Clik here to view.
Forwarding AD Security Log
HI ,I am puzzled right not . All i need to do is to forward my Security log from my two DC's bu the issue I am running into is as follows 1.Created a subscription on my local PC but it does not show...
View ArticleHow to access Certificate Authority on Windows Server 2012 R2
Hi Experts,I add a AD Certificate Services roles on the Windows Server 2012 R2 for me to authorize a request and generate certificate using Microsoft CA. I successfully add the AD Certificate Services...
View ArticleDomain users unable to change passwords after April 2016 security updates
Hi Everyone,Wondering if anyone else has run into this issue - I really can't find much out there of substance on this so far:Our users have started to report problems changing their domain passwords...
View ArticleUsers not able to login on via local domain controller
Hello Experts,We have 4 sites on which we have local domain controllers , yesterday on one site the link broken and head office & branch site disconnected so as link goes down the connectivity...
View ArticleClik here to view.
Remove unwanted strings from Input file
Hi Experts, I have pulled all disabled users properties into text pad called "DisabledUsers.txt". Now I want to exclude users from specific OU's called "Collaboration accounts', Security Principles,...
View Articlenetdom join fails for Window 8 machines with access denied
Hi,I am getting an "access denied" when joining Windows 8 machines remotely into a AD domain with the following command:netdom join /domain:<fqdn>\<pdc><machine name>...
View Articleconnecting two different domains
I have two domain networks : suppose abc.com and xyz.com. connectivity is done... how can i integrate both networks so that users of both domains can access each other and use resources as well..what...
View ArticleEditing group policy for a group in active directory
Hello, I have a domain where I have active directory with 6 normal users and 2 administrators. I created a new group "Limited" and added 4 of the 6 users to it. Now I need to set group policy to...
View Articlemoving workstation with in 2 different ou
hi can some one please help me i can move a workstation from one OU call non members to members , but when i need to move it back to non members , i keep getting this error " windows cannot move...
View ArticleDoes the value of dscorepropagationdata in AD mean it has communicated with...
I just need to know if the date value of dscorepropagationdata in AD means that it has in fact communicated with the DC is some way? Apparently one of my systems was stolen on a date before this...
View Articleldap user name field for windows authenticaton in IIS
Hi,I do to query which user name field does IIS windows authentication use to authenticate the user.I know that it uses NTLM and Keberbos for authentication, but which field in the ldap did either of...
View ArticleWhat about Kerberos DES encryption in 2003/2008R2 environment
Hello,I have two DCs : one 2003 and one 2008 R2.I have one application which authentifies against AD with Kerberos with 3DES encryption. In 2008R2, I note DES/3DES is not activated by default in...
View ArticleSet PasswordChanged Flag possible?
I am trying to synchronize password information to FreeIPA directory server which utilizes Passsync utility.The passsync service is triggered where there is a password change on the account and sends...
View ArticleAD Schema - createTimeStamp and modifyTimeStamp not visible
Hey Everyone,I have an AD LDS instance and have imported the necessary schema to it. My problem is that though I can see that both the attributes - createTimeStamp and modifyTimeStamp are among the...
View ArticleManaged Service Accounts and NTLM
Will MSA's *only* work with Kerberos or can they use NTLM as well? Our testing has shown things don't work right unless Kerberos works properly (e.g. remote CIFS targets accessed by the MSA must have...
View ArticleBest way to give external access to users and groups
We are a university, and have a research network (aka "wild west") that is separate from our production network. The users of the research network want to be able to see existing AD groups and users in...
View ArticleDelegation of Control for a group to update just phone numbers of user objects.
We have a need to have a security group just have the ability to update phone numbers of users. Is this possible using the Delegate Control wizard, and if so, which attribute am I looking for?
View ArticleActive Directory Extend Password Expiration in Default Domain Group Policy
hello all,I am going to change the "password expiration" on my default domain policy from 90 days to 180 days. This will affect all the users in my domain. I have tested this out in my QA environment...
View ArticleError when attempting to change password: "The security database on the...
The error message I'm seeing is "The security database on the server does not have a computer account for this workstation trust relationship." There's nothing wrong with the trust relationship and I...
View Articlehow many ADFS instances are needed?
We already have an ADFS instance setup for our Office 365 implementation and have just purchased another company. As a temporary step before a merge of their accounts into our AD we want to setup ADFS....
View Article