What is the use of service account.
Hi, What is the use of services account.
The DNS server has encountered a critical error from the Active Directory. Client cannot authenticated.
Hello, I have four DCs, one of them in personal site. Client in same site could not authenticate in AD because server is not available if I reboot one of DC from other site, for example DC01 On primary DC for this clients (for example DC03), I…
Output results of Remove-ADComputer
I need to remove a list of computers from Active Directory. I also need the results to be output to a log or text file. The remove command works and a file is generated, but the generated file is empty. I am using the following command: …
Error when trying to promote DC (the specified network name is no longer available)
We just deployed a new VM in a different site to act as an RODC. But the issue is when we try to promote to DC, we get the following error; The wizard cannot access the list of domains in the forest. the error is: The specified network…
Replication issues after ungraceful DC restore/restore from backup
Hi, I had a major issue with one of my domain controllers where it could not be gracefully demoted and had to be restored from backup. I know this is a no no but there was no other option at the time. Unfortunately I went back too far, 1 month to be…
Powershell Script to Retrieve AD User, Group, Group Members Info
Good morning and Hi to all! I am a newbie to Powershell scripting and have a task on hand but unable to get the results I needed and hope I can get some help here. There are many Groups in AD, but I need to focus only on 2 distinct Groups namely…
List extended permissions on AD
Hello I'm searching for a way to list the permissions and extended permissions on my active directory root. I've tried with the get-acl command and some others, but I’m not able to get it. Is it the correct way?
KERBEROS refresh clients
Good morning, in our infrastructure have all clients windows 10, and 2 DC 2019 Server (FFL 2012 R2), when change (add or remove) users from groups, all client, need to reset manually kerberos token with cmd (klist purge –li 0x3e7). It's the only metod.…
Bind some servers to a specific DC
Hi, I need to bind some of my members servers to always use a specific DC for AD Authentication. How it can be done? Thanks.
Problem with NTP Server PDC
I am the administrator of an Active Directory that consists of 4 domain controllers. 3 of them are Windows 2012 R2, and one Windows 2008 R2. Our Palo Alto firewall is ntp time syncronized against the PDC domain controller, one of the Windows 2012 R2.…
Account Lockout Due to failed attempts
Hi, My Domain Account was suddenly locked out. How can I find out from which pc someone tried to log in to my account before it got locked out? Thanks.
Domain Bound to a single DC
Hi, By mistake, I ran klist add_bind CONTOSO.COM KDC.CONTOSO.COM. Does this mean the whole domain is bound to a single DC? If yes then how can i remove it immediately. I just need to bind some servers to use a specific DC. Thanks for quick replies.
How to connect or test ldap server connection in windows through command prompt or Powershell cmdlet without GUI
In our company infrastructure we have an ldap directory service hosted. Currently I'm using Ldap tool to connect to ldap directory service to search for the records. Now I have a task to modify few attributes for several users. Manually its taking…
Reset Kerberos
Hi Folks, I would like to know if exist some impact when execute reset Kerberos to VPN? I need to perform this task, but I don't know how my VPN will behave. Any Suggestions? Something that I need to know before and after this task? Thanks
setup of trust relationship between 2 domains
Hello, we have 2 domains each in their own location. There is a VPN connecting between both sites each domain with their own firewall, DNS and DHCP services. We would like to create a one-way trust relationship from Site A to Site B. After some research…
error: 5 (Access s denied) RODC (win srv 2012) with DC (win srv 2016)
Good Day Dears, I'm trying to add RODC (windows server 2012 R2) to DC (windows server 2016) and I have error: 5 (Access is denied) note that my user is member of : Administrators , Domain Admins , Allowed RODC Password and Enterprise Admin . Also I…
This error happens all the time when I'm using the ADAC Console on Windows 10
This error happens all the time when I'm using the ADAC Console on Windows 10 Active Directory Administrative Center error collection was modified after the enumerator was instantiated
random users account locked frequently and hits active direcorty service by unknown users which is not stated in directory services
we have installed ad plus tools which is show unknowns users attempt login wih bad password users name , and some also users of active directory attempt login with bad password shown by ad plus tools. when we have enabled lockout policy on domain…
The domain crush when one Domain Controller is down
I have two different forests (each forest one domain). And I have three domain controller in that domain, but when I disconnect one domain controller, also the original domain controller that create that domain. The domain is totally crash, no matter I…
Active Directory LDAP replication errors and Exchange
I'm at a complete loss of what to do. I've been battling an unstable domain, which is affecting my company's Exchange Server. The first issue started last Friday when a coworker could not connect. Since then I've been through a number of tech websites…