So, I recently inherited a small client with SBS 2011 and their previous IT admin only ever used the Default Domain Policy to apply computer and users settings (such as mapped drives and printers). Microsoft has quite a strong recommendation of best practice for the two policies which goes along the lines of; Default Domain … Continue reading "Reset the Default Domain and Domain Controller Group Policy Objects to their out of box state"
I was recently setting up some Linked SQL Servers for a customer to perform queries against a database on one server through another. One of the things you need to get right when setting up linked servers when using Service accounts in Active Directory is SPNs (or Service Principal Names) and Authority to Delegate (for … Continue reading "How to easily Check your SPN and Delegation settings for SQL Server in an Active Directory environment"
A client is currently in the planning stages of doing a migration to Azure AD and Office 365 and one of the things we needed was a list of users who have not logged on in the last few months but are still active in our AD. Well it’s PowerShell to the rescue again (with … Continue reading "Get a list of users in Active Directory who have not logged in for specified number of days using PowerShell"
So I’m going through and trying to automate a lot of things in our environment (one thing you should always try and do as a SysAdmin is to automate repetitive tasks) and to help me achieve this I’m using Group Policy, step one is enable Remote Desktop to all of our Servers automatically. Created the Group … Continue reading "Remote Desktop is Blocked in Windows Firewall even though Group Policy Setting is set to allow"
Starting with Google Chrome 58 no longer trusts certificates without the Subject Alternative Name attribute, so this makes it a little troublesome for those with internal CAs where you rely on them for Software Development. We noticed last week that some end users couldn’t hit an internal application over HTTPS, but was fine in Firefox … Continue reading "How to allow an Active Directory Certificate Authority to generate Certificates with a Subject Alternative Name attribute"
I had a VM snapshot/checkpoint running for several months in my test lab and after reverting the snapshot back I went to login to the machine and got the dreaded Trust relationship between this computer and the primary domain failed error message. So I logged in as a local admin onto that machine, opened up … Continue reading "Fixing The trust relationship between this computer and the primary domain failed Error when restoring a Snapshot or Old Virtual Machine"
So I was recently going through our Group Policy and found that we were applying a reg file to specify the Server IP for our ClickView Players. I don’t really like this approach anymore and tend to try and have everything nice and neat so I set about creating a ADM file to store the … Continue reading "Specify ClickView Server IP settings via the Registry using Group Policy with an ADMX Template"
We recently deployed some Microsoft Surface Pro 3s (love these devices) for our Executive team along with some new equipment in meeting / board rooms with Wireless Display capabilities. During testing with my personal SP3 (not domain joined) the wireless display worked a treat, so I expected it to work fine on the ones we … Continue reading "Wireless Projection / Miracast option disappears from Microsoft Surface Pro 3 / Windows 8.1 after joining a Active Directory Domain"
We recently took on a new hire, although I was confident in their ability in managing Active Directory I wanted to take an extra step in protecting Organizational units from deletion. I was sure that I could do this quickly using PowerShell instead of right-clicking each of our 80 odd OUs and going into their … Continue reading "How to protect all existing Organizational Units (OUs) in your Active Directory domain from Accidental Deletion by using PowerShell"
We recently upgraded our Domain and Forest Functional Level from 2003 to 2008 R2, after a day or so I started having problems connecting to a number of 2008 R2 Hyper-V Virtual Machines. When attempting to connect I would receive the following error: An Authentication Error Has Occurred. The Encryption Type Requested Is not supported … Continue reading "Fixing KDC Authentication Problems when upgrading your domain and forest functional level from 2003 to 2008 R2"