Questions tagged [active-directory]

A Microsoft technology that constitutes an LDAP directory service with centralized management functionality for user accounts, computer accounts, groups, and configuration management across many Windows servers and desktops.

Filter by
Sorted by
Tagged with
0 votes
0 answers
2 views

Impossible to allocate ip address in wifi

Hello for our network technician training, we created a DHCP server on Active Directory and created a range, that works perfectly for distributing IP addresses on my network. But our TP-link routers ...
Knrky's user avatar
  • 1
-1 votes
0 answers
9 views

How to force AD resync on ProxMox firewall version 5.2.1?

Does someone know how to force Active Directory resync on ProxMox firewall version 5.2.1 since the "pveum realm sync" command is not available yet on this outdated version? pve-manager/5.2-1/...
Arthur's user avatar
  • 1
0 votes
0 answers
9 views

server 2012Rd backup domain controller not communicating with PDC

I have client with a server with four vm's One is primary dc and another backup dc. There was an error generated with windows time service. The recommendation was to add/ change the logon to ...
docs's user avatar
  • 1
-1 votes
0 answers
21 views

An Active Directory Domain Controller (AD DC) for the domain could not be contacted

I have a PC with Windows 11 Home. I use Hyper-V to install 2019 server (Server) and 2 Windows 10 Enterprise virtual machines (VMs). I add two Enterprise VMs on Server as follows. I select MARVEL.local ...
jerseypizza's user avatar
0 votes
0 answers
19 views

Why am I only seeing logoff, but no login, events in Windows Event Logs?

I want to audit when every user logged into of logged off a server via RDP. When I run Get-EventLog or Get-WinEvent and filter for Login (Event ID 4624) and Logoff (Event ID 4634) events, I only am ...
Liam Kelly's user avatar
0 votes
1 answer
44 views

Cannot remove alternate computername after in-place upgrade from 2008 R2 to 2012 R2

We have some servers that were upgraded in-place from 2008 R2 to 2012 R2. While they were running 2008 R2 alternate computer names were added to them with netdom computername <computer> /add:<...
AmazingRealist's user avatar
0 votes
0 answers
57 views

Use Samba AD DC as Password Backend for Samba PDC

I've got the following situation: Old Samba-server data.company.com Version 4.6.7 Configured as a PDC with workgroup = COMPANY for a population of Windows hosts with the following configuration: [...
Tipsyeagle's user avatar
0 votes
1 answer
26 views

GPO Application Error - Cannot Access GptTmpl.inf

In my organization's Windows AD environment, I cam across an error on several machines: "Security policy cannot be propagated. Cannot access the template. Error code = -536870656. \.net\sysvol<...
S M's user avatar
  • 1
0 votes
2 answers
56 views

Hunting down old Cisco Endpoint Harmony installs on clients in the domain [closed]

I'm a Junior SysAdmin taking the reigns for a small organization. About 3 months in, CISO asks me to hunt down old installs of CISCO Endpoint Harmony on clients throughout our domain, since we moved ...
Ron G's user avatar
  • 9
0 votes
1 answer
76 views

What is the LDAP syntax to query a sub domain?

I have a group MySoftwareUsers in the nam.con.internal.contoso.com domain. The software I am installing doesn't have an option to specify a location to search, it uses the root domain con.internal....
e-Fungus's user avatar
  • 101
0 votes
0 answers
16 views

DC - migrate FRS to DFSR any issues for 2003 server members?

Is there any issue to migration DC's from FRS to DFSR if there are still very old "computers" members in the domain ? the client has a remaining 2003 R2 server and I would like to make sure ...
poypoy's user avatar
  • 3
0 votes
0 answers
34 views

AD recursive LDAP query for unexpired temporary group memberships

With Privileged Access Management for ADDS (on-premises), it is possible to temporary add a member to a group, e.g. using powershell Add-ADGroupMember. Additionally, it is possible to use LDAPs ...
rrr's user avatar
  • 101
0 votes
1 answer
63 views

GPO - Missing "Manage updates offered from Windows Server Update Service"

in our Windows Server 2019 DC we are missing the following Administrative Template: Computer Configuration > Policies > Administrative Templates > Windows Components > Windows Update > ...
Duncan_McCloud's user avatar
0 votes
0 answers
21 views

Can i make different templates of displayName in AD? Windows Server 2022

First of all, sorry for my lack of english. I need to know if I can create different templates of displayName. Recently, I discovered the ADSI Edit utility and helped me to modify the displayName when ...
gmag's user avatar
  • 1
0 votes
0 answers
44 views

Can not connect to mssql server on Ubuntu using AD user account

I have installed a mssql-server (15.0.4335.1-6) on Ubuntu 20.04.6 LTS, following Microsoft Documentation Mssql-server is up and running and I can connect using the sa account. What I want to do, is to ...
cladmin's user avatar
0 votes
2 answers
80 views

Using Active Directory only for authenticating logins

Unlike: Linux + Active directory authentication + only letting certain groups login Which is a full AD solution for Linux, limited to groups. What I want is: A simple way a random internal Linux box ...
user3696153's user avatar
-1 votes
0 answers
65 views

I need to change and migrate my DC server with about 1000 users to a new server [duplicate]

I want to change my current DC (windows server 2008 r2) with about 1000 users to a new DC (windows server 2022). how can i migrate this 1000 clients to a new active directory server without join one ...
radmanesh1982's user avatar
2 votes
2 answers
110 views

AD Sites, Costs and DFS

I've got a bunch of physical sites: East-1, East-2, Central, West-1 and West-2, they all have domain controllers and have servers that provide DFS services. Other sites Near-East-1, Near-East2, Near-...
MB43's user avatar
  • 21
-2 votes
1 answer
57 views

Active Directory TLS authentication issue (Windows Server 2019 & 2012 R2)

I am facing an issue with AD TLS communication-related issues. Six months before I could authenticate the user on SSL communication using the CA certificate alone. Currently, I cannot authenticate ...
ram ajay's user avatar
1 vote
0 answers
127 views

Unable to access SMB share with DNS Cache service disabled from Windows Server 2022 but it works on Server 2019

I have a requirement to disable the Windows DNS Cache on a new Windows Server 2022 RDS VM. Trying to access a SMB share hosted on a Windows Server 2022 file server, all my servers are joined to a AD ...
tezx's user avatar
  • 11
1 vote
1 answer
33 views

Change of the keyboard language and operating system language on users' computers using GPO (Windows Server)

I am responsible for managing a fleet of computers in my organization, and I would like to know how to configure the change of keyboard language and operating system language on users' computers using ...
Oskar Sokolowski's user avatar
0 votes
1 answer
58 views

RDP Hostname gets NLA error, RDP to IP address works

I have a local Domain Controller (DC02) with a relatively simple AD setup that has been there for quite a few years now - maybe 6-10 years. I've moved a few of the VMs from one hypervisor to another (...
Andrew's user avatar
  • 103
2 votes
1 answer
78 views

How can I add a Capability SID to GPO Registry permissions?

We attempted to configure the permissions of a Registry key (HKLM\Software) via GPO. (https://www.stigviewer.com/stig/windows_server_2019/2019-12-12/finding/V-93025) However this resulted in a ...
duct_tape_coder's user avatar
0 votes
0 answers
38 views

Connect to Synology NAS with AD computer account

I need to access a Synology SMB shared folder with the use of a computer account. I have joined the Synology to the domain, but I only see the user accounts and even adding Domain Computers to the ...
Satory's user avatar
  • 11
0 votes
0 answers
54 views

1 Domain Controller(s) with replication in progress

I have 3 DCs (DC01, DC02 and DC03). If I create a group policy on any DC I find it replicated to the others. But I see an error in Group policy management, in domain status if I click “Detect Now” it ...
Mrc89's user avatar
  • 1
-1 votes
0 answers
33 views

OpenLDAP read performance

Hello I've used following documentation to configure an OpenLDAP Server to function as a proxy for multiple domains. https://docs.microfocus.com/doc/Service_Manager/9.72/ConfigureLDAPproxy The only ...
Geodav's user avatar
  • 1
1 vote
1 answer
46 views

Windows Group Policy Management - Session host limit group policy doesn't work as expected

I have created a group policy to end the sessions which are disconnected automatically & the settings of RDP session timeouts are located in the following GPO section Computer Configuration -> ...
Sachith's user avatar
  • 11
2 votes
2 answers
287 views

Replacing Domain Controller with Server 2022

We have two Domain Controllers running 2012 R2. I have been given a project to replace these with 2022. I have just discovered that the Domain Functional Level is still 2008 R2. I have issues with FRS ...
shkm's user avatar
  • 21
-1 votes
1 answer
102 views

Adfs ECC certificate-based authentication

Is it possible to use client authentication with ECC certification? Our ADFS szervers (Win server 2016 with .net 4.7.1) is always throw a key algorithm not supported exception: System....
Foxy0112's user avatar
0 votes
0 answers
26 views

DNS alias for old path/server *redirection maybe*

We have an old Windows Server 2008. This was end of life in 2020 and needs to be shutdown. We have an replacement Windows Server 2022 host. On the old server we have an \\servername\share. On the new ...
user avatar
0 votes
0 answers
29 views

Configuring Windows Workstations to use their TPM in Bit Locker for all drives?

I have a bunch of AD-integrated workstations that will need to use BitLocker. They all have TPM 2.0 installed, and my overall goal is to get BitLocker set up and using the TPM for both the OS drive ...
The ITea Guy's user avatar
0 votes
1 answer
66 views

How do i delegate domain admin to cross forest account

I currently have a setup involving two domains. In Domain 1, there is a Domain Controller (DC) and a Gateway (GW) configured for Windows Admin Center. A two-way forest-wide trust has been established ...
kevin's user avatar
  • 1
0 votes
1 answer
91 views

What is the default sharing permission for NETLOGON and SYSVOL?

I have a Windows Server 2012 AD server. Some time ago I changed the default sharing permissions for NETLOGON and SYSVOL. Now some users are complaining that the notification that the password is about ...
G.Carlos's user avatar
  • 101
1 vote
1 answer
157 views

Promoting a domain controller fails prerequisites

I'm replacing my domain controller with another domain controller with more efficient hardware and migrate from Server 2012 R2 to Windows Server 2019. The first step I joined the new server to the ...
Hassan Bosha's user avatar
0 votes
0 answers
81 views

DNS record not resolving - even on the server itself? Causing AD issues

I have a Windows Server 2019 AD/DHCP/DNS/SQL server running on an ESXi host. Recently, I have been having trouble with domain trust dying to client machines, and now I am completely unable to join new ...
shokoah's user avatar
-1 votes
1 answer
65 views

Active directory server set up DNS resolution failure or VERY SLOW, can I route external DNS requests the traditional way, before the server existed?

I'm very new to the world of active directory, windows server etc., so I apologise if some of the questions I ask are a bit stupid, but I'll try and explain exactly what I want to do below, and my ...
Oliver Ricketts's user avatar
1 vote
1 answer
83 views

How RD Gateway passes credentials to target RDP

How are credentials passed CredSSP in remote desktop gateway to the destination RDP machines? Is the TLS tunnel created just like regular RDP sessions? Is HTTPS used? I was thinking something like: ...
Matías Huartamendía's user avatar
0 votes
1 answer
45 views

Azure AD Connect says my User is synced, but it isn't

I use Azure AD Connect to sync Users, Computers and Groups from my local Active Directory to Azure. Before I set up Azure AD Connect, every User already existed in local AD and in Azure AD, so I had ...
SimonS's user avatar
  • 785
0 votes
1 answer
237 views

Windows Server 2022 unable to logon due to no Remote Desktop License Servers available

Summary I need to allow Windows Server 2022 to allow unique users to RDP to the server at the same time. I believe this was the default behavior that was working for about a month, before the error ...
Liam Kelly's user avatar
0 votes
0 answers
31 views

Should VLANs and AD match organizational chart for implementing 802.1x with Dynamic VLAN?

I am experiencing an issue while trying to understand the best way to implement 802.1x (EAP Chaining with AD as the identity service) in a corporate environment. The following questions have arisen ...
apostolescus's user avatar
-2 votes
2 answers
51 views

Is it possible to delete 15 ad groups in one second without PS? [closed]

I deleted 2 user accounts in AD running on Windows 2016 (pdc), time stamp is around 1:05:00 pm, then the users report cannot access the share drive on a domain member file server. Then I found in ...
Calvin's user avatar
  • 1
1 vote
0 answers
98 views

How to find the reason for locked accounts in Active Directory?

Help me figure out why Active Directory locks accounts who connect to the corporate network via VPN (l2tp). Given: local Windows Server 2022 with the latest updates + Active Directory + file storage (...
Viacheslav Hranchenko's user avatar
0 votes
1 answer
70 views

Passthrough Windows AD authentication with LAMP GSSAPI/Kerberos

Trying to stand up a LAMP server on a Windows AD and get passthrough authentication working. One gotcha (which may not be as big of a deal as I'm making it), the hostname and hosted URL do NOT match: ...
SkipSinclair's user avatar
0 votes
0 answers
138 views

SSO not working between a browser and a Keycloak using an user federation with kerberos integration to a windows AD

I am trying to get SSO working using a browser(Chrome or firefox) and keycloak configured with an user federation AD Domain(kerberos is configured). First I present the overview of what I have and ...
Afonso R.'s user avatar
3 votes
2 answers
308 views

How to reset protected accounts in Active Directory

Some of our Active Directory users were mistakenly added to Print Operators, which has converted their accounts to protected accounts. The result of this, is that users who were delegated control of a ...
ryansin's user avatar
  • 193
0 votes
0 answers
46 views

OpenVPN setup with MS authenticator

I have set up openvpn with active directory authentization in our company. Now I set up microsoft atuhenticator (in pam.d with pam_unix.so and pam_google_authenticator.so). It is working fine. Is some ...
Dave's user avatar
  • 25
0 votes
1 answer
62 views

How to create a GPO to audit start/stop of a service not running on the DC?

I'm trying to enable auditing of service start/stop events for a few specific services on a group of domain computers, and to make this change using Group Policy. I've seen this answer, however when I ...
zedworks's user avatar
0 votes
0 answers
311 views

Event ID 1207 in Cluster Events Log once an hour

I have a two node, hyper-v failover cluster running windows server 2022. I'm getting this error every hour in the cluster events log, event id 1207: "The computer object associated with the ...
Erich's user avatar
  • 1
1 vote
2 answers
212 views

DNS conditional forwarders for zones on external trusted domain from untrusted domain

I work for an international company and the factory I work for has it's own local domain which has an external trust with the company's main domain so those users can authenticate on our domain as ...
C Kolkman's user avatar
1 vote
2 answers
40 views

Stuck with a GPO, no class or attribute on AD Object?

I may have blundered a GPO towards the end of my shift. A fairly important (at least to me and future weeks) had its links go red and unreachable after I altered Delegation settings on a specific ...
paypercorn's user avatar

1
2 3 4 5
204