Some computers are not able to process group policy after local domain controller is shut down
I have a site that I have migrated local server resources to Azure recently. I have a local DC on prem left and I also have DC's in Azure. I have pointed all the client computers to look at Azure DC's and that seems to work fine. I then shut off the…
How can I restrict Password synchronization when using Edge browser with personal account?
How can I use Group Policy or any other means to avoid password synchronization when using the Microsoft Edge Browser? Only allows it when using the Corporate account.
I can't login to my windows server 22 administrator account. How to solve it. has context menu
When I try to login to the administrator account of my Windows server 22, this notice appears and after a while I am logged out after a while. how to solve it? As a security precaution, the user account has been locked because there were too many logon…
Join VM to Entra ID DS with regular user
Hello everyone, we join ubuntu workstations to entra id ds manually using a global admin account. We'd like to automate this using an account with lesser privileges. According to MS documentation, joining to entra id ds should be possible for any user…
Resetting password using graph api inside power virtual agent
I am trying to create chatbot that will reset user's password using power virtual agent. For the password reset flow I tried to follow these steps:…
No kerberos tgt ticket after unlock screen
I have an application which need kerberos tgt ticket, and I need that client computer contains tgt when user is logon. (Client: WIN10, Server: Windows Server 2012) After the user logons the computer, we can see the ticket by using klist command. …
Active Directory - RDP Users Users Cannot Reset Own Password
We host cloud environments for our customers that they access via RDP (using RD Gateway with SSL - not Terminal Services). The environment in question is running at Server 2012 R2 functional level.There are technically 2 domain controllers running (one…
Configuring Azure Function to authenticate against OnPremise Windows File Server?
Could you please let me know the authentication methods supported for the Azure function peered with the ExpressRoute VNET to have read and write access to the shared folder on the Onpremise File server? The target file server is running Windows Server…
Enabling SSO for Enterprise App(local Active Directory domain)
I'm setting up Windows Admin Center, and I enabled Entra authentication, so that our IT team can authenticate securely to it. When trying to log on, I get this error AADSTS500031: Cannot find signing certificate configured. From my google searches,…
Azure AD B2C custom policies: Validation in ConvertStringToPhoneNumberClaim claims transformation doesn't work
I am working on an app using B2C custom policies. Currently, I am replacing an extension attribute containing users' phone numbers with Microsoft's built-in Mobile phone attribute. In connection with this, I have tried using the claims transformation…
Unhandled exception at Microsoft.ActiveDirectory.Management.Commands.SafeSessionCache
Hi all, Our App crashes randomly every now and then. Right before it crashes the following appears logged: ==================================================================== Application: xxxxxx.exe Framework Version: v4.0.30319 Description: The…
Settings Page Visibility Group Policy with "showonly:yourinfo" cause settings app to crash in Windows 11.
Settings Page Visibility Group Policy with "showonly:yourinfo" cause settings app to crash in Windows 11. When used with other URI, Account Tab is not showing up. Using Windows 11 Pro 23H2 22631.3737 Here is the crash report: AppName…
User name change and alias addition keeps adding and undoing every AD Sync
We are currently running Active Directory for our user data base and an on-site Exchange server that communicates with 365 and Entra for our user's emails. Because of this, all the user details are pulled from AD and can only be edited in AD. I have a…
Can we change the access token lifetime in AD
Can we change the access token lifetime in AD?
Authentication fails when API method is protected by RequiredScope("...")
When I call a method protected with RequiredScope on my api I get Response = 403, Forbidden. Removing RequiredScope results in 200. The app calling the api does have the correct permission granted. Protected API method: [Authorize(AuthenticationSchemes…
Password hash sync perpetual error
After reinstalling the Azure AD Connect Sync and provisioning agent on an existing environment, the error: Password hash sync Status: NotRun Last successful run: Never Job Id…
Group Policy keep saying not complete after applied FolderRedirection
I simplely applied the FolderRedirection in GPO, it works in Win 10, the folder is redirected, the policy is applied shown with gpresult /r, it security group also appplied, but when I gpupdate /force, it always say the policy is not applied, need to…
Microsoft account needed to access my certification
Hello, I forgot my Microsoft account which i passed the certification with. I have to access to my certification. When i tried to link it with a new account i couldn't find the Access Code anywhere ( i didn't receive it with the MC ID). Could you…
DFS Share prompts client for credentials only when accessed over VPN
I have several fully qualified DFS shares (server 2019) that work normally when users are connected to the on-premise network. The users are domain joined to AD. When they connect with VPN, it prompts them for credentials. The prompt already has the…
finding incorrect Sites listings in DNS that do not correspond to ADSS
Within an enterprise that has an aged Active Directory domain structure of multiple decades in age and AD Integrated DNS (replication tested as healthy ...dcdiag) ...as a somewhat new admin have found that changes I've made to update ADSS are not…