Improve company productivity with a Business Account.Sign Up

x

Active Directory

76K

Solutions

38K

Contributors

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Share tech news, updates, or what's on your mind.

Sign up to Post

One thing I've always found frustrating is no matter how many times one asks the end users to not save things on their local machines, they do it anyway. Forget that we don't back up the desktops - only the servers. Well, let's sneak their data onto the servers without them knowing about it.
0
Simplify Active Directory Administration
LVL 8
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Seizing the Operation Master Roles in Windows Server 2016 in case of FSMO holder failure.
0
Audit Active Directory
In this article, we will discuss how you can secure Active Directory using free tools, and how you can choose a safe and secure Active Directory security auditing tool.
0
 
LVL 26

Expert Comment

by:MidnightOne
Comment Utility
This isn't an article, it's an advertisement.
0
If you need to implement application level security in an Access database application or other VBA code, I strongly encourage you to take advantage of Active Directory groups.
0
The Windows Firewall provides an important layer of protection and a rich interface to configure it. Unfortunately, it lacks item level filtering. This article details my process of implementing firewall-as-code to reduce GPO bloat.
0
You have missed a phone call. The number looks like it belongs to the bunch of numbers which your company uses. How to find out who has just called you?
0
 
LVL 5

Author Comment

by:Michal Ziemba
Comment Utility
I wonder, have you ever been in this kind of situation that you couldn't find the owner of the number who has just called you, and you were certain that this was a company number, which means it should be fairly easily be found in Outlook address book or in Active Directory?
Except for admin tools I have in hand I also tried to search for the phone number in Outlook without success. How about you?
0
Native ability to set a user account password via AD GPO was removed because the passwords can be easily decrypted by any authenticated user in the domain. Microsoft recommends LAPS as a replacement and I have written an article that does something similar. But what if you want something simple?
1
FADPRT
The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone. Any comments, bug reports etc. are welcome...
5
 
LVL 17

Expert Comment

by:Andrew Leniart
Comment Utility
@Steve

Why not "Ask a Question" for help with this issue?
1
 

Expert Comment

by:Steve Marchand
Comment Utility
Hi Shaun,

.Net Framework 4.6 is installed as a feature with IIS but I do see that ASP .Net 4.6 is not installed so I will add that and try again as this is an ASP .NET site.

Line 64 shows as blank but this is line 62-71
<system.webServer>
  <validation validateIntegratedModeConfiguration="false" />


<handlers>
  <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="Syetem.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersion4.0" responseBufferLimit="0" />
  <remove name="OPTIONSVerbHandler" />
  <remove name="TRACEVerbHandler" />
  <!--<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="Syetem.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersion4.0" />-->
</handlers></system.webServer>

Open in new window

0
I’m willing to make a bet that your organization stores sensitive data in your Windows File Servers; files and folders that you really don’t want making it into the wrong hands.
0
Scripts are great for performing batch jobs against users, however sometimes the GUI is all you need.
1
Easily Design & Build Your Next Website
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

Sometimes it necessary to set special permissions on user objects. For instance when using a Blackberry server, the SendAs permission needs to be set. I see many admins struggle with the setting that permission only to see it disappear within a few hours. The issue usually on occurs on a few users
0
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
1
 
LVL 28

Expert Comment

by:Tom Cieslik
Comment Utility
Very useful information but I don't get it one thing:

Move-ADDirectoryServerOperationMasterRole -Identity “TCLDC01”
- -identity is a TARGET server right ? So this is a server where role will be transfered to.

Move-ADDirectoryServerOperationMasterRole -Identity “Target_DC_name”

So if yes, then why you checking other server if all roles were moved

All 5 Roles has been transferred to TCLDC02

Or maybe I don't get it.
0
 
LVL 20

Expert Comment

by:Brian
Comment Utility
@Tom - It looks like the PowerShell screenshots are incorrect. Using the get-help Move-ADDirectoryServerOperationMasterRole command it clearly states "The Identity parameter specifies the directory server that receives the roles." In the screenshot above it should have shown TCLDC02.
0
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
7
 
LVL 102

Expert Comment

by:John
Comment Utility
Interesting article. At my main client, we are not currently seeing high turnover (which is a good thing), but I have made a note and when there is an opportunity, we will try it out.

Thank you.
1
 
LVL 23

Expert Comment

by:Alan
Comment Utility
Thumbs up working now - thanks!

Alan.
1
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
4
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
5
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
0
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
4
 
LVL 42

Author Comment

by:Shaun Vermaak
Comment Utility
I do have a password-self-help portal, will post in the next few weeks
2
 
LVL 42

Author Comment

by:Shaun Vermaak
Comment Utility
0
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
7
 
LVL 23

Expert Comment

by:Alan
Comment Utility
Hi Ann,

You have posted here on Shaun's article, but you also need to close the question.

Thanks,

Alan.
1
 
LVL 42

Author Comment

by:Shaun Vermaak
Comment Utility
Comment and suggestions welcome. Let me know if you need any help ;)
1
GPO Monitor
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed or changed with an option for email notifications.
2
The 14th Annual Expert Award Winners
LVL 7
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
0
Compliance and data security require steps be taken to prevent unauthorized users from copying data. Here's one method to prevent data theft via USB drives (and writable optical media).
3
 
LVL 97

Author Comment

by:Lee W, MVP
Comment Utility
Ok, thanks!
0
 
LVL 8

Expert Comment

by:Senior IT System Engineer
Comment Utility
Thanks for sharing the great article.
0
Let's recap what we learned from yesterday's Skyport Systems webinar.
1
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
3
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
0
Here's a look at newsworthy articles and community happenings during the last month.
3

Active Directory

76K

Solutions

38K

Contributors

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Vendor Experts

Kevin StanushSystemTools Software Learn more about SystemTools Software