Navigation

    ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Romo
    • Profile
    • Following
    • Followers
    • Topics
    • Posts
    • Best
    • Groups

    Romo

    @Romo

    Seeking for knowledge

    587
    Reputation
    861
    Posts
    2659
    Profile views
    2
    Followers
    3
    Following
    Joined Last Online
    Location Guadalajara, Mexico Age 34

    Romo Follow

    Posts made by Romo

    • RE: SIP Calls not passing audio under one specific condition.

      Left column is Skyetel and right column is our pbx, this is a call from an internal extension to our external number

      alt text
      As you can see in the image, RTP packets stay in our pbx side, skyetel is not involved in the audio path.

      posted in IT Discussion
      Romo
    • RE: User Account getting disabled in Azure

      @Dashrender The Synchronization service manager application logs dont show the "sync" that the azure logs show sending the disable account change, but azure does show this "sync", the Actiion Client Name is Directory Sync as well

      42c4ed7e-47f1-451d-914b-a850a1e9558a-image.png

      What I cant seem to find, is where this disabled account value is coming from if AD is showing the account as active and enabled.

      posted in IT Discussion
      Romo
    • RE: User Account getting disabled in Azure

      @scottalanmiller said in User Account getting disabled in Azure:

      Could there be something automated trying to log in over and over again with a bad password?

      No signint attempts during the weekend, interactive or uninterective where logged int the azure logs, but the account still kept getting disabled and enabled by sync or something.

      posted in IT Discussion
      Romo
    • RE: User Account getting disabled in Azure

      @dbeato No signing attempts at all during the weekend, but the account is still getting disabled and enabled on its own as shown in the azure audit logs.

      posted in IT Discussion
      Romo
    • RE: User Account getting disabled in Azure

      @dbeato Targeted?

      @Romo said in User Account getting disabled in Azure:

      BadLogonCount : 0
      badPasswordTime : 132526283882223437
      badPwdCount : 0

      Shouldn't the BadLogonCount raise if bad passwords were tried?

      posted in IT Discussion
      Romo
    • RE: User Account getting disabled in Azure

      @dbeato Imgur not working apparently couldn't load the other image.

      posted in IT Discussion
      Romo
    • RE: User Account getting disabled in Azure

      @dbeato exported-change-not-reimported
      exported-change-not-reimported.png

      posted in IT Discussion
      Romo
    • RE: User Account getting disabled in Azure

      @dbeato Here is screenshot. I dont see a sync at all in logs at 7:59 in the sync service manager. Yet the audit logs show the disable account sync at that time.

      270d4eb3-f3f3-413a-9877-1c63b770ec3b-image.png

      The user principal name in the activity log is showing the sync coming from the same DC, so not sure what is going on.

      posted in IT Discussion
      Romo
    • RE: User Account getting disabled in Azure

      @jt1001001 User was disabled on 8/11/2020 originally and enabled again on 11/12/2020. The day he got re-enabled was the issues started happening

      posted in IT Discussion
      Romo
    • RE: User Account getting disabled in Azure

      @Obsolesce here is the info

      AccountExpirationDate                :
      accountExpires                       : 9223372036854775807
      AccountLockoutTime                   :
      AccountNotDelegated                  : False
      AllowReversiblePasswordEncryption    : False
      AuthenticationPolicy                 : {}
      AuthenticationPolicySilo             : {}
      BadLogonCount                        : 0
      badPasswordTime                      : 132526283882223437
      badPwdCount                          : 0
      c                                    : US
      CannotChangePassword                 : False
      CanonicalName                        : DomainName.local/SITE - Location/Location Users/USER LASTNAME
      Certificates                         : {}
      City                                 : Location
      CN                                   : USER LASTNAME
      co                                   : United States
      codePage                             : 0
      Company                              :
      CompoundIdentitySupported            : {False}
      Country                              : US
      countryCode                          : 840
      Created                              : 6/29/2020 12:05:53 PM
      createTimeStamp                      : 6/29/2020 12:05:53 PM
      Deleted                              :
      Department                           :
      Description                          : FD 8/11/2020-Enabled 11/12/2020
      DisplayName                          : USER LASTNAME
      DistinguishedName                    : CN=USER LASTNAME,OU=Location Users,OU=SITE - Location,DC=DomainName,DC=local
      Division                             :
      DoesNotRequirePreAuth                : False
      dSCorePropagationData                : {12/18/2020 1:19:34 PM, 12/18/2020 1:17:50 PM, 12/18/2020 1:10:57 PM,
                                             11/12/2020 2:31:00 PM...}
      EmailAddress                         : [email protected]
      EmployeeID                           :
      EmployeeNumber                       :
      Enabled                              : True
      Fax                                  :
      GivenName                            : USER
      HomeDirectory                        :
      HomedirRequired                      : False
      HomeDrive                            :
      HomePage                             :
      HomePhone                            :
      Initials                             :
      instanceType                         : 4
      isDeleted                            :
      KerberosEncryptionType               : {None}
      l                                    : Location
      LastBadPasswordAttempt               : 12/16/2020 3:39:48 PM
      LastKnownParent                      :
      lastLogoff                           : 0
      lastLogon                            : 132526894973219910
      LastLogonDate                        : 12/14/2020 8:01:11 AM
      lastLogonTimestamp                   : 132524280715790975
      LockedOut                            : False
      lockoutTime                          : 0
      logonCount                           : 69
      LogonWorkstations                    :
      mail                                 : [email protected]
      Manager                              :
      MemberOf                             : {REDACTED}
      MNSLogonAccount                      : False
      MobilePhone                          :
      Modified                             : 12/18/2020 1:19:34 PM
      modifyTimeStamp                      : 12/18/2020 1:19:34 PM
      mS-DS-ConsistencyGuid                : {32, 103, 80, 151...}
      msDS-SupportedEncryptionTypes        : 0
      msDS-User-Account-Control-Computed   : 0
      msExchBypassAudit                    : False
      msExchPreviousRecipientTypeDetails   : 1
      msExchRecipientSoftDeletedStatus     : 0
      msExchUMDtmfMap                      : {lastNameFirstName:2266666299355, firstNameLastName:6299355226666}
      Name                                 : USER LASTNAME
      nTSecurityDescriptor                 : System.DirectoryServices.ActiveDirectorySecurity
      ObjectCategory                       : CN=Person,CN=Schema,CN=Configuration,DC=DomainName,DC=local
      ObjectClass                          : user
      ObjectGUID                           : 97506720-3ae7-4364-898b-e1fa734ed821
      objectSid                            : S-1-5-21-2029862695-1482051392-3921772031-28167
      Office                               :
      OfficePhone                          :
      Organization                         :
      OtherName                            :
      PasswordExpired                      : False
      PasswordLastSet                      : 12/8/2020 4:48:43 PM
      PasswordNeverExpires                 : False
      PasswordNotRequired                  : False
      POBox                                :
      PostalCode                           :
      PrimaryGroup                         : CN=Domain Users,CN=Users,DC=DomainName,DC=local
      primaryGroupID                       : 513
      PrincipalsAllowedToDelegateToAccount : {}
      ProfilePath                          :
      ProtectedFromAccidentalDeletion      : False
      proxyAddresses                       : {[email protected]}
      pwdLastSet                           : 132519413236813439
      SamAccountName                       : mLASTNAME
      sAMAccountType                       : 805306368
      ScriptPath                           :
      sDRightsEffective                    : 15
      ServicePrincipalNames                : {}
      showInAddressBook                    : {REDACTED}
      SID                                  : S-1-5-21-2029862695-1482051392-3921772031-28167
      SIDHistory                           : {}
      SmartcardLogonRequired               : False
      sn                                   : LASTNAME
      st                                   : IL
      State                                : IL
      StreetAddress                        :
      Surname                              : LASTNAME
      Title                                :
      TrustedForDelegation                 : False
      TrustedToAuthForDelegation           : False
      UseDESKeyOnly                        : False
      userAccountControl                   : 512
      userCertificate                      : {}
      UserPrincipalName                    : [email protected]
      uSNChanged                           : 62837343
      uSNCreated                           : 28616664
      whenChanged                          : 12/18/2020 1:19:34 PM
      whenCreated                          : 6/29/2020 12:05:53 PM
      
      posted in IT Discussion
      Romo