Disaster Recovery Planning for AD & Entra ID
Disaster Recovery Planning KB ID 0001911 Problem When Disaster Recovery Planning for Active Directory (AD) and Entra ID (formerly Azure AD) is vital to ensure the continuity of identity services during failures, cyberattacks, or unforeseen disasters. Below is a structured approach to building a resilient disaster recovery strategy. Solution: Disaster Recovery Planning Define Objectives and Scope Recovery Time Objective (RTO):...
How to track failed logon attempts in Active Directory
Track failed logon KB ID 0001209 Problem If a large number of failed logon attempts occur within a certain period of time, it could be an indication of a security threat, which is why it is important that organisations have a proactive means of auditing and monitoring whenever this happens. There are a number of ways you can perform this audit, one of which is using the native tools. Here, we will take you through the steps so that...
Windows Server – Enable LDAPS
KB ID 0000962 Problem Note: Starting with Windows Server 2019, LDAPS (LDAP over SSL/TLS) is enabled by default, assuming a Server Authentication certificate is installed on the Domain Controller. Active Directory is built on LDAP, I’ve known this for a long time, but other than it’s a directory protocol that’s about all I did know. Like any directory, if you want information when you query the directory it returns a...
Cannot Join Domain?
Cannot Join Domain KB ID 0000534 Problem The primary cause (99.99% of the time) a client cannot connect to, or join a domain is DNS related. The specified domain either does not exist or could not be contacted Solution : Cannot Join Domain 1. To Troubleshoot you need to know the IP address of your DNS server, In many cases it’s on the first domain controller but that’s not always the case so find out (go to a WORKING...
Windows – Setting Domain Time
Domain Time KB ID 0000112 Problem If you have arrived here, you have either noticed that the time is wrong on your server(s) or client PC(s), or you have looked in the event viewer and seen one of the following events being logged. Event ID’s 12, 22, 29, 36, 38, 47, and 50. Time Problem Events – On the PDC Emulator Event ID 12 (W32 Time Time Provider NtpClient: This machine is configured to use {text omitted}, but it is...
Rename a Domain Controller
Rename a Domain Controller KB ID 0001886 Problem I’ve done a few migrating to {version} domain controller articles, and today I got asked, How can you rename the “Server Name” back to the old one after migration ?e.g. from “Lan-2025” to “Lan-2019” So, as the VMs from the last article were still running on the test bench, I ran though it to demonstrate. Solution: Rename a Domain Controller If you would like to add a new Windows...
Migrate to Server 2025 Domain Controller
Server 2025 Domain Controller KB ID 0001884 Problem If you would like to add a new Windows Server 2025 domain controller to an existing domain here is the procedure. Solution: Server 2025 Domain Controller Server 2025 Pre Requisites 2025 Hardware Requirements Processor: 1.4 GHz 64-bit processor (or faster) with support for security features. RAM: Minimum of 512 MB (2 GB for Server with Desktop Experience installation). Disk...
Find Domain Schema Version
Find Domain Schema Version KB ID 0000025 Problem You want to upgrade or find out your current Schema version, or check that an” adprep / forestprep” command has worked correctly. Solution Find Domain Schema Version: PowerShell Use the following sytax Get-ADObject (Get-ADRootDSE).schemaNamingContext -Property objectversion Post Server 2016 Find Domain Schema Version The value is populated with Server 2016 again. If you...
Windows Server 2025 Domain Join
Server 2025 Domain Join KB ID 0001883 Problem To perform a Windows Server 2025 Domain Join (Local Domain). The end process is the same as it’s always been, they’ve just made the job of getting to there a little more convoluted, (this is the same with Windows 11). Solution: Windows Server 2025 Domain Join Before attempting to join the domain, let’s make sure we can ‘resolve’ the domain name, (because most...
Disable NTLM
Disable NTLM KB ID 0001880 Problem NTLM (NT LAN Manager) is a suite of Microsoft security protocols intended to provide authentication, integrity, and confidentiality to users in a network. It is an older protocol that has been largely replaced by Kerberos, (since Server 2008 and windows Vista!) In modern Windows environments due to its enhanced security features. NTLM is a challenge-response authentication protocol used to...