Loopback GPO
HiIn my environment, there is an OU. This has 8 GPO applied with different user and computer configurations.One of it is Loopback GPO as well. In loopback GPO replace mode is enabled but in user...
View ArticleIDP Initiated Sign-on to SAML SP using SAML IDP
Can anyone out there assist with how to formulate the URL for the IDP initiated sign on when using a SAML IDP and a SAML SP?My Setup (sanitized for this forum): ADFS - corporate.adfs.com Claims...
View ArticleDomain controller users and computer OU delegation
Hi Is it possible to setup AD users and computers in a way in which users can ONLY modify the computer OU? How do I set this up?We are setting up a new platform. The platform is setup with a backup...
View ArticleKerberos Delegation across forest trust - Server 2008 R2 Forest Functional Level
I am working with the following scenario - cross forest dual hop Kerberos authentication to SQL SSRS. There is a two-way forest trust between forests. User in Forest A is logging in to computer in...
View ArticleReplication of updated .admx files in PolicyDefintions
Hi all,We're updating the .admx and .adml files within our PolicyDefinitions folder in SYSVOL for Windows Server 2012R2 and Windows 10. What we've noticed is that whilst new .admx / .adml files...
View ArticleWill Password reset increase the count of passwords remembered?
A couple of questions.If Admin resets a password in AD, will that password increase the count of passwords remembered?Password History is set to 3. current password -Hello.user changes the password-...
View ArticleNeed to create the Active directory user without password in 2008 R2 server
HI All,My requirement is i want the Active directory user without password in the server.Using this user i want to login in my system.So could you please help how to create the user without password in...
View ArticleClik here to view.
Domain Access between trust
HI All, We have a HQ in US and Domain name is us.domain.com. They have few Child Domains. Parent Domain: us.domain.com Child domains: contract1.us.domain.com...
View Articleabout Client Network Connectivity Assistant Unable to start
Hi Expert, Does theClientNetworkConnectivityAssistanthow tostart?
View ArticleADFS 2.0 Server Health Checking:
I have two ADFS servers running on windows 2008 R2 utilizing NetScaler. My goal is to monitor the servers via NetScaler to failover for high availability. Does anyone know how to configure NetScaler...
View ArticleHome Folder on user's AD account
I'm running into a problem where new users home folders are not being created automatically. I've verified that permissions are set properly on the share and folder (see:...
View Articleadprep.exe is not a valid win32 application windows server 2003 SP2
HiI am migrating the active directory from windows server 2003 to windows server 2012.When I run the command "ADPREP.EXE /FORESTPREP" then I am getting the error "adprep.exe is not a valid win32...
View ArticlePass custom parameter from active directory (2003, 2008, 2012) to MSI
how to Pass custom parameter from active directory (2003, 2008, 2012) to MSI.If yes, Please send the steps to pass parameter.
View ArticleSite assignment for Group Policy for Direct Access site with no Domain...
Some help with understanding what's going on required.I've setup a new AD Site for our Direct Access clients (Windows 8.1). The subnets are defined correctly. However, I've not assigned any specific...
View ArticleClik here to view.
Direct Access not working DNS error
Hi, this is a new install. I have IPV6 enabled on all servers and workstations. I do not use DHCP scope for servers network. I guess I get IPV6 ip's global ?? this is the problem I get, This is the...
View ArticleAzure AAD Connect Sync Error - The object located by DN is a phantom.
Hi there,I ran into an issue where I needed to disable then enable directory sync on my 365 tenancy. I ended up reinstalled AAD Connect on my DC.Now I get this error for 5 users: The object located by...
View ArticleActive directory not replicating after full server restore
Hello everyone!To give you guys a general idea, this was what has happened: I have 2 DCs on server 2008 R2 running Active Directory. DC1 is my primary domain controller witch holds all the FSMO roles....
View Articlekerberos golden ticket attack solution
Dear,we are working in multiple domain in a forest environment. Recently we are attacked by Golden ticket Kerberos weakness. I have searched a lot but no proper mechanism is available except reset of...
View ArticleEvent ID 12294 - SAM database was unable to lockout account
Dear All,in our organization, we prepared a DC added to existing single-domain as Secondary DC. when i run dcdiag, it gives me below two failures.Starting test: DFSREventThere are warning or error...
View ArticlePowershell Command to Disable user account older then 90 days
Hello Guys,Just wanted to know is it possible to disabled the user account older then 90 days but skip those users who's passwordnever expired is set. DONT_EXPIRE_PASSWORD0x1000065536I am using below...
View Article