Changing upper and lower case of a dynamic DNS host entry is not easily possible in case the DNS is integrated into the Active Directory. The entry is created as soon as the machine registers in the DNS for the first time. If the machine‘s name is written in upper case, the DNS entry will […]
Sometimes Read and Write permissions that users get through authorization groups do not work properly on the file servers: – Users without “Read” permissions can see folders – Users without “Write” permissions can create folders In this article I want to explain this problem a little bit more detailed and show you how to solve […]
Sometimes it can be necessary to change the network structure of the virtual machines in Azure, e.g. to move VMs into a virtual network for the setting up of VPNs. To do so, the internal, static IP of the respective VMs needs to be changed.
It is common knowledge that by setting the configuration “Managed By” and “Manager can update membership list”, users can be authorized to administrate members of a mailing list in Microsoft Outlook. However, it gets complicated when multiple persons should be able to update members of the mailing list. But there is a solution…
There are a lot of reasons why customers want to migrate from Novell eDirectory to Microsoft Active Directory. I would like to use this article to explain one of the core concerns of these projects to you. Should the Novell Client 2 be uninstalled or deactivated? What is the difference between these options?
As already explained in the article about ADFS 3.0, Windows Server 2010 supports Group Managed Service Accounts (GMSA) are supported under Windows Server 2012. The passwords of these accounts are automatically generated by the AD. In this article I am going to describe which scenarios can be solved with GMSA, which applications are possible and […]
In Microsoft’s Active Directory groups are used to manage permissions and access to shares and apps. But with a big number of users accounts the group management becomes time-consuming for many admins. Dynamic group memberships would reduce administrative overhead here and prevent over-permissioning. But this is not a standard feature of Active Directory. This is […]
Drive mapping and the local administrator group.Or: What do you have to do that mapped drives are available (if you are an admin)? Besides them being integrated into the logon script, the drives are not visible. The reason is the different treatment of “standard” and “privileged” context.
In its February-Patch, Microsoft covers an important security gap which allows attackers to execute malicious code on user PCs. It concerns the function for executing batch-files and scripts – e.g. during logon to a client – on all Windows client- and server-systems (since Windows Vista/ Windows Server 2003). That gap, caused by reloading scripts and […]
Directory Synchronization Agent, DSA is part of Quest Migration Manager for Exchange. Sometimes, DSA produces an error which is not really self-explanatory: Error 0xe1000005. Internal DSA error. This article will show you what sources the error could have and how you solve this problem.
- Nesting groups in Active Directory
- Create home directory and grant permissions with PowerShell
- Creating an individual random password with PowerShell
- Retrieve Active Directory subnets with PowerShell
- Editing users of other domains – with PowerShell
- Azure Basics: Connecting with Azure (PowerShell)
- PowerShell Custom Objects
- Logon Script does not start on Windows Server 2012 R2 domain
- IsMember – Check group membership in Active Directory
- Dynamic OU Groups – Assign Permissions to OUs