Once all domain controllers run Windows Server 2025, raising the domain and forest functional levels unlocks new AD features and drops the legacy compatibility floor. This post walks through the process using Active Directory Domains and Trusts.
Introduction Managing groups in Entra ID (formerly Azure Active Directory) through the Azure Portal works fine for a handful of changes, but quickly becomes tedious at scale. Whether you're onboarding a batch of new employees, restructuring departments, or cleaning up...
I created a powershell-script which will reset the password of all users in a specific Organizational Unit.
I prefer to set unique high-end passwords for all users. If you prefer a more ‘user friendly’ approach simply…
A downside with the ADMX files is that when you update them, and the new files replace settings and values you end up with orphaned settings in your GPOs. In our example we had two orphaned registry values from a previous OneDrive ADMX.
We have been working on migrating a customer from Windows 7 over to Windows 10. Our goal is to have Windows 8 and 10 clients pull the pictures from Active Directory to the users local profiles.
The script will look through the a selected Organization Unit and verify that all users have a Home Directory set, and that it has the appropriate NTFS permissions.
Previously all users had Full-permissions on their home folder, which led to the users resetting permissions and removing unwanted permissions (Backup or Admin accounts) to their “private” stuff.
I noticed that a couple of Domain Controllers started reporting Warning-messages. It turns out that one or more clients have been using LDAP binds that are performed on a clear text (non-SSL/TLS-encrypted) connection.
Depending upon the version of the sync solution that you are using to replicate directory data from on-premises Active Directory to Office 365 there are different commands that you will need to use.
While doing a regular maintenance check on my customers servers when I came across a new event in the log.
I’ve previously wrote about changing the sync schedule on this server.
But today I noticed two event errors, ADSync event 6127 and 6127.
I finally I got some time to play with the new Azure Active Directory Sync tool and its configuration.
The installation was very straight forward. The step-by-step instruction are provided on MSDN. The administration tools and scripts are located in difference places compared to DirSync which was little confusing in the beginning.
