Jump to content


Search the Community

Showing results for tags 'Active Directory'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Cloud
    • Azure
    • Microsoft Intune
    • Office 365
  • General Stuff
    • General Chat
    • Events
    • Site News
    • Windows News
    • Suggestion box
    • Jobs
  • MDT, SMS, SCCM, Current Branch &Technical Preview
    • How do I ?
    • Microsoft Deployment Toolkit (MDT)
    • Official Forum Supporters
    • SMS 2003
    • Configuration Manager 2007
    • Configuration Manager 2012
    • System Center Configuration Manager (Current Branch)
    • Packaging
    • scripting
    • Endpoint Protection
  • Windows Client
    • how do I ?
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows Vista
    • Windows XP
    • windows screenshots
  • Windows Server
    • Active Directory
    • Microsoft SQL Server
    • System Center Operations Manager
    • KMS
    • Windows Deployment Services
    • NAP
    • Failover Clustering
    • PKI
    • Windows Server 2008
    • Windows Server 2012
    • Windows Server 2016
    • Windows Server 2019
    • Hyper V
    • Exchange
    • IIS/apache/web server
    • System Center Data Protection Manager
    • System Center Service Manager
    • System Center App Controller
    • System Center Virtual Machine Manager
    • System Center Orchestrator
    • Lync
    • Application Virtualization
    • Sharepoint
    • WSUS

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

  1. Hello. We currently have an OSD Task Sequence for deploying Windows 10 Enterprise 1709 to our client machines. This works quite well for existing PCs which are known to AD and SCCM. We have a mixed environment, where we have multiple departments which require their own set of applications. Again, this works well for existing machines. The issue in which I'm being faced with at the moment, is when we introduce new clients to the environment. Due to the design of SCCM with AD System Discovery, new devices are not discovered as there is no DNS entry for those devices. I have done the fo
  2. Hello everyone! Some years ago I was looking for a script to create collections in SCCM based on AD OUs. I've found some of them, but they seemed a bit complex and incomprehensible to me. So I've wrote my own rather simple script, added a few options that I think would be in hand for SCCM admin and added a lot of comments to make the script easy to understand and modify. So I present it to your judge. Any comments and suggestions are appreciated. <# Crafted by Maestro, 17/03/2017 The purposes of this script: 1. Create device collections in SCCM based on AD. Assign Canoni
  3. The writing of the Bitlocker key to AD has been working flawlessly... until we started to receiving machines with SSD drives in them. The task sequence works flawlessly with no errors. The problem is the bitocker recovery tab within AD is empty. I can run the manual way (https://blogs.technet.microsoft.com/askcore/2010/04/06/how-to-backup-recovery-information-in-ad-after-bitlocker-is-turned-on-in-windows-7/ ) and it will input the data in to ad, but I do not want to have to do this . The real strange thing is if I remove the machine from AD, and reimage it, the key properly registers
  4. I'm having some consistency issues with the Active Directory system discovery. I have one domain that populates the "System OU Name" differently than the rest of the domains. I have looked at the domain controllers and the service accounts and I'm not seeing anything that would cause the property to be populated differently. There are only 2 obvious differences between the domains. The one that isn't working like the others has the domain functional level as Windows Server 2012 and isn't trusted by the domain that the primary site is joined to. I have 3 domains setup for Active Directo
  5. Need help to narrow down the issue...I get this error in netsetup.log as the PC is unable to join domain after the t/s is run
  6. Hi there, I'm new to SCCM ,I just installed SCCM 2012 and enabled Active DIrectory Group Discovery ,All my users have been imported successfully, howerver the security groups haven't. Is there any particular option for security groups ? Thanks,
  7. I successfully installed SCOM clients onto computers belonging to an external but trusted domain, but ran into authentication problems along the way. I had to change one trust relationship setting to make it work. Here's what I found I had to do to make cross-domain installation and monitoring work: * Changed my trust relationship from "External" to "Forest," to enable Kerberos authentication * Open needed network firewall ports, as the external domain's network is separated by a firewall router deliberately * Create an action account that matched a domain account in the external dom
  8. Dear All, I have a network of 25 Client Machines with Server 2008 R2 Active Directory Installed. Its the only Active Directory server in my network with no additional one, the problem is last day it was crashed. I install Active Directory server on another machine with same domain but the clients are unable to connect with domain controller. please help me out to solve this issue. waiting for a prompt response from all of you. Regards RMA
  9. We have a central admin site and a few primary sites. I want to pull in user groups from AD. Is it better for network traffic to do the discovery from the Central admin site or from the primary sites? I'm thinking of running group discovery as well as user discovery from the central site but I'm not sure. Also, I'm guessing it's better to run user discovery as well even though I technically only need groups?
  10. I'm trying to run a script which will create a group within Active Directory, specific to the server being deployed in an OSD TS, and then add that group to the local admins on the server. The TS completes successfully but the group isn't created, no error is recorded in smsts log file. I can run the script manually on the server after the build completes, so the actual powershell code works, but it fails to do what it's meant to do during OSD. Anyone had any experience of anything similar to this (script is listed below)? #Add Active Directory server admin groups to local administrators #
  11. I have one SQL server that is complaining about missing SPN principals. SCOM monitoring is saying SQL can't authenticate using Kerberos because it's missing the SPNs "MSSQLSvc/[server.domain.tld]:1433" and "MSSQLSvc/[server.domain.tld]". It's the default instance. This doesn't seem specific to SQL. I attempted to list SPNs in use with klist and setspn. klist will give me a list for the currently logged-on user, but setspn -L will fail, claiming this: C:\> setspn -L username@domain.tld FindDomainForAccount: Call to DsGetDcNameWithAccountW failed with return value 0x00000525 Could not
  12. On the Credentials page, supply appropriate credentials and then click Next. On the Role Services page, select Certification Authority and then click Next. On the Setup Type page, select Enterprise CA and then click Next. On the Specify CA Type page, select Root CA and then click Next. On the Set Up Private Key page select Create a new private key and then click Next. Leave the defaults on the Configure Cryptography for CA page, and then click Next. Important: CSP, Hash Algorithm and Key length must be selected to meet application compatibility r
  13. Install Enterprise Root CA using Server Manager Ensure that you are logged on to your server as an Administrator. Open Server Manager. Click on Manage and then select Add Roles and Features. On the Before You Begin page select Next. On the Installation Type page select Role-based or feature-based installation. On the Server Selection page ensure that the correct server is selected. On the Select Server Roles page select Active Directory Certificate Services and then click Next. On the Select Features page, click Next. On the Introduction to Active Directo
  14. Good to see a SCOM section here. Started using SCOM 2012 R2 to monitor a domain network. It's complaining that the DCs are lagging in AD queries: "The AD Last Bind latency is above the configured threshold." DCs talking to the PDC emulator are also complaining, "The Op Master PDC Last Bind latency is above the configured threshold." Turning off the Windows Firewall on the DCs stops the lag, but I don't consider that an acceptable solution. Further research told me that a firewall filter named, "Port Scanning Prevention Filter," is responsible. I won't go into the frustration about that
  15. Install Active Directory Domain Services Now that we have the VMs created, and the OS installed on both, we need to first install/setup Active Directory (AD). When you log into a new installation of Server 2012, Server Manager will auto launch. From Server Manager, click on Manage, and choose ‘Add Roles and Features’. On the Add Roles and Features Wizard, read the information on the Before You Begin dialog, and then click Next. On the Installation Type screen, select ‘Role-based on feature-based installation’ and then click Next. On the ‘Server Se
  16. Install Active Directory Domain Services Now that we have the VMs created, and the OS installed on both, we need to first install/setup Active Directory (AD). When you log into a new installation of Server 2012, Server Manager will auto launch. From Server Manager, click on Manage, and choose ‘Add Roles and Features’. On the Add Roles and Features Wizard, read the information on the Before You Begin dialog, and then click Next. On the Installation Type screen, select ‘Role-based on feature-based installation’ and then click Next. On the ‘Server Se
  17. Install Active Directory Domain Services Now that we have the VMs created, and the OS installed on both, we need to first install/setup Active Directory (AD). When you log into a new installation of Server 2012, Server Manager will auto launch. From Server Manager, click on Manage, and choose ‘Add Roles and Features’. On the Add Roles and Features Wizard, read the information on the Before You Begin dialog, and then click Next. On the Installation Type screen, select ‘Role-based on feature-based installation’ and then click Next. On the ‘Server Se
  18. In our last post we installed the Operating System on our VM's. Now, we will install Active Directory. Install Active Directory Domain Services Now that we have the VMs created, and the OS installed on both, we need to first install/setup Active Directory (AD). When you log into a new installation of Server 2012, Server Manager will auto launch. From Server Manager, click on Manage, and choose ‘Add Roles and Features’. On the Add Roles and Features Wizard, read the information on the Before You Begin dialog, and then click Next. On the Installation Type
  19. In our last post we installed the Operating System on our VM's. Now, we will install Active Directory. Install Active Directory Domain Services Now that we have the VMs created, and the OS installed on both, we need to first install/setup Active Directory (AD). When you log into a new installation of Server 2012, Server Manager will auto launch. From Server Manager, click on Manage, and choose ‘Add Roles and Features’. On the Add Roles and Features Wizard, read the information on the Before You Begin dialog, and then click Next. On the Installation Type screen, selec
  20. Hi! I ran a AD System Discovery when I first set up SCCM 2012, and all the computer accounts in AD has been listed in the 'All Systems' collection as intended. The only issue here is, almost 2000 of these computer objects are objects that hasn't been active or been in contact with a Domain Controller for the last 180 days. Yesterday, I started a cleaning process in AD, so the old computer objects in AD has now been disabled. Is there any possibility for me to clean the 'All Computers' collection and get rid of the disabled computer objects? Any help is highly appreciated :-)
  21. Hello, I have been trying to wrap my head around this problem. I am an SCCM 2007 administrator and we are porting over our packaged applications to SCCM 2012. Some of our packages have multiple programs attached to them. The programs attached to some of our packages define certain settings a group will get. For example "Package A" is used by 3 different business units and each has a certain configuration, so Program 1 will perform a slightly different configuration then program 2 or 3. Here inlays the problem, one of the major differences with the Application model in SCCM 2012 is that you
  22. Dear all, After had migrated my machine and user accounts from one AD domain to another AD domain. I configured SCCM 2007 with the new parameters of the new AD domain, SCCM 2007 can obtain the machines from the new AD domain but unfortunately the client agent could not be installed on them. The site code is the same as in the previous AD Domain. Regards.
  23. Help with SCCM and Active Directory On same server. Well hello my name is Zaper and I'm from Israel First thing first: I never seen an SCCM in my life this is my first time and I got no idea how to use it. Now few years ago a guy that used to work here installed the SCCM in our Active Directory server so I have on the same server both SCCM 2007 and my active directory. (Windows server 2003). my manager came over and sad "well we got this something that supposed to work but no one have a clue how to use it so you do it". Now all I need to happen is I want to push a package that will
  24. Hi, I'm wondering if it is possible to pull in only computer objects that are part of a specific Active directory Security group to a collection, and how such a query will look. Has anyone had to do this in the past, and is it possible? Ultimately we would like to separate computers by departments, and our AD access is such that we cannot create new ou's. Thanks. Coenie
  25. In a deploy task sequance you can set the AD location of the machine to build to, can you how ever have the machine detect the location (OU) that is is currently in and build to the same place or do you have to have a different ask sequence for every AD location? Thanks
×
×
  • Create New...