Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [active-directory]

A Microsoft technology that constitutes an LDAP directory service with centralized management functionality for user accounts, computer accounts, groups, and configuration management across many Windows servers and desktops.

Active Directory is a directory service created by Microsoft for managing Windows environments.

It is used for:

  • A centralized Authentication/Authorization source for Kerberos and NTLM protocols.
  • Providing a single authentication/authorization domain for member servers and workstations.
  • Providing LDAP services.
  • Providing centralized configuration methods of Windows workstations and servers through Group Policy and other methods.
  • Multi-site replication of directory-database data.

Non-Windows support is generally provided through the Samba package on POSIX operating systems (Linux, macOS, BSD, Solaris, etc). All modern Samba releases allow machines to join a domain as if they were a Windows machine.

For a list of ports which must be open in a firewall for AD to work properly, see http://serverfault.com/questions/304484/what-firewall-ports-need-to-be-open-for-active-directory.

Some useful links are below

10115 questions
3
votes
2 answers

Windows Server 2012 R2: How to revert boot setting from “safe mode” to normal mode?

We have a Windows server 2012 R2 in our company network and it’s the only ActiveDirectory domain controller in the network. Unfortunately, we made many mistake settings to the ActiveDirectory and wanted to revert them to previous ones from a backup…
Taiki Bessho
  • 159
  • 1
  • 1
  • 8
3
votes
0 answers

Joining Linux machine to Active directory

What would be the benefit of joining a Linux machine to windows AD, let's say I already manage the users on this Linux machine from the AD, my question is more about the pros and cons of adding the Linux machine object to AD. What would be the…
Infidel
3
votes
1 answer

Group policy to enable windows narrator

I was wondering if there is any way to set the windows narrator to be enabled/run at login via group policy. A few of our users are visually impaired so I wanted to make it easier for them by applying this policy to a security group for them. That…
DSage03
  • 33
  • 6
3
votes
0 answers

Old server accounts persist after migration to Windows Server 2019

I went through the process of migrating Active Directory 2012 R2 to Active Directory 2019. Minus a few firewall ports needing to be opened up, I was able to get through the process of promoting the new Windows Server 2019 machine and demoting the…
SwDevMan81
  • 201
  • 2
  • 3
  • 14
3
votes
2 answers

Time not propagating to machines on Windows domain

We have a two-domain Active Directory forest: ourcompany.com at the root, and prod.ourcompany.com for production servers. Time is propagating properly through the root domain, but servers in the child domain are unable to sync via NTP. So the time…
Richard Beier
  • 399
  • 3
  • 10
  • 17
3
votes
2 answers

setspn does not affect Active Directory Users

I run the setspn command for specific user on Domain Controller. C:\>setspn -s example/username.companyname.com username Checking domain DC=companyname,DC=com Registering ServiceprincipalNames for CN=username,CN=Users,DC=companyname,DC=com …
GriGrim
  • 91
  • 6
3
votes
2 answers

active directory + squid planning for a large network with over than 7000 users

We have about 1600 active nodes and 6000 students in our network and we have a great Cisco backbone, we have 8 faculties (they have sites and wireless access points) and 10 centers like hospital. We need to organize our network with MS AD, in the…
Ansari
  • 227
  • 5
  • 12
3
votes
2 answers

Samba4 AD DC setup and working, but won't connect with Windows 7 or 10

I've gotten a Samba 4 AD DC setup running on Ubuntu 18.04 LTS. I used this tutorial to make it work: https://www.tecmint.com/install-samba4-active-directory-ubuntu/ The problem is I can't get my Windows 7 or 10 clients to connect to the domain. Here…
jfreak53
  • 163
  • 1
  • 4
  • 27
3
votes
2 answers

Possible to search multiple AD forests with the same query?

I have two domain controllers configured with non-contiguous namespaces. There is a two-way forest trust and crossRef objects set up between domains. I can successfully execute an LDAP search for any particular object in either domain. However, I…
karlcyr
  • 153
  • 1
  • 2
  • 8
3
votes
1 answer

Applying a GPO to local users except local administrators on Workgroup computers

I have a set of configurations which I need to replicate from my domain joined computers to non-domain (Workgroup) joined computers. I created a GPO, enabled Loopback processing and imported them via LGPO.exe (Microsoft Security Compliance…
Rajiv Iyer
  • 157
  • 9
3
votes
0 answers

Is a domain joined windows machine's objectGUID or ObjectSID as stored by Active Directory also stored locally?

Working on an inventory project where I need to link a computer to an object in Active Directory. I have an export of all computer objects from Active Directory including some unique identifiers such as objectGUID and objectSID. I now need to query…
Stephen F
  • 293
  • 1
  • 8
3
votes
1 answer

How To Fix an Azure-Only Active Directory Environment

I just recently started my first job in IT and have been tasked with deploying 60 new laptops right off the bat. I have set up WSUS on our server as the first order of business, but there is a problem I am facing with our Active Directory. The…
NikolaiOnABear
  • 31
  • 2
3
votes
1 answer

Why is the "Domain users" group missing from this PowerShell AD query?

I ran the following PowerShell script to compare a list of groups.... $dasMem = Get-ADUser -Server "" -Identity "" -Properties MemberOf | Select MemberOf $blahx = $dasMem.MemberOf | % { $_ -replace "^CN=", "" } | % { $_ -replace…
leeand00
  • 4,869
  • 15
  • 69
  • 110
3
votes
2 answers

Active Directory Audit of a User and all Services/Software attached

I have a user I need to audit. This single user is used by a bunch of services/software among other things to run. My job is to figure out everything that is tied to this user and then create new usernames in Active Directory so we can disable that…
Chuck Coggins III
  • 33
  • 3
3
votes
3 answers

Do we need to update Active Directory, When we upgrade windows 7 to windows 10

There are 500 Computers on my network We have planned to upgrade all Computers to windows 10. Currently we are using windows 7. Our Microsoft Partner suggest to upgrade our active directory OS to server 2019. We have 3 AD domain controllers which is…
serverAdmin123
  • 230
  • 3
  • 18
1 2 3
99
100