?
Solved

ASA 5505 Domain ActiveDirectory Authentication

Posted on 2012-08-17
3
Medium Priority
?
312 Views
Last Modified: 2014-07-09
Hi Experts,
I had our win 2003 Primary domain controller fail and replaced it with win 2008.  Changed all DNS entries to new internal IP 10.11.1.8 but cannot get it to authenticate users.

: Saved
:
ASA Version 8.2(1) 
hostname VPN1
domain-name xxx.lan
enable password VvJ/jpyTi/fGJsOe encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Ethernet0/0
 duplex full
 nameif outside
 security-level 0
 ip address xx.xx.xx.xx 255.255.255.0 
interface Ethernet0/1
 nameif inside
 security-level 100
 ip address 10.11.1.201 255.0.0.0 
 ospf authentication null
interface Ethernet0/2
 shutdown
 no nameif
 no security-level
 no ip address
interface Ethernet0/3
 shutdown
 no nameif
 no security-level
 no ip address
interface Management0/0
 nameif management
 security-level 100
 ip address 192.168.1.1 255.255.255.0 
 management-only
boot system disk0:/asa821-k8.bin
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup outside
dns domain-lookup inside
dns server-group DefaultDNS
 name-server 10.11.1.8
 name-server 10.11.1.9
 domain-name xxxx.lan
access-list test_splitTunnelAcl standard permit host 10.11.0.0 
access-list test_splitTunnelAcl standard permit host 192.168.0.0 
access-list cisco_splitTunnelAcl standard permit 192.168.0.0 255.255.0.0 
access-list cisco_splitTunnelAcl standard permit 10.0.0.0 255.0.0.0 
access-list inside_nat0_outbound extended permit ip 192.168.0.0 255.255.0.0 10.11.1.224 255.255.255.224 
access-list inside_nat0_outbound extended permit ip 10.0.0.0 255.0.0.0 10.11.1.224 255.255.255.224 
access-list cisco_splitTunnelAclstandard standard permit 10.11.0.0 255.255.0.0 
access-list test22 extended permit icmp any host 24.60.160.131 
access-list test22 extended permit icmp host 24.60.160.131 any 
access-list test22 extended permit icmp any 72.163.216.0 255.255.255.0 
access-list test22 extended permit icmp 72.163.216.0 255.255.255.0 any 
pager lines 24
logging enable
logging list allwarnings level warnings
logging buffered debugging
logging asdm informational
logging from-address vpn@xxx.xxx
logging recipient-address xxx@xxx.xxx level warnings
mtu outside 1500
mtu inside 1500
mtu management 1500
ip local pool RemoteUsersDHCP 10.11.1.230-10.11.1.254 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
icmp permit any outside
icmp permit any inside
no asdm history enable
arp timeout 14400
global (outside) 1 interface
global (inside) 101 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 101 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 x.x.x.x
route inside 10.1.1.8 255.255.255.255 10.11.1.2 1
route inside 10.1.1.9 255.255.255.255 10.11.1.2 1
route inside 10.11.0.0 255.255.0.0 10.11.1.10 1
route inside 192.168.0.0 255.255.0.0 10.11.1.10 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server Campus protocol nt
 reactivation-mode timed
aaa-server Campus (inside) host 10.11.1.8
 timeout 5
 nt-auth-domain-controller noblesfr
aaa authentication ssh console LOCAL 
http server enable
http 192.168.1.0 255.255.255.0 management
http 0.0.0.0 0.0.0.0 inside
http redirect inside 80
http redirect outside 80
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac 
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac 
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac 
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac 
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac 
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac 
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac 
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac 
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac 
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map inside_map interface inside
crypto ca trustpoint ASDM_TrustPointA
 enrollment terminal
 crl configure
crypto ca trustpoint ASDM_TrustPointB
 enrollment terminal
 crl configure
crypto ca trustpoint ASDM_TrustPoint1
 enrollment terminal
 subject-name CN=VPN1.nobles.lan,O=Noble and Greenough School,C=US
 keypair NoblesVPN
 crl configure
crypto ca certificate chain ASDM_TrustPointA
 certificate ca 3863def8
    3082042a 30820312 a0030201 02020438 63def830 0d06092a 864886f7 0d010105 
    05003081 b4311430 12060355 040a130b 456e7472 7573742e 6e657431 40303e06 
    0355040b 14377777 772e656e 74727573 742e6e65 742f4350 535f3230 34382069 
    6e636f72 702e2062 79207265 662e2028 6c696d69 7473206c 6961622e 29312530 
    23060355 040b131c 28632920 31393939 20456e74 72757374 2e6e6574 204c696d 
    69746564 31333031 06035504 03132a45 6e747275 73742e6e 65742043 65727469 
    66696361 74696f6e 20417574 686f7269 74792028 32303438 29301e17 0d393931 
    32323431 37353035 315a170d 32393037 32343134 31353132 5a3081b4 31143012 
    06035504 0a130b45 6e747275 73742e6e 65743140 303e0603 55040b14 37777777 
    2e656e74 72757374 2e6e6574 2f435053 5f323034 3820696e 636f7270 2e206279 
    20726566 2e20286c 696d6974 73206c69 61622e29 31253023 06035504 0b131c28 
    63292031 39393920 456e7472 7573742e 6e657420 4c696d69 74656431 33303106 
    03550403 132a456e 74727573 742e6e65 74204365 72746966 69636174 696f6e20 
    41757468 6f726974 79202832 30343829 30820122 300d0609 2a864886 f70d0101 
    01050003 82010f00 3082010a 02820101 00ad4d4b a91286b2 eaa32007 1516642a 
    2b4bd1bf 0b4a4d8e ed8076a5 67b77840 c07342c8 68c0db53 2bdd5eb8 76983593 
    8b1a9d7c 133a0e1f 5bb71ecf e524141e b181a98d 7db8cc6b 4b03f102 0cdcaba5 
    4024007f 7494a19d 0829b388 0bf58777 9d55cde4 c37ed76a 64ab8514 86955b97 
    32506f3d c8ba660c e3fcbdb8 49c17689 4919fdc0 a8bd89a3 672fc69f bc711960 
    b82de92c c9907666 7b94e2af 78d66553 5d3cd69c b2cf2903 f92fa450 b2d448ce 
    0532558a fdb2644c 0ee49807 75db7fdf b9085560 853029f9 7b48a469 86e3353f 
    1e865d7a 7a15bdef 008e1522 54170090 2693bc0e 496891bf f847d39d 9542c10e 
    4ddf6f26 cfc31821 62664370 d6d5c007 e1020301 0001a342 3040300e 0603551d 
    0f0101ff 04040302 0106300f 0603551d 130101ff 04053003 0101ff30 1d060355 
    1d0e0416 041455e4 81d11180 bed889b9 08a331f9 a1240916 b970300d 06092a86 
    4886f70d 01010505 00038201 01003b9b 8f569b30 e753997c 7a79a74d 97d71995 
    90fb061f ca337c46 638f9666 24fa401b 2127cae6 7273f24f fe3199fd c80c4c68 
    53c68082 1398fab6 adda5d3d f1ce6ef6 15119482 0cee3f95 af11ab0f d72fde1f 
    038f572c 1ec9bb9a 1a4495eb 184fa61f cd7d5710 2f9b0409 5a84b56e d81d3ae1 
    d69ed16c 795e791c 14c5e3d0 4c933b65 3ceddf3d bea6e595 1ac3b519 c3bd5e5b 
    bbff23ef 6819cb12 93275c03 2d6f30d0 1eb61aac de5af7d1 aaa827a6 fe7981c4 
    79993357 ba12b0a9 e0426c93 ca56defe 6d840b08 8b7e8dea d79821c6 f3e73c79 
    2f5e9cd1 4c158de1 ec2237cc 9a430b97 dc80908d b3679b6f 48081556 cfbff12b 
    7c5e9a76 e95990c5 7c833511 6551
  quit
crypto ca certificate chain ASDM_TrustPointB
 certificate ca 3863e9fc
    308204f2 308203da a0030201 02020438 63e9fc30 0d06092a 864886f7 0d010105 
    05003081 b4311430 12060355 040a130b 456e7472 7573742e 6e657431 40303e06 
    0355040b 14377777 772e656e 74727573 742e6e65 742f4350 535f3230 34382069 
    6e636f72 702e2062 79207265 662e2028 6c696d69 7473206c 6961622e 29312530 
    23060355 040b131c 28632920 31393939 20456e74 72757374 2e6e6574 204c696d 
    69746564 31333031 06035504 03132a45 6e747275 73742e6e 65742043 65727469 
    66696361 74696f6e 20417574 686f7269 74792028 32303438 29301e17 0d303931 
    32313032 30343335 345a170d 31393132 31303231 31333534 5a3081b1 310b3009 
    06035504 06130255 53311630 14060355 040a130d 456e7472 7573742c 20496e63 
    2e313930 37060355 040b1330 7777772e 656e7472 7573742e 6e65742f 72706120 
    69732069 6e636f72 706f7261 74656420 62792072 65666572 656e6365 311f301d 
    06035504 0b131628 63292032 30303920 456e7472 7573742c 20496e63 2e312e30 
    2c060355 04031325 456e7472 75737420 43657274 69666963 6174696f 6e204175 
    74686f72 69747920 2d204c31 43308201 22300d06 092a8648 86f70d01 01010500 
    0382010f 00308201 0a028201 010097a3 2d3c9ede 05da13c2 118d9d8e e37fc74b 
    7e5a9fb3 ff62ab73 c8286bba 10648287 13cd5718 ff28cec0 e60e0691 502983d1 
    f2c32adb d8db4e04 cc00eb8b b696dcbc aafa5277 04c1db19 e4ae9cfd 3c8b03ef 
    4dbc1a03 65f9c1b1 3f7286f2 38aa19ae 10887828 da75c33d 0282029c b9c16577 
    76244c98 f76d3138 fbdbfedb 370276a1 1897a6cc de200949 36246942 f6e43762 
    f1596da9 3ced349c a38edbdc 3ad7f70a 6fef2ed8 d5935a7a ed084968 e241e35a 
    90c18655 fc51439d e0b2c467 b4cb3231 25f0549f 4bd16fdb d4ddfcaf 5e6c7890 
    95deca3a 48b9793c 9b19d675 05a0f988 d7c1e8a5 09e41a15 dc8723aa b2758c63 
    2587d8f8 3da6c2cc 66ffa566 68550203 010001a3 82010b30 82010730 0e060355 
    1d0f0101 ff040403 02010630 0f060355 1d130101 ff040530 030101ff 30330608 
    2b060105 05070101 04273025 30230608 2b060105 05073001 86176874 74703a2f 
    2f6f6373 702e656e 74727573 742e6e65 74303206 03551d1f 042b3029 3027a025 
    a0238621 68747470 3a2f2f63 726c2e65 6e747275 73742e6e 65742f32 30343863 
    612e6372 6c303b06 03551d20 04343032 30300604 551d2000 30283026 06082b06 
    01050507 0201161a 68747470 3a2f2f77 77772e65 6e747275 73742e6e 65742f72 
    7061301d 0603551d 0e041604 141ef1ab 8906f849 0f013377 ee147aee 197c9328 
    4d301f06 03551d23 04183016 801455e4 81d11180 bed889b9 08a331f9 a1240916 
    b970300d 06092a86 4886f70d 01010505 00038201 010007f6 5f82847f 8040c790 
    34464224 03ce2fab ba839e25 730dedac 0569c687 eda35cf2 57c1b149 769a4df2 
    3fdde40e fe0b3eb9 98d93295 1d32f401 ee9cc8c8 e53fe053 7662fcdd ab6d3d94 
    90f2c0b3 3c982736 5e289722 fc1b40d3 2b0dadb5 576ddf0f e34bef73 021065fa 
    1bd0ac31 d5e30fe8 ba323083 ee4ad0bf df22907a beec3a1b c449041d f1ae8077 
    3c4208db a73b28a6 800103e6 39a3ebdf 80591bf3 2cbedc72 4479a06c 07a56d4d 
    448e4268 ca947c2e 36ba859e cdaac45e 3c54befe 2fea699d 1c1e299b 96d8c8fe 
    5190f124 a69006b3 f029a2ff 782e775c 4521d944 0031f3be 324ff50a 320dfcfc 
    ba167656 b2d64892 f28ba63e b7ac5c69 ea0b3f66 45b9
  quit
crypto ca certificate chain ASDM_TrustPoint1
 certificate 4c1c1355
    3082052d 30820415 a0030201 0202044c 1c135530 0d06092a 864886f7 0d010105 
    05003081 b1310b30 09060355 04061302 55533116 30140603 55040a13 0d456e74 
    72757374 2c20496e 632e3139 30370603 55040b13 30777777 2e656e74 72757374 
    2e6e6574 2f727061 20697320 696e636f 72706f72 61746564 20627920 72656665 
    72656e63 65311f30 1d060355 040b1316 28632920 32303039 20456e74 72757374 
    2c20496e 632e312e 302c0603 55040313 25456e74 72757374 20436572 74696669 
    63617469 6f6e2041 7574686f 72697479 202d204c 3143301e 170d3132 30313237 
    32303237 31325a17 0d313331 32323331 34313235 345a3075 310b3009 06035504 
    06130255 53311630 14060355 0408130d 4d617373 61636875 73657474 73310f30 
    0d060355 04071306 44656468 616d3123 30210603 55040a13 1a4e6f62 6c652061 
    6e642047 7265656e 6f756768 20536368 6f6f6c31 18301606 03550403 130f5650 
    4e312e6e 6f626c65 732e6c61 6e308201 22300d06 092a8648 86f70d01 01010500 
    0382010f 00308201 0a028201 0100b391 aea68a26 f0a30827 69cc1410 296c8bdf 
    6ecaeac1 88725d0f 98889222 4f9055f8 22ca79a8 ecb53269 9e96575a 67ba4f8c 
    a234c107 dea84f8c fd81a034 0de1a40d 50c0074b a28ec228 9a0d056f d650b958 
    c6ef2ed0 91c2c8c2 ff06eaa3 58c622d1 19e757bb 37f30d60 ded0ea2a 5cbd85df 
    32883ef5 62ae8a10 756b9ed9 fd01780b 6dfa5922 92780660 4255c93f 4bbc6428 
    bcd488a7 282efaa9 6f5c8b55 1c567ac2 32565e82 d15e82fd fcc2c34e 012e3832 
    4e46707b 2a369a60 c778e052 60740f68 0581b630 6b5b5076 d17ee61b a7c85a3e 
    18bf032c 6c67ccac 9557c326 f1e13435 4ffb35bf 37ce314d 22dc2fac 0674bd9a 
    9af19508 c7a40d02 123cc5fd 504f0203 010001a3 82018630 82018230 0b060355 
    1d0f0404 030205a0 301d0603 551d2504 16301406 082b0601 05050703 0106082b 
    06010505 07030230 33060355 1d1f042c 302a3028 a026a024 86226874 74703a2f 
    2f63726c 2e656e74 72757374 2e6e6574 2f6c6576 656c3163 2e63726c 30650608 
    2b060105 05070101 04593057 30230608 2b060105 05073001 86176874 74703a2f 
    2f6f6373 702e656e 74727573 742e6e65 74303006 082b0601 05050730 02862468 
    7474703a 2f2f6169 612e656e 74727573 742e6e65 742f6c31 632d6368 61696e2e 
    63657230 40060355 1d200439 30373035 06092a86 4886f67d 074b0230 28302606 
    082b0601 05050702 01161a68 7474703a 2f2f7777 772e656e 74727573 742e6e65 
    742f7270 61302b06 03551d11 04243022 820f5650 4e312e6e 6f626c65 732e6c61 
    6e820f56 504e312e 6e6f626c 65732e65 6475301f 0603551d 23041830 1680141e 
    f1ab8906 f8490f01 3377ee14 7aee197c 93284d30 1d060355 1d0e0416 041472ce 
    0a882f70 614439da bd5d2a77 b6cb8177 15fe3009 0603551d 13040230 00300d06 
    092a8648 86f70d01 01050500 03820101 000259ec 4f7d1f1c 903d1e14 4b7007ec 
    b43f1f18 c7fc4a0c e8baeab7 9e9da6bb 7533f8f5 088a1af9 21c9d1d4 f396ded4 
    749b44c7 dea612ec d2f459da 5c48e1f7 e4acb000 b0641656 26aa3762 565b93d8 
    f00386e2 b0add856 1157e151 0977cbae 62a122fd e6cd7772 00ea9a6d aa0f728e 
    a100796a 09c64a11 22ab2735 4fa58cb4 b3535cbe 4e712cee 72c5aafb 53fe2611 
    1db6e598 0ea1a89e 5bb88ee6 3dfa1325 77b9f1e8 3d98fe21 a4cd1bfd a7f049c9 
    69d37776 8f72790d 4aa2b1db 8d440802 946fc4e0 a038e7c7 429b5f75 5c4351f2 
    e906a587 79946b83 061d1654 331ce3b7 eb607114 0923032b b4541c41 2a28fbf2 
    4f8a5408 0327f5ea f2613b35 f60e8cdc 58
  quit
crypto isakmp enable outside
crypto isakmp enable inside
crypto isakmp policy 10
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto isakmp policy 30
 authentication crack
 encryption 3des
 hash sha
 group 2
 lifetime 86400
vpn-addr-assign local reuse-delay 5
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
threat-detection basic-threat
threat-detection statistics port
threat-detection statistics protocol
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ntp server 69.36.241.112 source outside
ssl trust-point ASDM_TrustPoint1
ssl trust-point ASDM_TrustPoint1 inside
ssl trust-point ASDM_TrustPoint1 outside
webvpn
 enable outside
 enable inside
 default-idle-timeout 900
 svc image disk0:/anyconnect-macosx-i386-2.4.0154-k9-BETA.pkg 1
 svc image disk0:/anyconnect-win-2.3.0254-k9.pkg 2
 svc image disk0:/anyconnect-macosx-i386-2.3.0254-k9.pkg 3
 svc image disk0:/anyconnect-macosx-i386-2.3.0254-k9.pkg 4
 svc enable
 tunnel-group-list enable
group-policy noblesGP internal
group-policy noblesGP attributes
 vpn-idle-timeout none
 vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value cisco_splitTunnelAcl
 address-pools value RemoteUsersDHCP
 webvpn
  url-list value testbm
  svc ask enable default webvpn
group-policy DfltGrpPolicy attributes
 dns-server value 10.11.1.8
 vpn-idle-timeout 15
 vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
 webvpn
  svc ask enable default webvpn
username xxxxx password xxxxxxxxxxxxxxxx encrypted privilege 15
username administrator xxxxxxxxxxxxx/rm encrypted
username cisco password 3USUcOPFUiMCO4Jk encrypted privilege 15
tunnel-group DefaultWEBVPNGroup general-attributes
 authentication-server-group Campus
tunnel-group Nobles type remote-access
tunnel-group Nobles general-attributes
 address-pool RemoteUsersDHCP
 authentication-server-group Campus
 default-group-policy noblesGP
tunnel-group Nobles webvpn-attributes
 group-alias Noble.VPN enable
class-map inspection_default
 match default-inspection-traffic
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map 
  inspect ftp 
  inspect h323 h225 
  inspect h323 ras 
  inspect rsh 
  inspect rtsp 
  inspect esmtp 
  inspect sqlnet 
  inspect skinny  
  inspect sunrpc 
  inspect xdmcp 
  inspect sip  
  inspect netbios 
  inspect tftp 
service-policy global_policy global
imap4s
 enable outside
 enable inside
 default-group-policy DfltGrpPolicy
pop3s
 enable outside
 enable inside
 default-group-policy DfltGrpPolicy
smtps
 enable outside
 enable inside
 default-group-policy DfltGrpPolicy
smtp-server 10.11.13.7
prompt hostname context 
Cryptochecksum:70a463471a63f7f59a0b7af50aad0d5d
: end
no asdm history enable

Open in new window

0
Comment
Question by:dan08
  • 2
3 Comments
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38307738
I would suggest using LDAP auth with 2008
0
 
LVL 57

Accepted Solution

by:
Pete Long earned 2000 total points
ID: 38313811
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38313934
@PeteLong

Any advantages of using Kerberos over LDAP ?
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question