We also have SSPR portal but the problem is those employees are hourly worker and they do not have any machine assigned. They access our system for attendance nd salary slip only. So they do not know how to operate the computer, they are machine operate in factory and labor work. So our SSPR solution does not fit them.
I cheked again, I am not able to login in RODC after reboot. All the ports between RODC and RWDC looks good. This login issue is coming because IPSec tunnel is not getting established. As I check now after reboot, my RODC network profile is "Public". However, it should be "Domain". So I think this problem is coming because after rebooting, my RODC's network profile is getting change from "Domain" to "Public". How could I ensure that my RODC network profile will always be DOMAIN.
Thank you Clement. I am not so much an expert in PowerShell. Just basic tasks. This code looks difficult to me. please can you help me writing full code. Thanks in davance.
$ou = get-adorganizationalUnit -filter 'name -like "UK*"' -SearchBase "dc=superit,dc=com" -SearchScope OneLevel
$DelOU = "ou=Servers,"+$ou.DistinguishedName
dsacls "$DelOU" /I:T /G "SystemAdmins:CCDC;computer"*
Where should I place DT: . May be you can help to writing full script for me. Thank you in advance.
$ou = get-adorganizationalUnit -filter 'name -like "UK*"' -SearchBase "dc=superit,dc=com" -SearchScope OneLevel
# Computers OU rights / Create,delete computer accounts
$DelOU = "ou=Servers,"+$ou.DistinguishedName
dsacls "$DelOU" /I:T /G "SystemAdmins:CCDC;computer"*
Due to security concern we cannot move them in another OU. They should must be in their respected regional OU.