Active Directory Overlapping subnets and conflicting sites

Overlapping subnets and conflicting sites in AD can create unexpected scenarios. Here is how to clean them up.

Mapping IP Addresses to Active Directory Sites and Subnets

Service Map can show you which clients are connecting to your DC, now how do we find which sites they belong to?

Infrastructure – Hybrid Cloud Print – Publish Printers Powershell

The Issue I recently had the opportunity to build a Hybrid Cloud Print Solution. If you have never built this before, it isn't hard but there are a lot of moving parts. Stay close to our official document - https://docs.microsoft.com/en-us/windows-server/administration/hybrid-cloud-print/hybrid-cloud-print-deploy By not deviating from the above document you not only make your own life easier, … Continue reading Infrastructure – Hybrid Cloud Print – Publish Printers Powershell →

How to reset the Directory Service Restore Mode (DSRM) password

The Directory Services Restore Mode (DSRM) password is first set when promoting a new Domain Controller. I have encountered many Active Directory environments where the DSRM password for the Domain Controllers is not known or safely stored for retrieval when needed. In this article I revisit the options to reset the DSRM password.

Azure AD Alternate Login ID – Use your e-mail address (preview).

Introduction For logging into office 365 services, and you are syncing your users from on premises AD via Azure AD Connect, Microsoft has always recommended changing your users UPNs to match their e-mail address. 2 of the main reasons for this are: You can not use non routable domains in Azure AD. So domain.local will … Continue reading Azure AD Alternate Login ID – Use your e-mail address (preview). →

Machine account password expiry while working remotely

Due to the COVID-19 outbreak, most employees are now working from home. Many of these employees are not making use of any VPN solutions to connect to the corporate network. Some of the most frequent questions we receive since the shift to remote work are related to secure channel / machine account password changes.

Re-mapping large number of printers with PowerShell

Recently, one of our bigger clients had request to migrate from old to new Print servers. This task also involved re-mapping printers on user side. So far the printers had been mapped manually and in the company with 10000+ users and over 1000 print queues spread over 3 Print servers this would be very difficult … Continue reading Re-mapping large number of printers with PowerShell →

Field Notes: Error when changing DNS replication scope

Introduction Way back when your AD integrated DNS zone data lived inside of the naming context in AD (next to your users and computers) you could protect it from accidental deletion just like any other object. But this can cause a problem years later when you want to move these zones to their own application … Continue reading Field Notes: Error when changing DNS replication scope →

Understanding Microsoft Security Baselines and Applying Them – Part 2

Importing the Security Baselines into AD easily The easiest method of importing all the settings into AD is a script that is included with the baselines, its stored beneath the Scripts folder named "Baseline-ADImport.ps1". Baseline-ADImport.ps1 Imported GPO's in AD In the image above you can see everything that is imported with the Security Baseline for … Continue reading Understanding Microsoft Security Baselines and Applying Them – Part 2 →

Field Notes: Azure MFA and SSPR combined registration now Generally Available

As organizations are asking employees to work from home to slow the spread of COVID-19, it’s even more important that users are registered for MFA and SSPR. We want to make it easier for remote workers to keep their accounts secure.