Menu Sidebar
Menu

directory

Force synchronization for DFSR-replicated SYSVOL

One of my clients had a problem with processing GPO on client computers. Different computers applied different settings from the same GPO but from different domain controllers. All tests related to replication was successful, all GPOs are applied, but replication between domain controllers was a problem, and because of that most clients had a different […]

Backup & Restore Active Directory integrated DNS zones

DNS is one of the core components for Active Directory Domain Services. In a disaster scenario, it becomes impossible to locate resources within the network and all AD operations come to a screeching halt. Therefore, it’s absolutely necessary to restore the DNS servers. One way to set this right is by performing an AD DS […]

Fix Active Directory broken security inheritance problem

Ran into a situation at a client location where in Active Directory, the security permissions applied to an OU were not getting inherited permissions on to the objects. Basically, security inheritance was broken.This causes a problem when the administrative accounts or groups needing to modify an attribute on the AD object throw errors, or are […]

List all SPNs in Active Directory

Ran into a situation where I needed to get all the SPNs that are listed in AD. Find duplicate SPNs Listing duplicate SPNs is fairly easy, just use setspn -X on your command-line and you’ll find out. What is a SPN? An SPN or Service Principal Name is a unique identity for a service, mapped with a specific account (mostly […]

List Domain Admins & Enterprise Admins in a domain

If you want to find out how many domain/ enterprise admins are active/inactive in domain you can use the following PowerShell command to figure out: Get the list of domain admins and check if they are enabled.

Get the list of enterprise admins and check if they are enabled.

 

NSLookup still showing IP of demoted Domain Controller

So had an interesting issue today where a Domain Controller (DC) was demoted yet the IP of the demoted DC was still showing up when running nslookup internaldomain.local Demoted DC: MWDC04 / IP: 10.14.111.111 I had done the metadata cleanup and tried many suggestions when googling the subject. To my surprise none of the solutions I […]

Older Posts

Mohammed Wasay

Dallas based Design Technologist & Hybrid Developer

Secured By miniOrange