The following article deals with account lockout policies as you may find in (but not limited to) Windows domains. The issues discussed apply to all Windows domains whose authentication relies on passwords alone (as opposed to multifactor authentication).
This article covers the Quest Migration Manager (QMM) for MS Exchange configuration issue with regards to CAS FQDN. Quest support docs are available to resolve some issues but don't cover the base issue. The Article should be useful to engineers working on Quest MS-Exchange migration projects.
Microsoft Teams has begun to roll out the much anticipated Background Effects feature. This article describes how to deploy a custom Microsoft Teams backgrounds to users by leveraging Active Directory Group Policy File Preferences
It is a common practice to join vCenter to Active Directory in order to enable AD logins and authentication to various virtual machines. However, there are times where this simple task fails. Fortunately, one of the most common reasons is due to an SMB1 issue and this describes how to resolve it.
In this article, I will show you how delegation of control for Bitlocker recovery passwords in Active Directory is supposed to work using the common wizard, and why I think that you should do it differently.
This article explains SHA1 to SHA2 migration requirements in a simple way by putting all data on table, while explaining SHA1 and SHA2 algorithms, SHA1 deprecation plans and possible migration paths to SHA2.
ADCycleGroups is a multilevel GPO phase-in tool I developed to automate the moving of computers and users from one GPO version to the next, until it finally gets to the latest GPO policy. This allows me to gradually move computers and users from one version of a policy to the next.
I had to put together a security group that conformed to Microsoft's requirements for Active Directory domain server use between an EC2 instance on AWS and domain servers in our private WAN. I was surprised there was no script for this and decided to put one together.
The "Local Administrator Password Solution" (LAPS) provides a centralized storage of secrets/passwords in Active Directory (AD). On the other hand, KeePass is an open source password manager. This Powershell script generates a KeePass XML file from a LAPS enabled Active Directory, ready for import.
Over time I have seen a number of questions asking how to logoff users at a specific time. I personally haven't required this but decided to develop a little Windows service that manages this via schedule and not a legacy scheduled task running shutdown /l or via AD logon hours
This article explains AD System State Recovery with the authsysvol switch, what it does and when this restore should be attempted, prerequisites, demo, impact and implications. The topic is partially documented by Microsoft and DELL and lacks important details, hence tried to add entire stuff here
This article demonstrates DFS namespace and replication group accidental deletion recovery. DFS-N and DFS-R configuration are stored with active directory. Few precautionary measures will enable DFS-N and DFS-R recovery either from DFS native tool (dfsutil) or active directory.
Group membership expiration is a superb new feature included with Active Directory 2016 functional level.
But what if you want this functionality but you haven't upgraded yet?
Since I have many clients that cannot yet leverage this new feature, I have developed a custom tool.
In this article I will cover Microsoft DFSR major issues and their resolution. These issues can occur during initial deployment or post-deployment. The resolution for each problem is available on the internet generally in standalone posts. I have tried to present them here collectively and detailed.
Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.