active directory -grant permission to undelete user only move and create
I try to give user permission in an active directory to create users and move between them, but do not delete them. When I delegate control to some group, I do not have the option to undelete users.
How to validate access token received after micorsoft login?
We are using Active Directory SAML SSO. We are getting the token as a response with the following json response {"token_type": "Bearer", "scope": "openid profile User.Read email", "expires_in": 3774,…
Cached logon not working
On one laptop we are seeing that cached credential don't work. We have DirectAccess set up so wherever they have an internet connection they should be able to log on, however, when this person doesn't have an internet connection because they're on the…
Unable to bulk change lock screen image
At my workplace, approximately 100 computers need to have the same lock screen changed. The Active Directory is set up on Windows Server 2012. However, because almost all of the computers are running Windows 11 Professional, I cannot use GPO to make the…
Problem with account blocked in Problem with account blocked in active directory
Problem with account blocked in active directory I have a problem with several Active Directory accounts. The account on the new computer is blocked at random times (this is not a problem with incorrect password entry). I was able to check the basic…
Set "Search engine used in the address bar" via GPO
Hello- Can someone please tell me how to set "Search engine used in the address bar" via GPO, to something other than Bing? I have found various answers across the web and none seems consistent or sufficient.
How to set multiple lock screen photos like slideshow through group policy to all computers in the domain ?
I want to apply multiple lock screen photos like slide show through group policy to one or all computers join to domain.
Azure B2C Custom Policy donot honor login prompt
I have B2C Custom Policy and it works great except only one issue. If I pass login prompt then it doesnot work and shows select account but If same code is used against standard userflow then it works without any issue
Azure Enterprise Application test getting failed.
I have an Issue in setting up Azure AD with Enterprise Application. Setting Up with Atlassian Cloud and everything was successful, but when testing it shows I did as per the documentation. But I dont know why this error exists. When I click this…
DFSR Replication Not Working. Followed a Tech Article that suggested Deleting all the DFSR Member Connections and Rebuilding. None of the Commands like Add-DfsrMember, Add-DfsrConnection Seem to work.
Trying to rebuild DFSR Replication connections. Majority of commands fail as it seems there is bugs surrounding the use of the Default Group name created by Microsoft for Active Directory Replication. Group Name: Domain System Volume This command…
Windows trust between parent and child domain broken
Hello, I was wondering if anyone has an idea how a domain trust could be fixed. The domain trust is broken but I can't fix it because DNS doesn't work properly anymore. DNS can't be fixed, because the domain trust is broken. The DC in the parent…
Validate group filter ldapregistry 3.0
Hello All, We have LDAP configured for a an application to be able to query our ldap server for members of a specific group, I can validate it in active directory using the below custom search …
Downside of using NTLM Authentication in Domain Controllers
`Hello everyone, Currently, NTLM v2 is enabled in the environment, but we are going to perform and upgrade the Domain controllers. I would like to understand the downside of enabling NTLM authentication in the new domain controllers. Thanks
Raise DFL and FFL level from 2008R2 to 2016
Hello Everyone, I have been working on an AD Modernization Project. Currently, in the environment, the Domain and Forest Functional levels are in 2008R2. I would like to raise the DFL and FFL level to Windows Server 2016. Since this is an irreversible…
How to Prompt for Credentials while accessing Network Shared Folder in a Domain environment
I'm currently tasked with maintaining our internal file server in an SMB company. Our setup includes a Windows Server 2012 R2 machine serving as both a file server and a domain controller. We have around 40 computers joined to the domain, with some users…
Delta import completed warnings exported-change-not-reimported - msDS-KeyCredential-Link attribute
Hello everyone I have a hybrid setup (PHS) in which the clients are Azure Ad Join and users use WHFB with cloud trust to log in to them. In the synchronization service manager, every now and then it gets the status for Delta import completed warnings…
does my joined pc send event ID 4625 to AD
does a joined pc send failed login attempts to the AD?
Prevent constant MFA requests for hybrid workforce
Hello, Most of our users are hybrid, working remotely via VPN and locally in office. Regardless of our 30-day MFA policy, our users are prompted for MFA every few days if they move locations between working at home and at the office. We are a non-profit…
How to hide users in GAL
Hi! I am scratching my head on this after looking at several posts.. Issue: We have leavers which we disable, remove licenses, convert mailboxes to shared ones and so on. We also moved the users to a non-synchronized OU in AD. However, they still…