Introduction Just a short blogpost about troubleshooting existing certificate services within the Active Directory domain. In this case the domain controllers were not able to renew their certificates through autoenrollment. In a meanwhile the existing certs were already expired so LDAPS was no longer available. A group of servers did not find any trouble updating their certs,
- dennis@rietveld-ict.nl
- +31 6 11 318 528
Category: Active Directory
SID translation problems Weird things can happen if something goes wrong with the RPC protocol, wheter it’s related to network traffic being blocked by a firewall (yes, I’m talking to you ephemeral ports) or just because the name resolution contains numerous configuration errors. Recently I was asked to troubleshoot SID translation problems over a forest trust. The
Introduction There are several good guides on the internet about upgrading your Active Directory Forest, Domains and Domain Controllers to Windows Server 2012 R2. I’d like to give you my strategy on this subject. It’s not wrong to add new Domain Controllers to your 2003/2008 domain, transfer the FSMO roles and demote the 2003/2008 DC’s,
The following powershell cmdlets will help you identify user accounts in your Active Directory environment that have settings configured that are a joy for hackers. My advise is to schedule the cmdlets or put them in a script to automate the process. Use the export-csv cmdlet piped to create a usable list. For example |
Introduction Finally I have found some time to write this blogpost in detail. It took place last year somewhere around october and november, so here we go! The other day I received some complaints about not being able to access a CIFS share on the network. Several users acknowledged this, they got the Windows authentication
In case you’ve accidentally deleted a DNS zone it’s good to know how to recover asap and get the deleted zone back in your production environment. I’m using a DNS zone export as a backup of the zone that has been deleted. We admins are lazy so this is the most convenient way to recover a
One of the biggest challenges in Active Directory Domain Controller upgrades are the application member servers, specifically the ones that make use of Active Directory authentication (Ldap). We all know the legacy applications within the organization, they’re still running after ten or more years, nobody knows something about it, there isn’t any documentation left but
Once in a while someone at your company asks you if you can deliver a list of users who are member of administration groups within your Active Directory environment. We want to restrict admin access to a minimum so it’s good to know who are the lucky ones and who are slipped through. 😉
Recent Posts
Experts Live 2016 Slide Deck Download 23/11/2016
Speaking at Experts Live 2016 20/10/2016