Sync ad password policy to azure ad
Hi all, We have a requirement to sync our local ad password policy to azure ad so if the local pass policy has pass expiration date 60 days we want to match that with azure so that all cloud pass also expire at the same time. We are using password hash…
Server 2019 steady state software
I'm looking for the roll and feature that enables the windows server steady state software. I can't remember which one it is.
why forest domain name is listed under network adaptor for Domain network instead of child domain
why forest domain name is listed under network adaptor for Domain network instead of child domain
365 ProPlus Trial Information Banner Error
Problem: One of our users is receiving a persistent "Trial Information: This trial of Microsoft 365 ProPlus expires in 365 days" banner. (it always says 365 days no matter the day) Active Licenses: Enterprise Mobility + Security…
domain controller logon / logoff user audit logs
Hi, we have 20 domain controllers and need to forward audit logs (user logon / logoff ) to syslog server. Below are the query. whether the audit log will get sync between all the domain controller ? what is best practice to send audit logs to…
Laps Saved password count
Is there any way we can count how many passwords are stored in our LAPS database?I have a command to export all the passwords but I don't want to export them I just want to count how many passwords of systems are available.
How do I migrate my domain conroller to new hardware with same name and IP?
I have 4 domain controllers in my environment that all have the domain controller role and file server role. I'd like to update the hardware on these four domain controllers and would like to use the same name and IP for the new domain controllers. Is…
Group Policy NTP and regional setting
Hi all, I have some issue with NTP inside LAN of a customer. I would that all computers and servers will have same Time, Date and Time Zone (I'm in Italy but I configure many laptop in english language). My goal is: Set sync with external NTP…
get-spn syntax
Hi all i have created spn entries using the below syntax. is there any syntax like get-spn to validate if i have added correct entries rather than checking from AD attribute editor of the service account setspn -s HTTPS/server01.contoso.com…
Setting up remote apps securely with work folders
I'm looking for some information and guidance on setting up and securing Remote Desktop apps and work folders. I have setup remote apps but am paranoid about putting the server on the internet. Currently users use a VPN and I would like to set this up…
Demoting DC/DHCP
Hi, WE have 5 virtualized server 2012 DC's in 4 different subnets and a single physical server 2016 DC. In site A we have 2 VM 2012 DCs and singel 2016 physical DC. One of the VM 2012 DC has all of the FSMO roles plus DHCP. The Physical DC also has…
DWM account showing logon type 2
I found an interactive logon log entry on one of our Domain Controllers for one of the DWM virtual accounts on that machine. Why and how would a DWM virtual account create an interactive logon session?
start a script at session start
Hi everyone, I must start a script at start the session not desktop not other programs. I have tried has create user on activity directory and in the tab "Environment" I have set to the path of script. but in my laboratory it works.…
SharePoint Authentication and AD
Hi All, We adjusted domain user that can be log on to limited computers with AD "Log On To .. " Now, users cannot be login to SharePoint from personal computers unless add their computer's NetBIOS or DNS name. Is there a solution that…
Don't return all direct members of the AD group
When I run the following select it doesn't return all direct members of the group. There are 7 members but it only returns 3. Any suggestions? SELECT sAMaccountname,useraccountcontrol FROM OPENQUERY (ASDI,'SELECT sAMaccountname,UserAccountControl…
problem with an application that uses ldap to authenticate on AD.
When one of the 3 domain controllers is no longer reachable, the application, through the round robin dns, tries to request authentication also from the unreachable domain controller, going into error. How can I fix? Thanks.
Group Policy Report on last group Policy refresh on imapcted machines
We have around 100+ VDI+work stations (Laptops and Desktops). Some Group Policy impacted on all Workstations and users not able to login after logoff\reboot. A blank/black screen appearing when trying to login. So i need a powershell script which will…
Get all DCs name in a domain BUT some with multiple IPs
Hi guys, I would like to get all the DCs running in my domain with their IP. I found a script that do this but in some DCs, multiple IPs are set in the IPv4 properties so I obtain only one IP instead of x with the script. Do you have an idea please…
Logon vs Authentication
What exactly the difference between windows logon and authentication and their failures? Can some one please describe here.
Delegate Object Creation when Full Exchange Admin Permission already applied
So I have a task of restricting Exchange Administrators access to certain OUs. We have a Forest and the accounts reside in a sub domain to the forest root. In sub domains Admins have full control. In the Forest Root they need access to create contacts…