8 04, 2019

Find Expiring certificates in Active Directory

By |2019-04-08T14:02:34+02:00April 8th, 2019|Active Directory, Powershell, Windows Server|0 Comments

While using S/MIME certificates for mail encryption or any other type of certificates in the system environment it's good practice to check from time to time whether some of them are not expiring and not being renewed for some reason. Sometimes user is just not connected due to holidays or some error occurs. Then, certificate [...]

27 09, 2018

repadmin /syncall RPC Server is unavailable – ipv6 problem

By |2018-09-27T09:57:30+02:00September 27th, 2018|Active Directory, Windows Server|0 Comments

  Recently I was cleaning up our DNS system after adding new NICs to the server and during this process I accidentally disabled DNS service on IPv6 protocols. I am perfectly aware of dangers of disabling IPv6 in recent Windows versions(2008 and up) but somehow I decided that DNS servers shouldn't listen or respond on [...]

11 07, 2017

How to block executables from APPDATA

By |2017-07-11T09:10:38+02:00July 11th, 2017|Active Directory, Windows Server|0 Comments

While searching for some useful GPOs I encountered very nice thread with clear and thorough explanation about how to restrict/whitelist locations and file types that can be executed in Windows OS using Group Policy Object. Commenter state that using this method he basically got rid of all threads in his environment and analysing his approach [...]

20 03, 2016

Force replicate data between Domain Controllers

By |2016-04-07T19:48:13+02:00March 20th, 2016|Active Directory|0 Comments

From time to time you want to speed things up when deploying or upgrading schema or configuration of AD. If this is a case you can force to replicate all info between all domains controllers by specifiyng a command: repadmin /syncall dest-domain-controller /APed /syncall - all information dest-domain-controller  - pretty obvious. If running on a [...]

16 06, 2015

How to rename Windows Server 2012 domain

By |2016-12-22T21:35:10+01:00June 16th, 2015|Active Directory, How-To's, Microsoft, Windows Server|0 Comments

There are times, when after creating and setting up domain environment you realize that you made a mistake in naming convention. For example domain with .local or .intranet was used. According to Microsoft and many sources like for example mdmarra.com blog you should avoid TLD and avoid above names since they are now sold by ICANN and [...]

29 10, 2014

Remove TAPI3Directory when migrating from Windows Server 2003 to 2008 and up

By |2015-12-17T08:14:33+01:00October 29th, 2014|Active Directory, Windows Server|4 Comments

Recently we tried to migrate our old Windows Server 2003 box holding Active Directory FSMO roles to Windows 2008 R2. After joing 2008r2 to our domain we wanted to transfer all FSMO roles to it. It all went well without any problems. Next step was to join another 2008r2 as second DC and demote old [...]

1 09, 2014

VBS logon script not enumerating memberOf attribute in AD

By |2015-09-22T13:57:10+02:00September 1st, 2014|Active Directory, Errors and fixes, Microsoft, Windows Server|0 Comments

When you create a user in AD and assing a login script to do something based on memberOf attribute and you assign only one group to that user you will run in a strange situation. User is a member of the group, has all privileges, windows sees them but when you use logon vbs script [...]

Go to Top