Domain Replication Issues – Troubleshooting
Oct16

Domain Replication Issues – Troubleshooting

Posted By on Oct 16, 2018

KB ID 0000301 Problem You have one or more domain controllers in your Windows domain that is not replicating to one or more replication partners. Solution Step 1 DNS First! Before you start make sure all the domain controllers are pointing the PDC emulator ONLY for their DNS settings. 1. On the PDC emulator > Start > run > dnsmgmt.msc {enter}. 2. Expand _msdcs.yourdomainname Right Click it > Properties > Set Dynamic updates to...

Read More
PowerShell: Bulk Add/Remove Users From Groups
Oct15

PowerShell: Bulk Add/Remove Users From Groups

Posted By on Oct 15, 2018

KB ID 0001475 Problem I had to do this a few weeks ago, so I documented it. I had a list of usernames in a CSV file and I needed to bulk-add them to a security group. Bulk Add Group Users Solution Firstly you will need the usernames (sAMAccountNames) in .csv format like so,  (Note: As a header Im using User-Name.) I’ve saved the file to C:\Temp on my server. Execute the following commands; Import-Module ActiveDirectory ...

Read More
Cisco AnyConnect With Server 2016 NPAS (RADIUS) Different Groups
Oct11

Cisco AnyConnect With Server 2016 NPAS (RADIUS) Different Groups

Posted By on Oct 11, 2018

KB ID 0001474 Problem A few years ago I replaced a firewall that was setup like this, and while it took me a while to work out what was going on, I remember thinking it was an elegant solution. Fast forward to today, and I’m now working with the guy who set it up! (Kudos to Paul White). So when I had a client with a similar requirement, I sat down fired up the lab, and documented it. What was used; Windows 10 Remote Client...

Read More
Moving Certificate Services To Another Server
Oct08

Moving Certificate Services To Another Server

Posted By on Oct 8, 2018

KB ID 0001473 Problem If you are retiring a CA Server, or there sa problem with the server and you want to move Microsoft Certificate eServices to another server, the procedure is pretty straight forward. BE AWARE: We are moving the CA Server, NOT the server name/FQDN, the two things are NOT the same, (you might have called them the same thing!) But a Certificate Authority has a name of its own, and that what we are going to move. So...

Read More
PowerShell: Bulk Enable / Disable Users
Sep11

PowerShell: Bulk Enable / Disable Users

Posted By on Sep 11, 2018

KB ID 0001469 Problem I needed to work out how to bulk disable some domain users from a .CSV file this week, so I thought I’d write it up. Disable Domain Users in Bulk from CSV Well firstly, you need to have your users in a CSV file. For the live job I just exported all the SamAccountNames to a CSV, but here for testing I just loaded a few in manually; Then execute the following two commands; Import-Module ActiveDirectory ...

Read More
Exchange and the LegacyExchangeDN Problem
Sep07

Exchange and the LegacyExchangeDN Problem

Posted By on Sep 7, 2018

KB ID 0001468 Problem Why do we have the Exchange LegacyDN? It’s a throwback, from a time when we had our users, and our mail users in different databases. Below you can see the ExchangeLegacyDN for this Exchange on-premise user; /O=First Organisation/OU=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn={something-user-specific} Who cares? Well they are still important, if you send an internal email (to someone in...

Read More