Azure AD Connect: Installing and configuring synchronization

Utilisateurs synchronisés dans Office 365

Azure AD Connect overview In this article, I’ll walk you through how to install and configure Azure AD Connect. This solution allows you to synchronize your local directory (AD) to the Azure platform and use the same user accounts. The installation of the Azure AD Connect client must be done on a domain member server, …

Read more



Active Directory: trust relationship between two forests / domains

End

Presentation The trust relationship between two Active Directory drill bits / domains is a trusted link that allows authenticated users to access resources in another domain. An approval relationship may be: Unidirectional: access to resources is only available in one direction (A) -> (B). Bidirectional: access to resources is available in both directions (A) <-> …

Read more



LAPS – Securing Local Administrator Accounts

Wizard install

LAPS (Local Administrator Password Solution) is a free solution provided by Microsoft that allows the security of workstations. LAPS allows for each computer in OR to randomly generate a password for the local Administrator account and store it in an Active Directory attribute (ms-Mcs-AdmPwd). It ‘relies on the SID of the account which is structured …

Read more



Active Directory: Migrate SYSVOL Folder from FRS to DFSR

Since Windows Server 2008 and its 2008 domain functional level, replication of the SYSVOL folder is supported by DFSR, before it was done by FRS. If your domain controllers are running Windows 2012R2, it is advisable to use DFSR for the SYSVOL folder. Since Windows Server 2016 (build 1709), it is no longer possible to …

Read more



Active Directory : increase the functional level of the domain and the forest

The functional level of the domain and forest corresponds to the “version” of your Active Directory environment and allows access to more or fewer features depending on the level of each. Mainly this level change occurs when upgrading to Windows when replacing / migrating domain controllers. The version change may also be necessary for the …

Read more



Setting up a read-only domain controller – RODC

Introduction In this article, we are going to have how to set up a read-only domain controller (RODC). This type of controller, as the name suggests, is read-only, so it can not change user attributes or even add objects. There are several implementation scenarios for this type of domain controller, here are two that I …

Read more



Apply a GPO to an Active Directory Group

Introduction In this article, I will explain how to apply a Group Policy (GPO) to an Active Directory group that contains multiple users. The tutorial also applies in case you want to apply the policy to a particular user. Prerequisites Have created the Active Directory group Having created the strategy The policy must be correctly …

Read more



Active directory: Delete a child domain

In the article Active directory: setting up a child domain where I explain how to configure a child domain in an Active Directory environment, I will explain here how to delete a child domain. As a reminder, when setting up the child domain, a trust relationship was created between the two domains and DNS delegation …

Read more



Remove an Active Directory Domain Controller

Supprimer controleur de domaine

In this article, we will see how to remove a domain controller in an Active Directory environment. The deletion is done in two steps: Demote the domain controller: remove the controller configuration. Delete roles. Before downgrading the server, ensure that the server does not have an FSMO role and always have at least 2 active …

Read more



Printer mapping: GPO and Script

When setting up an Active Directory, one of the things you want to set up automatically is the mapping of printers to users. Prerequisite: Have a server with the Print Service role (optional). It is possible to share a printer from the control panel. Have one or more shared printers. As for the mapping of …

Read more