Active Directory
How to check password policy and account lockout policy setting by running rsop.msc in client computer. I have ran this command on my domain member client machines but its not showing any...
View ArticleActive directory not replicating after full server restore
Hello everyone!To give you guys a general idea, this was what has happened: I have 2 DCs on server 2008 R2 running Active Directory. DC1 is my primary domain controller witch holds all the FSMO roles....
View Articlerelationship between SPN notation and suffix routing
Hi all,Is there any relation between a FQDN that is used in a SPN and suffix routing that might be configured between two forests with the using the same 'domain' suffix as was used in the FQDN on the...
View ArticleReplication Event ID
Hi,i wanted to check Active Directory replication. successful and fail event logs in 2008 .
View Articlebest solution for authentication in dmz ? RODC or ADLDS
best solution for authentication in dmz ? RODC or ADLDS
View ArticlePermissions for a dedicated user to join computers to a specific OU in domain
Hi all,I need a dedicated user, who has permissions to join a computer to a specific OU in the domain. I am trying to join a Linux Computer to the domain with realm. (see here chapter 3.3.2. Joining an...
View ArticleOutlook Address book issue
Hi, I need your help in order to resolve one of issue related to Outlook ( I assume) I made the changes in designation of a user in AD but it did not replicate in Outlook. Now I noticed whatever...
View ArticleSend conditional claims using custom rule
We're in a bit a pickle here.We've set up a relying trust party for a third-party application, that requires the following claims rules:SAM-Account-Name -> Given Name (this will be used for the...
View ArticleDelegation for rebooting Domain Controller
Hello All,We have total 8 Domain, it almost contains approx. 150 Domain ControllersFor our Monitoring team, we want to provide a rights to reboot a Domain Controller after the monthly patches.I tried...
View Articleglobalname zone
is there globalname zone in 2012 AD? I see it just in 2008 on WEB.I have heard that there is some full WINS replacement feature in 2012R2?Is it true?What is it?Thx.--- When you hit a wrong note its the...
View Articleuser account getting locked out frequently in 2008R2 AD environment
One of the user account getting locked out frequently in 2008R2 AD environment. I have checked the event log 4740 in PDC emulator server shows caller machine as share path \\10.1.7.18010.1.7.180 is xen...
View ArticleActive Directory troubleshooting training
Hi all,I would like to understand how Active Directory works under the hood. I've checked some labs/videos on MVA and those were quite good, but I would like to see the full picture, including the best...
View ArticleLost contact with PDC
I have a domain my.domain.com in forest domain.com, that had a bad incident. The PDCE died, and so the role went to another DC, one that was behind a firewall from one of my remote DCs...
View Article"Microsoft network server: Server SPN target name validation level" Making it...
My company's Min Sec Baseline requires this setting at '1' ". . . The SMB server will accept and validate the SPN provided by the SMB client and allow a session to be established if it matches the SMB...
View ArticleUsers on child domain cannot login when connection drop
HiWe have a situation in our network. An IT Guy that not available either configured a child domain for one our office that this office have unstable connection over a PtP wireless link.Now , when the...
View ArticleAD Forest Trust
Hello Experts, I am creating a forest trust between two different domains abc.com and xyz.com, now I need to know is it possible to make an account in the xyz.com that has only the rights to create a...
View ArticleForce Replication on all Domain Controllers in the same site
Greetings allI want a command-line which enables me to force all DCs in the same Active Directory Site or Forest to replicate all possible Naming Contexts with there replication partners any...
View ArticleGroup Policy Security
HiI have domain controller and many client join to the domain win xp or vista and 7 and 8 ,10 so i need more security on the clients like when users login from any client join to the domain can't see...
View ArticleSID is not getting migrate during user migration with ADMT tool
Hi TeamPlease help me on below:Scenario as below :We have 2 different forest with two-way forest trust.Also setup a ADMT server on member server of the target domain. While migrating user account from...
View ArticlePassword Sync issue
HI all,Recently couple users after changing the password , found that the password is not syncing with all the application, So we logged into the DC and checked and it was working fine, the next level...
View Article