Tag Archives: Active Directory

SSSD-AD TGT failed verification

Users of RHEL 7 and CentOS 7 on Windows Active Directory networks are likely enjoying the benefits of using the SSSD-AD domain-join client module along with the Realmd tool which facilitates proper management of SSSD client configuration (a very complex … Continue reading

Posted in Linux, System Administration | Tagged , , , , | Leave a comment

Get Rid of virbr0

In RHEL 7.x and CentOS 7.x you may see an odd extra network interface listed as “virbr0” (virtual bridge zero). This is provided as a default way to share the host physical network with private guest virtual machines. Unfortunately this … Continue reading

Posted in Linux, Networking, System Administration | Tagged , , , | Leave a comment

Secure LDAP with Active Directory

Microsoft Active Directory Domain Controllers (DCs) support secure LDAP connections on TCP ports 636 (non-global queries) and 3269 (global-catalog queries). If you have an active Enterprise Root Certificate Authority in your domain, it will sign the domain controller LDAP certificate … Continue reading

Posted in System Administration | Tagged , , , , , | Leave a comment

Lync, Exchange, and Active Directory Photos

Recent versions of Microsoft Lync and Exchange support a centralized photo capability so that all users in the organization see the same photo for colleagues hosted on the same Exchange/Lync/Active Directory (AD) infrastructure. This new feature is still evolving and … Continue reading

Posted in System Administration | Tagged , , , , | Leave a comment

Cleanup Domain Controller Objects after Demote

If you manage a Windows domain, you will likely need to demote an old domain controller (DC) when it should be retired (old hardware, old operating system, etc). After successfully demoting the old DC, there will still be some records … Continue reading

Posted in System Administration | Tagged , | Leave a comment

Microsoft RADIUS Dial-In Remote Access Allow

A common problem with Microsoft RADIUS (NPS) user authentication is a pesky little setting within each user profile in Active Directory. While logged in as a Domain Admin, open the user properties within Active Directory and select the Dial-In tab. … Continue reading

Posted in Networking, System Administration | Tagged , , , | Leave a comment

Exchange Email User Display Name

Microsoft Exchange user information is stored in Windows Active Directory (AD). The “display name” of each mailbox user in AD is used as the display name of email addressed to or from the mailbox. The default format for display names … Continue reading

Posted in System Administration | Tagged , , , , | Leave a comment

Search Active Directory Groups with Wildcard

Binoculars (Photo credit: Wikipedia). If you have tried searching for an Active Directory Group using characters in the middle of the name, you may have found that the GUI ADUC (AD Users and Computers) tool does not support this kind … Continue reading

Posted in System Administration | Tagged , , , | 2 Comments

SharePoint User Profile Service

SharePoint (2010, 2013, and others?) includes a User Profile Service to store, provide, and synchronize user information. Synchronization is available to pull details for Active Directory (AD) users into the SharePoint (SP) user profile database(s). I’m not sure if there … Continue reading

Posted in System Administration | Tagged , , , | Leave a comment

Deploying Software with Active Directory

Software can be “assigned” to active directory computers using group policy objects. Deploying to a user is supported as well, but may lead to frustrated users waiting for an install to finish before login completes. Computer-assigned software installs at boot … Continue reading

Posted in System Administration | Tagged , , | Leave a comment