Tag Archives: Active Directory

View Certificates Issued to Hostname in ADCS

Active Directory Certificate Services (ADCS) is a useful service to provide in a Windows Domain environment. If you’re managing ADCS, you might want a quick way to list issued certificates to a specific hostname. Here’s a quick PowerShell script that … Continue reading

Posted in System Administration | Tagged , , , | Leave a comment

Clear adminCount and Enable Inheritance on User

Users in Active Directory that belong to factory default privileged groups will be protected by an hourly process called SDProp (Security Descriptor Propagator) on the Primary Domain Controller (PDC Emulator). This process sets the adminCount attribute to 1 and disables … Continue reading

Posted in System Administration | Tagged , , | Leave a comment

SSSD-AD TGT failed verification

Users of RHEL 7 and CentOS 7 on Windows Active Directory networks are likely enjoying the benefits of using the SSSD-AD domain-join client module along with the Realmd tool which facilitates proper management of SSSD client configuration (a very complex … Continue reading

Posted in Linux, System Administration | Tagged , , , , | Leave a comment

Get Rid of virbr0

In RHEL 7.x and CentOS 7.x you may see an odd extra network interface listed as “virbr0” (virtual bridge zero). This is provided as a default way to share the host physical network with private guest virtual machines. Unfortunately this … Continue reading

Posted in Linux, Networking, System Administration | Tagged , , , | Leave a comment

Secure LDAP with Active Directory

Microsoft Active Directory Domain Controllers (DCs) support secure LDAP connections on TCP ports 636 (non-global queries) and 3269 (global-catalog queries). If you have an active Enterprise Root Certificate Authority in your domain, it will sign the domain controller LDAP certificate … Continue reading

Posted in System Administration | Tagged , , , , , | Leave a comment

Lync, Exchange, and Active Directory Photos

Recent versions of Microsoft Lync and Exchange support a centralized photo capability so that all users in the organization see the same photo for colleagues hosted on the same Exchange/Lync/Active Directory (AD) infrastructure. This new feature is still evolving and … Continue reading

Posted in System Administration | Tagged , , , , | Leave a comment

Cleanup Domain Controller Objects after Demote

If you manage a Windows domain, you will likely need to demote an old domain controller (DC) when it should be retired (old hardware, old operating system, etc). After successfully demoting the old DC, there will still be some records … Continue reading

Posted in System Administration | Tagged , | Leave a comment

Microsoft RADIUS Dial-In Remote Access Allow

A common problem with Microsoft RADIUS (NPS) user authentication is a pesky little setting within each user profile in Active Directory. While logged in as a Domain Admin, open the user properties within Active Directory and select the Dial-In tab. … Continue reading

Posted in Networking, System Administration | Tagged , , , | Leave a comment

Exchange Email User Display Name

Microsoft Exchange user information is stored in Windows Active Directory (AD). The “display name” of each mailbox user in AD is used as the display name of email addressed to or from the mailbox. The default format for display names … Continue reading

Posted in System Administration | Tagged , , , , | Leave a comment

Search Active Directory Groups with Wildcard

Binoculars (Photo credit: Wikipedia). If you have tried searching for an Active Directory Group using characters in the middle of the name, you may have found that the GUI ADUC (AD Users and Computers) tool does not support this kind … Continue reading

Posted in System Administration | Tagged , , , | 2 Comments