYSVOL folder is not syncronizing on ADC on windows 2003
SYSVOL folder is not syncronizing on ADC on windows 2003 I have created ADC in windows 2003 invironment but there is no item in sysvol folder. getting below mentioned warning on DC The attempt to...
View ArticlePromote a Win2k12R2 as a New Child Domain of Existing Forest
We already have a setup of Win2012 R2 Servers but as soon as we promoting a new Win Server 2012 R2 as a New Child Domain in existing Forest (i.e.xyz.abc.com), The Promotion completed successfully but...
View ArticleUser account lockout after password change for users with access to multiple...
We have a situation where a user is forced to change their password after it expires. They change it successfully on their laptop, but they also have previously logged into another laptop in the...
View ArticleProblem Registering Workstation
Hi, we have two forest. Forest A (windows 2003) contains the dhcp server Forest B(windows 2008r2) use dhcp server of forest A the two forest have bidirectional trust relationship in place when I move...
View ArticleAD CS - Import certificates to new user laptops
Hello,We have a AD CS server. When users changes laptop - or use multiple laptops -, is there a procedure to import user certificates to new laptops, whitout manual export/import?Thank you
View ArticleADWS Broken after in-place upgrade from Server 2008 R2 to Server 2012 R2
I performed an in-place upgrade from 64-bit Server 2008 R2 to Server 2012 R2. This machine ran Active Directory Web Services. After the upgrade ADWS will not start. I get the following event log...
View ArticlePassword Never Expires- Check Box Rights Delegation
Greetings my fellow IT comrades,I have a peculiar problem with an OU in assigning rights to a group or individual to be able to check the "Password Never Expires" checkbox. The OU has any GPOs blocked...
View ArticleActive directory internet web authentication
hi,i need for an internet web page authentication from active directoryhow can obtain thisthanks
View ArticleDomain Controller Disk Partition Best Practices
I'm hoping someone can sanity check my plan for a new AD DS install.I'm building the first 2008 DC for a non-profit. Max users are estimated to be 100, with about 40 to 50 for starters. The server...
View ArticleProcedure to shutdown and reboot Root Domain Controller in downtime maintenance
Hi All,We have a single domain in a forest in data center and ADC in remote branches.Root domain controller and ADC having OS Windows Server 2008 R2 Enterprise Edition.The root DC has all 5 FSMO roles....
View ArticleAD Replication error 5: Access is denied or 2146893022: target principal name...
Hello,I have DC1(fsmo role holder) and DC2 which were replicating. I ran windows update on DC1 and rebooted which it had not done in months. When it came back up I could run repadmin /showrepl...
View ArticleI've got alot of gpos..
Greetings and salutations. I, have a problem. I've been tasked with going through and cleaning out/ validating/ gathering info on settings/ nixing any duplicated policies when it comes to the gpos...
View Article