Collect hardware hash to Autopilot
Hi, Today we have a local domain with ad sync. Some machines are "Registered" and some are "Joined". What we would like for the "Registered" devices is to create a script we can use on a GPO to collect the hardware hash…
Unable to connect to Ad server from RSAT server ?
Our AD server is connected to our server via RSAT server. When we are trying to run the AD commands by doing PSRemoting on RSAT server we are not able to get the desired results. But when we run same commands on RSAT server directly we can see the…
Azure AD Connect - Best Practice for Domain Controller Connection Settings
Hi, Is there a recommended best practice for the DC connection settings under Configure Directory Partitions in Azure AD Connect ? i.e Should it be set to a selection of Preferred Domain Controllers, or should we leave that unchecked ? Thanks, …
![](https://techprofile.blob.core.windows.net/images/vH-CtgAAAwAAAAAAAAAAAA.png?8D85E4)
![](https://techprofile.blob.core.windows.net/images/vH-CtgAAAwAAAAAAAAAAAA.png?8D85E4)
Golden image not connecting to domain after adding a rule to pick up computer name automatically
Hi all! Was wondering if someone can help ! I have made a golden image as a media for memory stick use on MDT 2013. I have configured it to connect to the domain via script which worked absolutely perfectly But the issue has come when I’m trying…
How to achieve high availability for Active Directory LDAPS (Secure LDAP)
We have around 50 applications currently configured with LDAP and we have around 20 Domain Controllers. As per the security best practice we have to migrate all these applications from LDAP to LDPAS. Currently, all applications are connected using…
Remove OLD CA certificate in AD
If i use Enterprise PKI > Manage AD containers and remove a certificate let say in AIA container will that also delete that certificate in Site and Services PKI Services container? Can i do that using just a domain admin rights or do i need an…
Issue with AD Connect (user called CHECK@company.onmicrosoft.com)
Hey there, We have a very strange problem with an on premise AD Domain Controller with AD Connect installed for sync to Azure/365. Some users appear in 365/Exchange Online as CHECK@Anonymous .onmicrosoft.com. If i take a look in the on premise…
![](https://techprofile.blob.core.windows.net/images/D6ztrmeEOE-eePu-qgrheQ.png?8DA3E7)
![](https://techprofile.blob.core.windows.net/images/PT7QlfEdr0qdUKsDf1u5tw.png?8D801B)
Bulk Modify Attributes
Hell Everyone i created an excel sheet to bulk update some attributes for example Display Name , UPN, Addres , Office Number , Mobile Number, country , city, title, company. But i cannot seem to get a powershell command to work. Would anyone have any…
Trying to setup my first S2008 R2 Server
I have added my roles: ADDS, DHCP, DNS and I can't resolve any of them. Can someone guide me in the right direction?
AD domain Admin Can't Open ADUC
Hello all, My manager AD account is member of domain admins group, he's able to remote desktop the DC but if he tries to open any winds\ task such as open ADUC then a pop up message appear to enter his user name\ password but even though it won't open…
Windows Server 2016 - DHCP
Hi All, I need to reset (Forgot the old Password) the DHCP Failover Cluster share secret password which was configured as part DHCP failover PLease let me know how to perform it
GPO policies
Hi there, I have an Windows server with ADDS ,DNS and GPO services. An workstation is member of the Domain. I configured 3 GPO's : 1 dont acces pc settings, 2, deployment google chrome and 3 lockscreen and desktop wallpaper. GPO 1 works fine on…
How would you split production and lab environment
Hi, Today we have two local onsite domain controllers with domain.com and this is used for production and also for testing/lab. We would like to separate the systems, so that we don`t mix these. Not sure right how to do this, and also not sure how…
Decommissioning a windows server 2003 sub/child domain
Hi We are now planning to decommission the old AD version of windows server 2003. It is currently under the sub/child domain . Win2003 AD - child domain : panay.domain.com Primary domain : domain.com My question is : Is there any impact to…
![](https://techprofile.blob.core.windows.net/images/3Co7rZHd50ujoMLKaOgPZg.png?8D87AE)
NTDS replication failed on restored DC - Windows server 2008 R2 Enterprise
We have 2 DCs (Windows server 2008 R2 Enterprise) in our exchange domain in hyper-V environment,, as one of them (not the GC) failed to startup properly after applying patch, we have restored it with the backup a day before. The DC was restored with…
![](https://techprofile.blob.core.windows.net/images/9babca87cafd4a779105c52780f41048.jpg)
Transitive Network Logon attack - Account lockout
Hi all, I see a transitive Network Logon attack on my AD netlogon logs, however, the computer name that attacks are coming from not pingable or searchable internally. Is there any way to find this puzzle? Thanks, Lrok
Window Server 2012 R2 Forward DNS Zone xxxxx.local is corrupt
The server apparently had some type of power strike and when it came up the DNS forward Zone did not load. I tried to refresh, and reload. I stopped the service and restarted it. The domain controller is a guest server on a Windows Hyper-V server. It…
![](https://techprofile.blob.core.windows.net/images/9babca87cafd4a779105c52780f41048.jpg)
Windows 2019 Domain Controller- SMBv1 disabled
Hello All, We are in process of upgrade of our Domain Controller from windows 2012 to windows 2019. And as far i know SMBv1 protocol will be disabled by default So by default winXP & win2003 will not able to join to Domain now can any one tell…
Biometrics & Facial Recognition in the domain
I would like to use both username & password. But only after the PC verifies the facial identity to the username. I hope that makes sense? This i a domain environment and it would add security to our domain. The problem I run into in my career is…
Add blank line to top of combobox
I have a combobox showing all security groups in alphabetic order, the code used is: $groups = Get-ADGroup -Filter 'GroupCategory -eq "Security"' | Select-Object -Expand name | sort-object $editusersecgroupentrybox.DataSource = $groups This…