Domain Users Unable to Acces Network Shares Using VPN
Recently, VPN users on Windows devices are unable to access their network shares when connecting to our private network through a L2TP/IPsec connection. Users receive the following error messages when they attempt to access their shares. "The…
Active Directory : Conditional redirectors
Hi I have two domain in two forests with conditional redirectors. However, it displays : Unable to Resolve. Is this normal? When i do Nslookup NameOfMyDC.com Server: UnKnown Address: :: 1 Non-authoritative response: Name:…
Client changed password, unable to log in with credentials to W10
I have an issue that I just cant seem to find a solution in these working from home times. A client changed their Windows credentials/password, and is now unable to log into their computer. We have tried the old password, the password the client…
Access Token related query
@Anonymous I have general query regarding Access Token. I hope you guys will answer and explain it. So during Active Directory migration, servers(containing resources) have been migrated from source domain to target domain. Source Domain Local…
Intermittent Error 1521: The process cannot access the file because it is being used by another process.
I have a small AD domain with Windows 10 Pro x64 and Windows 8.1 Pro x64 clients. The clients experience intermittent failure to load their roaming profiles as discussed in great length in this over five-year-old thread: …
Ad delegation rights
Hi I need set rights to our helpdesk employee Requirements: can change user password can unlock locked and disabled user and computer accounts can move user account to another ou (disabled_users) can move computer account to…
Event ID 4723 An attempt was made to change an account's password. But shows a computer account$
We have log monitoring software and on 1/2/2021 at 4:01 PM an event came though email and here are the details with much of the information changed to more generic values EventCode = 4723; EventIdentifier = 4723; Logfile = "Security"; …
Windows Network Folder Access Permission
We are evaluating a network sharefile access review control. One network user group, TestGroup, was not effectively reviewed as part of the review. This group only had access to a subfolder (example; “\server\Main\Subfolder”) but not the parent/main…
Whats using LDAPS, Check in event viewer.
Hi, How do I know what is using LDAPS in event viewer, what clients are using LDAPS in my domain controller. Basically want to know the event id for LDAPS events in event viewer. By normally looking the event viewer I am not finding any events…
Windows 2003 Domain with Underscore in the name
Is there a best practice for upgrading a domain with an Underscore in the name (domain_name)? Are the only options to either attempt to rename the domain or migrate to a new domain?
Password Policy service account
H, We are looking the recommended method to apply new password policy on service account with high privilege. Any idea ?
Certificates not propagating via GPO
Hi, I have a user Tom in AD My AD must be structured correctly because for SQL Server in the same domain, user permission is assigned only to BBLabInternalUsers group, and user Tom can connect to the data. I want to send him a Column…
Alternative software to MS NTP/Time
I have gone around and around with synchronizing network time for months and frankly I'm sick of it. Time was always a set it and forget it configuration in the past, not so anymore. I have 70 systems. Of those systems have have a dozen that simply…
2003 to 2016 DFL/FFL
I am in charge of 3 forests that are all configured in all joined into a forest trust. two of the domains are 2003 dfl/ffl while 1 is 2008 r2. I have exchange 2007 in place. I am looking to upgrade the DFL/FFL of the lower level domains before raising…
SmartCard & Outlook Credential Prompt
Ever since moving to Smart Card logon, when arriving in the morning we find our users are prompted to enter in a username/password, and Outlook and Skype for Business request information. I have a feeling that this is due to the Domain Kerberos Policy,…
Microsoft Active Directory and AWS Manage AD
we currently have On MS Perm Active Directory (XXX.xyz), recently we configure Manage AD in AWS (AWS.XXX.XYZ) and set up the Trust between On Perm AD and Manage AD in AWS, users from On Perm AD are successfully able to log on using the On Perm AD domain…
Acccess token vs kerberos ticket
Hello, How access token is different from Kerberos ticket? Is there any difference between them? How are they related in terms of its usage and scope? Please explain both with examples. How, where and in which order they are used? Thanks in advance!
Questions about Failed login events 4625
Hi Everybody, I have few questions about failed login events. last month, Our few server got affected by ransomware. We have applied Failed login monitoring. We are getting lots of alerts with event id 4025. > An account failed to log…
2008R2 Domain Controller: Replication Errors: (8606), (5), (1256), (8446)
Hi All, I am facing these below errors when i ran the Repadmin /replsummary command on a 2008R2 Enterprize domain controller. Could someone please help me resolve these issues ? Destination DSA largest delta fails/total %% error ALBION …
Access and Group related query
@Anonymous The facts: Servers domain membership has been MOVED from source domain to target domain. Only Source Domain Local groups are appended in resource DACL. These source domain local groups have been migrated to target domain…