If you demote a Domain Controller, SCOM will generate a lot of alerts. By design, there is no automatically undiscovery for the Rules and Monitores for the Active Directory Roles. Solution 1 This solution will remove all disabled Class instances from an existing object. it will not change any other properties of the object. Open … Read More “demoted Domain Controller still present in SCOM” »
Tag: Active Directory
Today I had a request from a first-level-admin which need the Bitlocker Recovery Password for a already deleted computer object. Here is what I came up with: $compname = “ComputerName” $SearchRoot = “CN=Deleted Objects,DC=domain,DC=local” $recoverykeys = Get-QADObject -Tombstone -Recycled -Type “msFVE-RecoveryInformation” -SizeLimit 0 -Includedproperties msFVE-RecoveryPassword -SearchRoot $SearchRoot | ? {$_.lastknownparent -like “*$compname*”} | select msFVE-RecoveryPassword … Read More “recover deleted Bitlocker Recovery Informations” »
Anyone out there who runs a successful Microsoft Windows Active Directory, knows that it is pre-eminently useful to have a test environment that very nearly represents your production environment…to do…you know…testing! I thought I would give that a try, and here’s what I came up with: Shutdown and clone a Virtual Domain Controller with a … Read More “Clone your Active Directory in 18 minutes using VMware” »
I’m working now for over 15 years in information technology, but i got never before a server response which is so straight and funny too: The server is unwilling to process the request. Maybee the server could do it, but he doesn’t like it. The error above was caused by this simple vb-script, when user … Read More “unwilling Server” »
In my environment, i have a lot of users, which never comes to the office, but need remote access to the company network. for this they have an AD user account, which password will expires for company policy after 90 days. Cause they never logon to a domain computer, they didn’t get the “Change Password … Read More “Notify AD user with mail when password expires” »
Cause of company policy we don’t delete users which are leaving, but we disabled them. The exchange mailbox will be removed after some months. For this incomming mails have to be forwarded to an exchange contact with an unresolvable address, so the sender receives an error message. Cause of this, we need to remove the … Read More “Remove all disabled users from distribution lists” »
Problem: Did you ever searched an special email-address in your active directory? If yes, you will know, that there isn’t a special field for the email-addresses. Solution: Go to active directory users and computers (ADUC). Right click on the domain and choose Find. Select Custom Search in the Find-Field and Entire Directory in the In-Field. … Read More “Find AD-User from Email-Address” »