Content
Can I make 2000 ip pool adress when I have ip adress like 10.0.0.11?
I am trying to make site to site vpn, now imagine i have 2000 brunches, so I am trying to make a ip pool in the "Routing and remote access ", am I able to make 2000 ip pool when I have 10.0.011 dns server ip? I am using window server 2022…


Software Center: Compliance Status: Unable to Verify the status
Hello to all, I hope that someone will be able to help me, I installed MECM as well as the Software Center tool, in order to deploy software, updates and also the compliance system. However, I have a problem with compliance and I can't solve it: The…


Stop windows silently using domain credentials to access a share folder
Hi and thanks in advance for the time spent to read my issue. At work we've some user on our domain (lets call it DomA) that need to access a share on a fileserver in another domain (DomB). The issue is that windows tries silently to log in on the share…
We have created one test OU and apply weekly auto restart policy but this policy is not working withing that user system
We have created one test OU and apply weekly auto restart policy but this policy is not working withing that user system. policy is not showing in task scheduler on user's system


No GPO preventing the logon of administrators
A way to collect an administrator credential is to take control of a workstation in the unsecure tiers and expect that an administrator will connect to it. An attack such as credential theft or kerberos delegation is then performed. To reduce the impact…


Unable to Log into remote Desktop
I am having a huge issue trying to log onto Remote desktop server. I recently installed a new Windows Server 2022 Virtual machine with Active Directory as a secondary server to a Windows 2012 Primary Domain Controller. I followed the steps to make the…


Kerberos Pre-authentication
Hi How to check if all accounts require kerberos pre-authentication?


How to enabled all those users who have disabled kerberos preauthentication.
Hi I have 200 users in my active directory. Few of them have kerberos pre-authentication is disabled. I can get a list of users who have Kerberos pre-authentication disabled with the help of below cmlets: Get-ADUSer -Filter { DoesNotRequirePreAuth -eq…


demote errors in DC
Hi Team, I am migrating from win server 2012 R2 to win server 2022. I already migrated FSMO roles from primary to new server. There is no issues so far after migrated roles. But the problem started the demotion to old server which 2012 R2. I am…


Alias in exchange online visible but does not exisit in onprem AD
Hello, For one of our users we see an existing alias in our Exchange online portal. In our AD onprem there is no such alias. Most likely something went wrong during our renaming of this user? in ADSIEDIT we cannot find the alias. I found some…


How to communicate between two same server in two different locations?
So my original server is located at NewYork, right now I have a branch office located in Washington. I am trying to set my existing server in the Washington with the same domain, but I am having issue with network communication betweek the same server. …


Slow logging process in all workstations and servers in the domain
A few days ago, a problem started in this environment and now logging in any Windows 10 machine, or any server (except the domain controllers) takes more than 25 seconds. That is causing several other problems. I have this escenario: a local domain…
Is it possible to block only PIN usage for end users?
Is it possible to block only PIN usage for end users? They will be able to continue using fingerprint biometrics.


How to retrieve customer mails with oauth instead of basic auth imap in Microsoft Exchange
I have made a .Net WPF Desktop-App which allows customers outside of our domain(outside of our azure tenant etc.) to automatically export mails from IMAP Office365 Accounts. Since Microsoft disabled this legacy authentication method, it seems we need to…
Windows Server 2019 AD not correctly negotiating Kerberos encryption type
I have configured “Network security: Configure encryption types allowed for Kerberos” and selected RC4 along with both AES options however RC4 does not get enabled unless I uncheck every other option apart from RC4. I’m testing this by using a Windows XP…


unable to demote the Tree domain controller
Hi Please, need help I created a new Tree DC, with a different namespace than the root DC, both are connected through the Windows server 2022 Router. Root DC: namespace: ABC.com IP: 192.168.10.1 Tree DC: namespace: ECST.com IP: 10.255.255.1 In…
Intel's login policy has been changed
Hello Intel's login policy has been changed to ms azure, so you need to have ms mail, but you can't log in, so I tried to log in with my personal mail, but it's connected together and I can't log in …


Slow login issue after PIN setup when windows hello for business is enabled.
Hi, I have deployed and configured Windows Hello for Business -On Premises Certificate Trust for one customer on their Internal Only Network. . The infrastructure details are as follows: AD 2016 Domain Controllers. AD schema is Windows…


Restrict users to a single system
Dear Team, I have a domain of Windows server 2016 and all users have their roaming profile. I can see that users are unnecessary login in multiple systems when those are not in use and it is creating uncesessary profile creation in multiple machine. I…


Wrong Logon server when changing sites.
We are configuring servers for a client. We have a test lab (pre production) setup. We have 2 AD/DC setup on 2 different networks. We have sites and services setup with subnets defined. We can see in the registry that the "DynamicSiteName"…

