Moving Certificate Services To Another Server
Sep20

Moving Certificate Services To Another Server

KB ID 0001473 Problem If you are retiring a CA Server, or there’s a problem with the server and you want to move Microsoft Certificate Services to another server, the procedure is pretty straight forward. BE AWARE: We are moving the CA Server Name , NOT the Server Name (FQDN), the two things are NOT the same, (you might have called them the same thing!) But a Certificate Authority has a name of its own, and that what we are...

Read More
Windows: Joining Azure AD (AAD)
Sep19

Windows: Joining Azure AD (AAD)

KB ID 0001596 Problem With more people looking at Microsoft 365 (as opposed to Office 365), then the amount of people who want to join their Windows machines to Azure Active Directory is only going to go up. This is how to join your Windows client devices to Azure Active Directory. Solution  Microsoft have done a good job of hiding where you need to be, Start > Settings > Accounts.. Access Work or School > Connect. STOP! If...

Read More
Forcing Azure AD Connect Sync
Aug29

Forcing Azure AD Connect Sync

KB ID 0001590 Problem If you are using Azure AD Connect, (AAD Connect) to sync your on-premise Active Directory with Azure AD (i.e. for Office 365), then there may be times when you need to manually ‘force a replication’ because by default it’s going to take 30 minutes between each normal ‘delta replication’ Solution If you are directly on the server that’s running Azure AD connect, then use the...

Read More
PowerShell: Add All Members of an OU to a Security Group
Aug28

PowerShell: Add All Members of an OU to a Security Group

KB ID 0001589 Problem I’ve written in the past about ‘Bulk Adding Users from CSV files, into Groups’. But what if you want to add ALL users in a particular OU into a security group? Solution The syntax is; Get-ADUser -SearchBase ‘OU=Source-OU,OU=PNL,DC=pnl,DC=com’ -Filter * | ForEach-Object {Add-ADGroupMember -Identity ‘SG-Test-Group’ -Members $_ } Here I’ve got 20 users that need adding to a group, in this...

Read More
DC Promotion fails ‘FRS is Depreciated’
Aug13

DC Promotion fails ‘FRS is Depreciated’

KB ID 0001579 Problem Error seen when attempting to add a new domain controller to an existing domain; Verification of replica failed. The specified domain {Domain-Name} is still using the File Replication Service (FRS) to replicate the SYSVOL share. FRS is depreciated. The server being promoted does not support FRS and cannot be promoted as a replica into the specified domain. You MUST migrate the specified domain to use DFS...

Read More
Remote Desktop Services – Securing By Group Policy
Jun24

Remote Desktop Services – Securing By Group Policy

KB ID 0001211 Problem Note: This is not an exhaustive list, but it’s what I use when securing Remote Desktop Services, (Terminal Services) servers. Some of these settings are ONLY for Server 2012 R2 and later. If you have any settings you think are omitted, please comment below.   Solution User Access To RDS If you want to create a Domain security group for RDS users than please do so. BE AWARE the ‘Remote Desktop...

Read More