Hi,

I have an ADFS "Web Application Proxy Service" that is not starting even if i try manually.

Error:

Can a csv with the division ad attribute be mapped to active directory users?

Hi,

I have 2 machines that are not getting GPs and getting below error. Please assist.

Message          : The processing of Group Policy failed. Windows attempted to read the file
                   \\abc.corp\SysVol\abc.corp\Policies\{DE985BED-5764-4A16-A991-231E4AD1C8A3}\gpt.ini from a
                   domain controller and was not successful. Group Policy settings may not be applied until this event
                   is resolved. This issue may be transient and could be caused by one or more of the following:
                   a) Name Resolution/Network Connectivity to the current domain controller.
                   b) File Replication Service Latency (a file created on another domain controller has not replicated
                   to the current domain controller).
                   c) The Distributed File System (DFS) client has been disabled.
LogName          : System
TimeCreated      : 11/8/2018 7:13:38 PM
LevelDisplayName : Error
MachineName      : xyz.abc.corp


Thank you in Advance.

Hello,

In an Exchange 2007 environment, right clicking "remove" on a mailbox deletes the mailbox and the AD object. Does anybody know how long that process takes for the AD object to remove? I ask, because I removed some mailboxes over a week ago and the AD objects are still present. My deleted mailbox retention policy is only 3 days.

Hope somebody can offer some advice.

Thanks

Find Where Your Active Directory Groups Are Used On File Shares

Thanks in Advance!

I have a customer that has a very small environment with 1 windows server with AD on it.  (about 10-15 users and most of them remote).
They don't have the funds for a second DC, currently, i have backups of file level and am using windows server backup for image backups.  
was thinking about this scenario  but wanted to run it by the experts to get their thoughts on it:     would like to create an Active directory server in the cloud that can, 1. sync with the onprem AD (so we have a copy of ACTIVE Directory in the cloud).   or 2. sync once a day while firing up the cloud server to allow syncing and then turn it off---to save on cost--incase cost is an issue.   3. have a scenario where the remote users can authenticate and not use cached profiles (besides using vpn).

question on the above scenario:   I'm sure Im not the first one thinking about this scenario---wanted to get your thoughts on how you guys are handling it for small businesses.

I would like to know of it's possible to get notified by Active Directory when a user has been added/removed from a group?

Is there a way in python to "subscribe" to have our program notified when this kind of event occur?

The only way i could detect those changes is to pool data periodically to see group changes.

(running python 3.7 on windows server 2012 r2)

yet, i've found pyad and python-ldap modules, but none of them seems to have functions for that.

Note: If it's not possible to be advised, then is there a way to just check with a single call "Is there any changes?"... and if there's some changes, i could browse a complete group to see these changes.

Thanks

Hi All

I'm hoping someone can help me with the following Word 2016 settings.

I want to be able to change the Smart cut and paste settings within Word 2016 via a group policy.  I cant see the settings I'm looking for within GP editor and also cant spot where the registry setting sit.

I've attached a screen shot of the setting I want to untick. Any ideas how I could change this.

Many thanks

Hi,

Is there a way in AD or any other way to get all ADFS servers in the company?

Thanks

I am installing a new active directory / exchange 2016 server for one of my clients.  They have at the moment Kerio for their email on the old server that this one will be replacing. Just as a history for it they did have before the kerio an sbs 2008 server which had exchange 2007 on it. The problem I am having at the moment is I have setup the exchange server just like I have done for other customers but for some reason when I try to connect outlook on the computers that are on the domain it will find the email with the autodiscovery and when it searches for it then it puts up a box for credentials. Which these being on the domain and logged in as that person should not do but either way I have even tried to put their credentials in with local domain\username and  username@local domain in the username field and it keeps popping up.  when I do this I make sure the computer is pointing to the correct email server.  If it helps they have outlook 2016 and they get it with office 365.  I did get one user to work correctly I had disabled and deleted the mailbox from exchange then remade the mailbox.  Her computer continued asking till I rebooted it then it worked just fine.  I then disabled and recreated the other users mailboxes but they still have the problem even after a restart.  Also to note that on the computer with the person that it is working correctly with I logged into somebody that it was not working right on and even on that computer it still asks that person for …

hi citrix experts

We have in our environment Citrix users profile problem. we have XenApp 7.12

We are using Citrix user profiles and we do this via delivery controller policy

We do folder redirection for (( desktop – my documents – download – APP data – contact – links – pictures – start menus – etc ))

But recently our user profiles getting bigger so much and I found the biggest directory

AppData\Local\Microsoft\Windows\INetCache

AppData\Local\Mozilla\Firefox

I found online this links  which shoes which paths I have to include

https://www.smali.net/citrix-profile-management/

here the configuration but with AD GPO but we use Citrix policy from delivering controller

https://www.lewan.com/blog/citrix-profile-management-done-correctly-part-1-of-2

I have two questions

1-      In the delivery controller policy, I can add the exclusion directory  and exclusion files but I don’t know the syntax

Should be like this      AppData\Local\Microsoft\Windows\INetCache

Or like this the all path from the shared file system     \\filerone\CTX-Profiles\%username%\UPM_Profile\AppData\Local\Microsoft\Windows\INetCache


2-      After I configure this policy and let say it worked what will happen to the data inside the old users profile some of the users has more than 6 GB \INetCache directory. it will be removed automatically or I have to do it manually


And any side effect to user work

I am exploring using Azure Active Directory for a 100 person organization. There is no AD today, everything is local workgroups. We have deployed many elements of the O365 Stack and every user has an account. I have added 2 new laptops to the Azure Active Directory via Win 10 first boot. The devices are now managed by MDM/Intune.  We purchased AzureAD Premium 1 licenses.  

My issue is, can I apply GPO to these machines like they were in AD? The machines show they are in Workgroup. Printers are the only real AD type items to worry about. There is no file server, local share, etc. We are trying to be 100% Cloud.  

We are trying to avoid dedicated AD server, VPN, AD Connector, etc.  It seems like AzureAD is very close, but the devices showing they are Workgroup, not in a domain is my concern. I would much rather them show in a domain.

I am currently doing off-site testing of our backups and having a minor issue I was hoping someone could shed some light on or point me in the right direction for resolving.  We are a school district and our backup needs are not the same as a for profit business, so we are doing a mixture of backups both using backup exec, as well as nightly full backups using Windows Backup on a few 2008 R2 machines. Such as 1 domain controller that holds our FSMO roles, and our Mail Server which is hosting exchange 2010.

My problem is, when I restore the DC in our test environment, FRS is not up and running for several hours because it cannot find the other 2 domain controllers we normally have in our production environment. So AD is not fully up and running.  After a few hours of sitting, it magically starts working and event logs showing FRS is no longer preventing the machine from being a DC.

Is there something I can do to quickly resolve the issue in case of a real DR situation?  Once its fully up, I just do a metadata cleanup and remove the other DC's replicas in my test environment, but can't do that until FRS is up and running.  Any help would be greatly appreciated!  =)