by the Secure Infrastructure team at Microsoft
Updating the Kerberos decryption key for the Azure AD SSO computer account is a fairly simple process. In this blog post I walk through the steps to perform an update of the Kerberos decryption key.
IE Mode on Microsoft Edge provides compatibility for legacy sites that require Internet Explorer 11. IE Mode enables users to access modern and legacy sites using a single browser. Users no longer need to switch between browsers to access legacy intranet sites. IE mode supports ActiveX controls such as Java and Silverlight, and it also supports Internet Explorer settings and group policies that affect Protected Mode and security zone settings. In part one of this two-part series, I will configure IE Mode using Group Policy and Microsoft Intune.
Overlapping subnets and conflicting sites in AD can create unexpected scenarios. Here is how to clean them up.
Service Map can show you which clients are connecting to your DC, now how do we find which sites they belong to?
The Issue I recently had the opportunity to build a Hybrid Cloud Print Solution. If you have never built this before, it isn't hard but there are a lot of moving parts. Stay close to our official document - https://docs.microsoft.com/en-us/windows-server/administration/hybrid-cloud-print/hybrid-cloud-print-deploy By not deviating from the above document you not only make your own life easier, … Continue reading Infrastructure – Hybrid Cloud Print – Publish Printers Powershell
The Directory Services Restore Mode (DSRM) password is first set when promoting a new Domain Controller. I have encountered many Active Directory environments where the DSRM password for the Domain Controllers is not known or safely stored for retrieval when needed. In this article I revisit the options to reset the DSRM password.
Introduction For logging into office 365 services, and you are syncing your users from on premises AD via Azure AD Connect, Microsoft has always recommended changing your users UPNs to match their e-mail address. 2 of the main reasons for this are: You can not use non routable domains in Azure AD. So domain.local will … Continue reading Azure AD Alternate Login ID – Use your e-mail address (preview).
Due to the COVID-19 outbreak, most employees are now working from home. Many of these employees are not making use of any VPN solutions to connect to the corporate network. Some of the most frequent questions we receive since the shift to remote work are related to secure channel / machine account password changes.
Recently, one of our bigger clients had request to migrate from old to new Print servers. This task also involved re-mapping printers on user side. So far the printers had been mapped manually and in the company with 10000+ users and over 1000 print queues spread over 3 Print servers this would be very difficult … Continue reading Re-mapping large number of printers with PowerShell
Introduction Way back when your AD integrated DNS zone data lived inside of the naming context in AD (next to your users and computers) you could protect it from accidental deletion just like any other object. But this can cause a problem years later when you want to move these zones to their own application … Continue reading Field Notes: Error when changing DNS replication scope