Multiple Computers receive Access Denied at logon. User credentials are...
Windows 7 Pro 64 bit computer working normally or recently rebooted. User tries to logon and the access denied message displays. I try to logon with local admin account and get the same error....
View ArticleActive Directory connection error Windows Server 2012 R2
Hello,This is my issue, I have two servers both running Windows Server 2012 R2 Datacenter I have setup AD-DS on one of them and let the setup configure the DNS settings, this server also has a DHCP...
View ArticleCan anyone confirm?
Windows Server 2008 R2 forest functional level We have several Windows 2008 R2 writable domain controllers and one windows 2008 R2 RDOC located in DMZ. We set up two-way forest trusts with other...
View ArticlePlan to Migrate Active Directory From 2008 to 2012
Dears,We have plan to migrate our active directory 2008 to AD 2012, so we have some applications are running in our system, how can I know the applications are compatible with new AD, how do I import...
View ArticleWhy is LastLogin attribute replicating on Windows Server 2012 R2?
Hi all,I have the following setup. Two DCs (dc1 and dc2), and two Federation Servers (fd1, fd2), AD FS v3, joined to the domain created by dc1 and dc2. All machines are running Windows Server 2012...
View ArticleKerberos Armoring as it relates to authentication
I am trying to better understand Kerberos Armoring as it relates to authentication.Is it correct to say that, during the KRB_AS_REQ, the client’s authenticator is encrypted using the logon user’s...
View ArticleCan't login with alternate UPN suffix
I'm trying to add the ability to login using username@public-domain.com instead of just the username@internal-domain.local to assist in our migration to Office 365 so everyone is using the same login...
View ArticleKCC cannot compute a replication Path
My directory has one domain set-up with multiple sites 5 RWDCs in Default-First-Site-Name 2 RWDCs at the other end of a VPN tunnel (HMDC1 lives in site HMDC01, HMDC02 lives in site HMDC02). Â 15 RODCs...
View ArticleIs it Recommended to Use Hyper-V Snapshots for DCs, 2012 R2 is the guest and...
Dears,Hope everybody is fine today.I am little confused about using the new feature of VM GID on my DCs, my question is:I have 2 DCs (PDC/ADC) both are virtualized, VMs and host are using 2012 R2, is...
View ArticleRemove a domain controller when dcpromo bombs
i'm trying to demote one server in a two server setup i start dcpromo , it gets part way through and then bombs with an "Access is denied" error which is b~@:!hit. Ive tied this 2 or 3 times with known...
View ArticleFSMO Roles seize
Hi,I have 2 DC's one PDC holding all fsmo roles another is ADC, due to hard disk raid failure my PDC is crashed and i have don't have any backup to recover that.So i tried to seize the roles to my ADC...
View ArticleRestrict inter-forest NTLM authentication to specific Domain Controllers
Hello there, I operate a hosted application in our data centre that uses NLTM (no Kerberos support in this scenario for various reasons I won't go into). To enable SSO, we are looking to allow certain...
View ArticleActive directory site and services
Why would an organization choose to implement additional sites?
View ArticleClik here to view.
Kerberos Constrained Delegation Visualized
read more here: https://jorgequestforknowledge.wordpress.com/2015/11/08/kerberos-constrained-delegation-kcd-visualized-the-easy-way/Cheers,Jorge de Almeida PintoPrincipal Consultant | MVP Directory...
View ArticleClik here to view.
Windows Server Ninjas needed! Application details within.
We need Wizards and warriors, of words and wisdom. Come forth, oh mighty techno-scribbler! Pass your knowledge to others! Show us what you know and let others learn from your journey.Soon you may...
View ArticleUpdate the validity period of a CA template programatically to avoid upcoming...
I work for a company that is currently using SHA1 to sign SSL Certs. I have a web based app which enrolls the SSL Certs to the CA server. The PKI infraestructure is supported by a different team to...
View ArticleUsing Microsoft PKI to deploy 2FA on mobile devices
Does anyone know if this is possible, to implement 2FA on mobile devices?ms
View ArticleNumber of LDAP connections on Domain Controllers
Can any one advice on how I can determine the number of LDAP connections on each DC? Whether its active connections, daily average connections etc, would like to gather that info please?ms
View ArticleRODC replication for account credentials
Is there best practices that I need to be aware of replication of credentials when having RODC in the environment? Any other recommendations when it comes to replication with RODC? I'm aware its...
View ArticleCan't install KB2896713
Hi Everyone,I'm currently troubleshooting some ADFS issues, and found that I need to install KB2896713 (as we have KB2843638 installed which is a pre-req to installing this particular hotfix/patch).URL...
View Article