Tag: Active Directory

All

Active Directory Password Complexity Che...

Aug 24, 2017

GPO/GPP – Control the Local Administrato...

Feb 11, 2017

How to Fix Missing SYSVOL and NETLOGON s...

Oct 27, 2020

PowerShell – Is your AD Sites and ...

Nov 30, 2016

Active Directory – When was this user/co...

Jun 22, 2017

Filter Out Local AD Users to Not Sync wi...

Jun 17, 2019

How to verify healthy replication of act...

Feb 15, 2022

It’s that “Time” Again – Windows Server 2016 Time Changes

Active Directory Authentication (LDAP) f...

Apr 21, 2017

The Ultimate Performance Tuning Guide fo...

Apr 27, 2017

STEP BY STEP MIGRATE EXCHANGE FROM ON-PR...

May 30, 2017

MINIMAL DOWNTIME MIGRATION OF WINDOWS SE...

Jun 14, 2017

MINIMAL DOWNTIME MIGRATION OF WINDOWS SE...

Jun 15, 2017

MINIMAL DOWNTIME MIGRATION OF WINDOWS SE...

Jun 16, 2017

STEP BY STEP DEPLOY A SERVER AS A DR DOM...

Oct 16, 2017

Azure Active Directory – Problem Updatin...

Apr 23, 2018

ADFS and AzureAD Account Lockouts – Part...

Apr 24, 2018

Migrating your Windows Roles without Dow...

Aug 10, 2018

#PowerShell – Reporting on Certificate T...

Sep 12, 2018

Checking out Windows Admin Center 1903 –...

Mar 27, 2019

Deploy a New Active Directory Domain Con...

Oct 1, 2020

How to Demote Microsoft Windows Server 2...

Nov 12, 2020

How to Configure the Microsoft Active Di...

Dec 1, 2020

How to use group policy to disable or pr...

Dec 12, 2021

How to fix trust relationship between wo...

Dec 29, 2021

How to fix FRS is deprecated error

Jan 7, 2022

How to delete a protected OU of Active D...

Feb 8, 2022

How to move failover clusters on the sam...

Feb 15, 2022

How to use Windows backup to backup acti...

Mar 13, 2022

How to install active directory domain s...

Mar 14, 2022

How to tune SRV records for old domain c...

Mar 16, 2022

How to decommission old domain controlle...

Mar 17, 2022

How to steal IP of old domain controller...

Mar 18, 2022

How to deploy Microsoft Local Administra...

Apr 1, 2022

How to configure Azure AD Application Pe...

Apr 20, 2022

How to configure Azure AD Application Pe...

Apr 22, 2022

How to add organization with modern app-...

Apr 25, 2022

How to add organizations with Modern Aut...

Apr 27, 2022

How to add organization with Basic Authe...

Apr 29, 2022

Azure Active Directory Synchronization M...

May 24, 2022

All Latest

Azure Active Directory Synchronization Migration to MS Graph API at Mimecast

by Cary Sun | May 24, 2022 | Azure

Microsoft is ending support for the Azure Active Directory Graph API. To allow for continued service, if your application providers migrate all Azure Active Directory Synchronization integrations to the MS Graph API, you need to change your API permissions.

How to add organization with Basic Authentication at Veeam Backup for Microsoft 365

by Cary Sun | Apr 29, 2022 | Office365, Veeam

You are required to provide a username and password to authenticate to your Microsoft 365 organization if you add an organization using the basic authentication method.
I won’t recommend adding organization with basic authentication, Microsoft announced that effective October 1, 2022, we will begin disabling Basic authentication for Outlook, EWS, RPS, POP, IMAP, and EAS protocols in Exchange Online. SMTP Auth will also be disabled if it is not being used.

How to add organizations with Modern Authentication and Legacy Protocols at Veeam Backup for Microsoft 365

by Cary Sun | Apr 27, 2022 | Office365, Veeam

You will use both Veeam Backup account and Azure AD application for authentication if you add an organization using the modern authentication method with legacy protocols allowed. Veeam Backup for Microsoft 365 uses Veeam Backup account and an application to establish a connection to your Microsoft 365 organizations with disabled security defaults and maintain data transfer during backup and restore sessions.

How to add organization with modern app-only authentication and use an existing Azure AD application at Veeam Backup for Microsoft 365

by Cary Sun | Apr 25, 2022 | Office365, Veeam

When you add an organization using the modern app-only authentication method, you are required to provide Azure AD application settings. Please reference following link to create and configure Azure AD Application permissions.

How to configure Azure AD Application Permissions for Modern Authentication and Legacy Protocols Authentication of Veeam Backup for Microsoft 365

by Cary Sun | Apr 22, 2022 | Office365, Veeam

Veeam Backup for Microsoft 365 Modern Authentication and Legacy Protocols Authentication requires that you grant permissions to Azure AD applications to back up and restore data from/to your Microsoft 365 organizations.

How to configure Azure AD Application Permissions for Modern App-Only Authentication of Veeam Backup for Microsoft 365

by Cary Sun | Apr 20, 2022 | Office365, Veeam

When you add organization using the modern app-only authentication method, the permissions for Azure AD applications that are granted automatically by Veeam Backup for Microsoft 365.
Anyway, if you prefer to use a custom application of your own, make sure to grant all the permissions as below.

How to deploy Microsoft Local Administrator Password Solution (LAPS)

by Cary Sun | Apr 1, 2022 | Windows Server

Cyberattack is one of the fastest growing crimes in the world, we have seen passwords being leaked regularly, local administrator account is like God of machine, it has superpower to do anything for the machine. A lot of IT guys simply use the same password for all local administrator accounts, the attacker easy access to the whole estate if one machine is breached.

Microsoft LAPS is one of solutions to prevent the issues, The “Local Administrator Password Solution” (LAPS) provides management of local account passwords of domain joined computers. Passwords are stored in Active Directory (AD) and protected by ACL, so only eligible users can read it or request its reset. Today, I am going to show you how to deploy it.

How to steal IP of old domain controller for new Windows Server 2022 domain controller

by Cristal Kawula | Mar 18, 2022 | Windows Server

Today, I am going to show you how to steal IP address of decommissioned old domain controller for new Windows Server 2022 domain controller.

How to decommission old domain controller

by Cristal Kawula | Mar 17, 2022 | Windows Server

Today, I am going to show you how to decommission old domain controller.

How to tune SRV records for old domain controllers

by Cristal Kawula | Mar 16, 2022 | Windows Server

To prevent old domain controllers from authenticating clients, we can tune their Service Records by modifying their local registry. This will drain off any of the live Active Directory Domain Services (ADDS) connections for these domain controllers before decommissioning.

How to transfer FSMO roles

by Cristal Kawula | Mar 15, 2022 | Windows Server

As part of the migration process the Flexible Single Master Operations Roles (FSMO) will need to be transferred to TMDC03. It is quite common to have these roles spread out throughout the infrastructure. It is also very important to understand what each of these five roles does in a multi-master Active Directory Domain Services (ADDS) domain.