Windows Server ‘Can’t Delete an OU’
KB ID 0000105 Problem Error “You do not have sufficient privileges to delete {OU Name}, or this object is protected from accidental deletion” Cause In Windows domains you have the option to prevent an OU from accidental deletion so that even a Domain/Enterprise admin cannot delete it. That’s fine until you need to delete one. Solution To delete a protected OU 1. On the the Server (with administrative privileges). 2. Start...
Deploying Certificates via ‘Auto Enrollment’
KB ID 0000919 Problem SHA CERTIFICATE WARNING: Note This article was written some time ago, ensure your CA environment does NOT use SHA1 for your certificates, if it does, Please visit the following link for migration instructions; Upgrade Your Microsoft PKI Environment to SHA2 (SHA256) I need to setup wireless authentication based on computer certificates, I’ve done similar jobs before by manually issuing certificates for Cisco...
Deploying Printers with Group Policy Preferences
KB ID 0000492 Problem I’ve touched on this briefly in KB0000389, I suggest you read through that first so you understand what the requirements are to deploy a GPP instead of the GPO’s you are probably used to. Solution 1. First thing to do is install the printer that needs deploying on a print server. Make sure if your clients are NOT x64 bit that you also add the x86 drivers for your clients to use. How to tell if a...
Microsoft LAPS – Deployment and Configuration
KB ID 0001059 Problem Microsoft have released the Local Administrator Password Solution (LAPS). What is does is automatically change the load administrator password on workstations, (and servers if required) periodically. It then keeps those passwords securely in AD. Microsoft tried to mitigate attacks from the local admin account back in the days of Windows Vista by shipping with this account disabled, which is fine, but most large...
Exchange – Creating Dynamic Distribution Groups Based on Organizational Units
KB ID 0000820 Problem A Dynamic Distribution list, (as the name implies), maintains its membership for you. Unlike a normal static distribution list that you need to add/remove mailboxes manually. Solution Use PowerShell/Exchange Management Shell 1. I’m assuming you already have an OU populated with mail enabled users, in this example called Engineering. 2. Launch the Exchange Management Shell, Execute the following command, (change...