624 questions with Windows Server Identity and access Active Directory tags

Sort by: Updated
Updated Created Answers
1 answer One of the answers was accepted by the question author.

AD- Health Check

Hi, We have separated our network into two domains (forests) and have demoted more than 30 domain controllers. Now, we want to check the health status and ensure everything is functioning correctly. Could you please guide us on what aspects we need to…

Windows Server Identity and access Active Directory
asked 2025-02-27T17:23:35.87+00:00
Khushboo Kumari 20 Reputation points
accepted 2025-03-06T18:03:39.06+00:00
Khushboo Kumari 20 Reputation points
3 answers

Unable to Delegate Full Control to User account that used to be a Domain Admin

We had a group of people within our IT Dept that had administrative accounts set up as Domain Admins, that we will call ITGroupC. Obviously, it is not best practice to have several Domain Admins, and we have worked at giving them targeted access to…

Windows Server Identity and access Active Directory
asked 2025-02-27T13:58:39.7166667+00:00
Ameer Shah 0 Reputation points
commented 2025-03-04T02:51:23.7533333+00:00
Daisy Zhou 30,731 Reputation points Microsoft External Staff
2 answers

Launching ADUC as other user doesn't retain settings

I sometimes need to run a different domain account that has higher privilege's than my logged in account to complete tasks. I've noticed that when I run as other user the settings that I specify in ADUC don't stick around after I reboot the system. The…

Windows Server Identity and access Active Directory
asked 2025-02-27T18:40:42.8333333+00:00
Ozar 6 Reputation points
answered 2025-02-28T12:52:51.13+00:00
Daisy Zhou 30,731 Reputation points Microsoft External Staff
0 answers

Support Request: Hybrid IAM Authentication (AD & Microsoft Entra) in IIS

Dear Microsoft Support, We have an on-premises application that currently uses Active Directory (AD) as both a resource and Identity and Access Management (IAM) system. The application supports both Windows Authentication and Single Sign-On (SSO). We are…

Windows Server Identity and access Active Directory
asked 2025-02-25T03:31:13.2033333+00:00
Shri Krishna Ulithaya 0 Reputation points
edited the question 2025-02-27T19:59:29.9766667+00:00
Raja Pothuraju 15,885 Reputation points Microsoft External Staff
3 answers

Can Active Directory integration interrupt the nested Vm feature?

I have domain joined endpoints in which the users are not able to use the nested VM feature. Is it because of Active directory or due to some group policies applied from the DC?

Windows Server Identity and access Active Directory
asked 2025-02-13T14:02:16+00:00
Anonymous
answered 2025-02-26T09:19:32+00:00
Anonymous
1 answer

Why is it that after restarting my computer, my downloaded file no longer has the book image? I can't unzip the file. Can someone help me?

My file has rar extension and I cannot decompress it

Windows Server Identity and access Active Directory
asked 2025-02-26T07:40:35+00:00
Anonymous
answered 2025-02-26T07:52:08+00:00
Anonymous
1 answer

Operation error when executing Set-LapsADComputerSelfPermission -Identity OU=Teste -Verbose

I'm setting up Windows LAPS on my network. I'm using a Windows Server 2019 server and a Windows 11 terminal, both with the necessary updates. After running the “update-LapsADSchema” command, the process was successful. When executing the…

Windows Server Identity and access Active Directory
asked 2025-02-24T14:24:45+00:00
Anonymous
answered 2025-02-25T09:23:32+00:00
Anonymous
2 answers

Error determining whether the target server is already a domain controller: The domain controller promotion completed, but the server is not advertising as a domain controller.

The domain forest root server was lost. So, I seized the schema and domain naming master to child domain DC controller server. And I wanted to create a new server and promote it to be a DC controller server as a standby server. But it failed and there…

Windows Server Identity and access Active Directory
asked 2025-02-24T02:34:02+00:00
Anonymous
answered 2025-02-24T07:46:21+00:00
Anonymous
8 answers

Is this behavior normal?

I set up an active directory in 2025 (fully patched). I joined a windows 11 24H2 to this domain (fully patched). When I launch the server manager on the Windows 11 24H2 with the "run as another user" with a domain administrator account…

Windows Server Identity and access Active Directory
asked 2025-02-20T18:47:12+00:00
Anonymous
answered 2025-02-21T10:14:59+00:00
Anonymous
2 answers

Certificate based authentication - KB5014754

Hi, As per KB5014754, MS confirmed that February 2025 patch will change into full enforcement mode. Creating a registery key value with 1 enable the compatible mode till September 2025. So how those user certificate can fix before this deadline. Will it…

Windows Server Identity and access Active Directory
asked 2025-02-13T07:04:46+00:00
Anonymous
answered 2025-02-18T06:36:24+00:00
Anonymous
3 answers

How can i use ADMT to perform an intraforest migration of Windows 10 and 11 computers?

How can i use ADMT 3.2 to perform an intraforest migration of Windows 10 and 11 computers? I have tried and it fails to author the SPN as it already exists in the forest. Computers appear to have domain suffix change just fine, but SecureChannel is…

Windows Server Identity and access Active Directory
asked 2025-02-13T19:32:22+00:00
Anonymous
answered 2025-02-17T12:31:30+00:00
Anonymous
7 answers

Services Stop When Administrator Password Is Changed

Hello, We have three servers: One for the Active Directory One for the Database and Portal Hosting One for the Workflow Center Recently, we were required to change the administrator password for security reasons. However, after making this change,…

Windows Server Identity and access Active Directory
asked 2025-02-05T13:01:24+00:00
Anonymous
answered 2025-02-17T06:30:32+00:00
Anonymous
2 answers

Windows Time Changes Randomly to Previous date

Hello, I have a 3 node Windows 2019 server cluster. The cluster is running a Postgresql server and i have noticed in the database that for a period of 10-20 minutes the timestamps will be a time way in the past. For example, the most recent is March 5th,…

Windows Server Identity and access Active Directory
asked 2025-02-10T22:40:53+00:00
Anonymous
answered 2025-02-13T19:28:15+00:00
Anonymous
1 answer

Registry Settings related to CVE-2024-26248 and CVE-2024-29056

Do REGISTRY settings for PAC validation need to be made on CLIENTS AND SERVER to test ENFORCEMENT or just the…

Windows Server Identity and access Active Directory
asked 2025-02-12T14:38:26+00:00
Anonymous
answered 2025-02-13T14:11:07+00:00
Anonymous
1 answer

AD FS Error "Object Reference Not Set to an Instance of an Object" When Editing Claim Rules

I'm encountering an issue while editing claim rules in Active Directory Federation Services (AD FS). When I try to modify claim rules under Claims Provider Trusts, I get the following error message: Unhandled exception has occurred in your application.…

Windows Server Identity and access Active Directory
asked 2025-02-13T07:35:50+00:00
Anonymous
answered 2025-02-13T12:00:16+00:00
Anonymous
1 answer

dcdiag basc failure

When I run DCDiag /Test:DNS /e /v on our new DC it outputs the following errors. It only show PASS on itself. When DCDiag is run from the existing DCs it passes on all except the new one

Windows Server Identity and access Active Directory
asked 2025-02-12T16:24:27+00:00
Anonymous
answered 2025-02-13T08:08:37+00:00
Anonymous
4 answers

KERBEROS LOCAL KEY DISTRIBUTION CENTER SERVICE START PENDING...

Hello, I have built three brand new Windows 2025 Servers with the latest updates. On all three of them I see that the service KERBEROS LOCAL KEY DISTRIBUTION CENTER START PENDING but it never turns into the RUNNING STATE. If I try to manually start the…

Windows Server Identity and access Active Directory
asked 2025-02-10T20:45:19+00:00
Anonymous
answered 2025-02-12T23:46:26+00:00
Anonymous
1 answer

Setting up Windows Hello for Business for On Premise AD

Trying to deploy Windows Hello for Business in the environment while trying to maintain everything on premise. GPO has been set but I couldn't get the provision part to work. After reading guides I was able to get it working utilizing ADFS. However, it…

Windows Server Identity and access Active Directory
asked 2025-02-11T17:09:11+00:00
Anonymous
answered 2025-02-12T08:12:26+00:00
Anonymous
2 answers

Client PAC Validation changes related to CVE-2024-26248 and CVE-2024-29056

This article does not mention if registry settings on Windows Clients needs to be made to TEST ENFORCEMENT. Do they just need Windows Updates April 9, 2024 and…

Windows Server Identity and access Active Directory
asked 2025-02-10T18:55:43+00:00
Anonymous
answered 2025-02-11T11:57:21+00:00
Anonymous
1 answer

GPO USB block but HDD..

I applied an AD GPO to block write access to removable drives, but on some PCs, the D: drive is also write-protected. Why is this happening? The affected PCs are new hardware while older PCs work correctly USB write access is blocked, but the D: drive…

Windows Server Identity and access Active Directory
asked 2025-02-06T07:26:50+00:00
Anonymous
answered 2025-02-06T09:39:54+00:00
Anonymous