Navigation

    ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. active directory
    Log in to post

    • Managing Distribution Groups in an Exchange Hybrid Environment
      IT Discussion • office 365 active directory exchange exchange online azure ad exchange 2013 azure ad connect • • EddieJennings  

      21
      0
      Votes
      21
      Posts
      155
      Views

      @Dashrender said in Managing Distribution Groups in an Exchange Hybrid Environment: @EddieJennings said in Managing Distribution Groups in an Exchange Hybrid Environment: I ought to have clarified. DUO MFA comes into play with Outlook for our mailboxes that are in Exchange Online. On-prem mailboxes (the few we have left aren't subject to DUO). Are those that are left on prem - are they actual users? If so, I'm curious why they can't be migrated? Eventually all users will be migrated, so, yes, we still have real users on-prem. This is outside the scope of the original question / scenario, but I've learned a good bit during this process with much of that learning validating a few things I already knew, such as the value of taking the necessary time to plan, and prep the environment for migration (removing unnecessary objects, etc.).
    • Troubleshooting Azure AD Connect
      IT Discussion • azure active directory azure ad ad connect aad aad connect • • scottalanmiller  

      14
      0
      Votes
      14
      Posts
      200
      Views

      So far the rebuild appears to be still working. It ran all night. No complaints yet.
    • Controlling Folder Depth when Exporting Folder ACL to Excel via Powershell
      IT Discussion • powershell active directory acl • • wirestyle22  

      2
      1
      Votes
      2
      Posts
      83
      Views

      Try this instead: $FolderPath = Get-ChildItem -Recurse -Depth 2 -Path "P:\Public" -Force Where -Depth is the how many levels deep you want to go. If you want to see what a cmdlet can do, you can use: Get-Help Get-ChildItem -Full
    • Template Your Windows VD Session Hosts
      Starwind • windows azure active directory windows desktop azure ad virtual desktop • • Oksana  

      1
      1
      Votes
      1
      Posts
      34
      Views

      No one has replied

    • Access and Distribute On-Prem IT Resources via Azure AD
      Starwind • microsoft azure active directory vpn smb azure ad kerberos robo • • Oksana  

      1
      1
      Votes
      1
      Posts
      29
      Views

      No one has replied

    • Migrating Azure Active Directory Connect
      Starwind • office 365 azure active directory azure ad azure ad connect • • Oksana  

      1
      1
      Votes
      1
      Posts
      48
      Views

      No one has replied

    • S

      New to Windows Active Directory and Group Security Management
      IT Discussion • windows active directory • • srdennis  

      13
      1
      Votes
      13
      Posts
      167
      Views

      @IRJ said in New to Windows Active Directory and Group Security Management: Make an AD group called workstation_admins and add that group to local administrators account on each desktop. This group does not need any AD rights and nobody's account should be in there except for IT admin accounts. Even those IT admin accounts should not be used on local desktops to login on a regular basis. Only when elevation is actually needed, and even then you should use run as. I do this - Those who need it have a workstation admin account and a local non admin normal account.
    • PowerShell - Using Variables to Delete SMTP Proxy Addresses in AD
      IT Discussion • windows powershell active directory ad get-aduser • • wrx7m  

      11
      1
      Votes
      11
      Posts
      852
      Views

      @flaxking said in PowerShell - Using Variables to Delete SMTP Proxy Addresses in AD: if they do not have previous experience with objects Describes me. lol
    • AD FS Upgrade for Windows Server 2019
      Starwind • microsoft active directory windows server 2019 • • Oksana  

      1
      2
      Votes
      1
      Posts
      45
      Views

      No one has replied

    • SAMIT: Do You Really Need Active Directory
      IT Discussion • youtube active directory scott alan miller samit • • scottalanmiller  

      135
      1
      Votes
      135
      Posts
      621
      Views

      @Dashrender said in SAMIT: Do You Really Need Active Directory: I am surprised that MS didn't come out with a better solution for this ages ago. That whole Direct Connect or whatever it was called - phone home VPN solution they have for Enterprise edition only - what a kluge. They are working on phasing this out. DirectAccess was a kludge that is being replaced by Always-On-VPN. Which works on versions of Windows Professional and Up and requires very little outside of a certificate and Group Policies (or Intune).
    • SAMIT: The Myth of Active Directory
      IT Discussion • youtube active directory scott alan miller samit • • scottalanmiller  

      1
      1
      Votes
      1
      Posts
      90
      Views

      No one has replied

    • SAMIT: The False Risk of Active Directory
      IT Discussion • youtube active directory scott alan miller samit • • scottalanmiller  

      1
      2
      Votes
      1
      Posts
      88
      Views

      No one has replied

    • How Can You Prevent Non-Domain Users from Getting an IP Configuration
      IT Discussion • security networking active directory active directory domain network access control • • IT-ADMIN  

      16
      0
      Votes
      16
      Posts
      288
      Views

      Discussion on the policy side of this is over here: https://mangolassi.it/topic/20894/policies-vs-network-access-control
    • K

      Anyone figured out how to ZeroTier with AD?
      IT Discussion • active directory vpn zerotier • • krisleslie  

      88
      0
      Votes
      88
      Posts
      1094
      Views

      @krisleslie said in Anyone figured out how to ZeroTier with AD?: @Dashrender all ubnt They have two models, the unifi USGs and the EdgeRouter series - which are you sporting?
    • Leave Microsoft access error behind!
      Starwind • microsoft active directory • • Oksana  

      1
      1
      Votes
      1
      Posts
      100
      Views

      No one has replied

    • Deploying Azure Active Directory Domain Services (AADDS)
      Starwind • azure active directory virtual machine • • Oksana  

      1
      1
      Votes
      1
      Posts
      125
      Views

      No one has replied

    • Active Directory - Finding Source Of Repeated Lockouts
      IT Discussion • active directory gpo group policy • • anthonyh  

      17
      1
      Votes
      17
      Posts
      388
      Views

      A quick update for y'all that are watching/participating in this thread (thank you, by the way!). Late Friday I realized where the lockouts where coming from. We have a Windows VM that has a suite of applications that folks need to use every blue moon or so, and they access the VM via RDP. Of course, users don't log out, they just close the RDP client (I am going to fix this). The user in question had an old logon session on this VM. Killing the user's session (I just rebooted the VM) seems to have done the trick. Now the goal is to better position myself for the next time this happens. I also figure it's probably not a bad idea to have more visibility on account lockouts and where they are coming from in general.
    • Any Way to Automate Adding a New Computer to an AD Group?
      IT Discussion • windows 10 powershell active directory windows server gpo ad pdq deploy ps mdt ou task sequence • • wrx7m  

      32
      0
      Votes
      32
      Posts
      1349
      Views

      F

      @marcinozga said in Any Way to Automate Adding a New Computer to an AD Group?: @flaxking said in Any Way to Automate Adding a New Computer to an AD Group?: @marcinozga said in Any Way to Automate Adding a New Computer to an AD Group?: Ansible can do that. https://docs.ansible.com/ansible/latest/modules/win_domain_group_membership_module.html#win-domain-group-membership-module You can add new PCs to domain, and change their group membership, you just need to know computer names in advance. Which is just a layer on top of Powershell. The Active Directory Powershell module is still required. It's not required, or that module is included already in Windows 10 by default. Because I haven't had to install it on any machine I managed with Ansible. "win_domain_group_membership requires the ActiveDirectory PS module to be installed" https://github.com/ansible/ansible/blob/devel/lib/ansible/modules/windows/win_domain_group_membership.ps1 They have it in the documentation as well "This must be run on a host that has the ActiveDirectory powershell module installed." https://docs.ansible.com/ansible/latest/modules/win_domain_group_module.html
    • How to authenticate via AD to non-domain server
      IT Discussion • active directory ldap bookstack • • zachary715  

      26
      0
      Votes
      26
      Posts
      363
      Views

      @black3dynamite He shouldn't need to. I'm running it on 16.04 and what he is trying to do works for me.
    • P

      SOLVED How long does it take for clients to resolve new IP from DNS on LAN?
      IT Discussion • microsoft active directory dns • • Pete.S  

      13
      0
      Votes
      13
      Posts
      224
      Views

      P

      @Dashrender I just checked a couple of clients and Time To Live where set to 3600 at most and counting down. @Obsolesce If it's default then one hour it is.
    • Windows HomeGroups, WorkGroups, and Domains - CompTIA A+ 220-1002 Prof Messer
      IT Careers • windows youtube comptia prof messer active directory certification video training it career it training a+ windows system administration • • steve  

      8
      2
      Votes
      8
      Posts
      442
      Views

      @mary said in Windows HomeGroups, WorkGroups, and Domains - CompTIA A+ 220-1002 Prof Messer: Is there any alternative to home group now that it isn't available on Windows 10? Also why would you use workgroup instead of Windows Domain? Is it a cost issue? "Home Group" was just a fancy name for network sharing without AD on Windows computers.
    • Deploy Active Directory via PowerShell
      IT Discussion • powershell active directory windows administration server 2019 • • EddieJennings  

      3
      5
      Votes
      3
      Posts
      132
      Views

      @Romo said in Deploy Active Directory via PowerShell: Great Job @EddieJennings !!, Really liked the flow and tempo of the video Thanks
    • SOLVED Server Losing Connection to AD DC Intermittently
      IT Discussion • windows networking hyper-v active directory windows server 2012 r2 hyper-v 2012 r2 ad dc • • scottalanmiller  

      3
      0
      Votes
      3
      Posts
      351
      Views

      Good find.
    • Estación de trabajo con 10 segundos de atraso en el reloj
      IT Discussion • windows active directory ntp sntp time synchronization • • Suyeins  

      15
      2
      Votes
      15
      Posts
      264
      Views

      @scottalanmiller said in Estación de trabajo con 10 segundos de atraso en el reloj: @dbeato said in Estación de trabajo con 10 segundos de atraso en el reloj: @scottalanmiller said in Estación de trabajo con 10 segundos de atraso en el reloj: Anyone know what the normal variance on Windows boxes is when not using a local time source? How close in seconds would we even expect a site to be able to be? You can have it up to 5 minutes from the Domain Controller Servers time. No DCs. No AD. Gotcha, I am still trying to see what is the issue. 10 seconds is almost unnoticeable. What is the purpose?
    • PowerShell - Off-boarding Script
      IT Discussion • microsoft powershell office 365 windows server active directory scripting script password ad password reset • • wrx7m  

      12
      1
      Votes
      12
      Posts
      1316
      Views

      @wrx7m said in PowerShell - Off-boarding Script: @dafyre said in PowerShell - Off-boarding Script: @wrx7m said in PowerShell - Off-boarding Script: @dafyre I think I found where you got it - https://www.powershelladmin.com/wiki/Powershell_prompt_for_password_convert_securestring_to_plain_text Anyway, I am not sure where, in my script, I should place that function. You'd put the actual function at the top of your script, and then just $myPassword=convertFrom-SecureToPlain -securepassword $MySecurePassword Wherever you need the password in plain text form. Thanks. It mostly works. The only problem is that it isn't actually using the password I specify at the top. It is somehow generating its own and then writing it at the end. I put in write-host "Plain Text Says: $plainText" and it shows the password that I typed in for the secure variable at the beginning, followed by the one that it generated. Plain Text Says: $#@%4#@177 Jof91348 Works fine for me here.... Check and make sure you don't have an extra write-host or anything somewhere.
    • Nomad - Manage Mac OS in Windows/AD Environment - Anyone Used It?
      IT Discussion • active directory osx bind mac os nomad • • wrx7m  

      3
      1
      Votes
      3
      Posts
      169
      Views

      @DustinB3403 said in Nomad - Manage Mac OS in Windows/AD Environment - Anyone Used It?: I've heard of it, and it's supposedly a really good product, the issue with it is the cost. At least at the time. The product now is JAMF Connect. So it looks to be a dead product that was replaced. Interesting. I'll look into that. I didn't see any mention of jamf.
    • Need to Join Windows XP Clients to a 2016 Domain
      IT Discussion • active directory windows server 2016 windows xp ad dc 2016 domain • • scottalanmiller  

      30
      0
      Votes
      30
      Posts
      4847
      Views

      @Dashrender said in Need to Join Windows XP Clients to a 2016 Domain: @scottalanmiller said in Need to Join Windows XP Clients to a 2016 Domain: @Dashrender said in Need to Join Windows XP Clients to a 2016 Domain: @scottalanmiller said in Need to Join Windows XP Clients to a 2016 Domain: @Dashrender said in Need to Join Windows XP Clients to a 2016 Domain: Does the XP machine need to be part of the domain? What about working around that issue? We removed the domain completely. So now you're what - trying to use a 2019 SMB file share or something? What does file share have to do with AD? Completely disconnected concepts. True - I was making my own leap - So - where does this stand now then?? We removed AD. It turned out that it had been installed without evaluation and was serving no real purpose, but was posing a significant risk.
    • OSX 10.14.X Bug - Roaming AD Accounts unable to login when Off Network
      IT Discussion • apple active directory osx bug mobile accounts 10.14 • • DustinB3403  

      4
      2
      Votes
      4
      Posts
      152
      Views

      @wrx7m said in OSX 10.14.X Bug - Roaming AD Accounts unable to login when Off Network: @DustinB3403 said in OSX 10.14.X Bug - Roaming AD Accounts unable to login when Off Network: My co-worker thinks he may have a workaround, which involves backing up the user profile, deleting the existing one and restoring the files for the user. We're testing this currently to see if this actually "sticks". Did it work? Waiting to hear back
    • Restoring 2012 R2 AD DC: This server is the owner of the following FSMO role, but does not consider it valid.
      IT Discussion • active directory windows 2012 r2 fsmo • • scottalanmiller  

      18
      0
      Votes
      18
      Posts
      726
      Views

      So we did an older restore and the issue was resolved. This error was caused by ransomware.
    • Question about AWS
      IT Discussion • active directory cloud aws file server domain controller lightsail • • vhinzsanchez  

      93
      1
      Votes
      93
      Posts
      1175
      Views

      It is because of this licensing discrepency that we know that CloudAtCost was running a scam. They advertised Windows servers that were unlicensed, and unlicensable.