Press "Enter" to skip to content

Posts published in “Active Directory”

GPO: deploy msi applications

0

Presentation In this article, we will see how to deploy applications in MSI format using Group Policy (GPO). There are two deployment modes : Assigned: Applies mainly to computers, program installation is forced. Published: applies only to users, this mode allows the installation of software at the request of the user, this one is published using control panel. Before starting…

LAPS – Securing Local Administrator Accounts

0

LAPS (Local Administrator Password Solution) is a free solution provided by Microsoft that allows the security of workstations. LAPS allows for each computer in OR to randomly generate a password for the local Administrator account and store it in an Active Directory attribute (ms-Mcs-AdmPwd). It ‘relies on the SID of the account which is structured in the same way on…


Active Directory: Migrate SYSVOL Folder from FRS to DFSR

0

Presentation Since Windows Server 2008 and its 2008 domain functional level, replication of the SYSVOL folder is supported by DFSR, before it was done by FRS. If your domain controllers are running Windows 2012R2, it is advisable to use DFSR for the SYSVOL folder. Since Windows Server 2016 (build 1709), it is no longer possible to install a domain controller…

Active Directory : increase the functional level of the domain and the forest

0

Presentation The functional level of the domain and forest corresponds to the “version” of your Active Directory environment and allows access to more or fewer features depending on the level of each. Mainly this level change occurs when upgrading to Windows when replacing / migrating domain controllers. The version change may also be necessary for the installation of new service…

Setting up a read-only domain controller – RODC

0

Introduction In this article, we are going to have how to set up a read-only domain controller (RODC). This type of controller, as the name suggests, is read-only, so it can not change user attributes or even add objects. There are several implementation scenarios for this type of domain controller, here are two that I have already used: On remote…

ADFS: Installation and Configuration

0

In this article, I propose to discover the AD FS and Proxy (WAF) roles. As part of the preparation for the 70-742 certification, I embarked on the mock-up of an infra. What’s this ? ADFS and the proxy that accompanies it can put several things in place: An SSO system (for compatible applications) that allows single sign-on Security by managing…

Apply a GPO to a group

0

Introduction In this article, I will explain how to apply a Group Policy (GPO) to an Active Directory group that contains multiple users. The tutorial also applies in case you want to apply the policy to a particular user. Prerequisites Have created the Active Directory group Having created the strategy The policy must be correctly placed either at the root…

GPO: Run a script when the computer starts

0

Presentation In this article, we will see how to set up a script that runs at startup of the post using Group Policy (GPO). The advantage of using this type of script is that it is executed with the Administrators rights, which makes it possible to launch software installations on the workstation without any elevation of rights. The other interest,…

Active directory: Delete a child domain

0

In the article Active directory: setting up a child domain where I explain how to configure a child domain in an Active Directory environment, I will explain here how to delete a child domain. As a reminder, when setting up the child domain, a trust relationship was created between the two domains and DNS delegation on the parent domain’s controlling…

Remove an Active Directory Domain Controller

0

In this article, we will see how to remove a domain controller in an Active Directory environment. The deletion is done in two steps: Demote the domain controller: remove the controller configuration. Delete roles. Before downgrading the server, ensure that the server does not have an FSMO role and always have at least 2 active Active Directory controllers. If you…

It looks like you're using an adblocker.
We use ads to keep our content free. Please support us by turning off your adblocker.