Servers lose connection to the domain
Hello. I have terminal servers. Once a week, random servers lose communication with the domain controller. When logging in via RDP, I get an error that the server failed to establish a trust relationship. After a reboot everything works. Controller…
Migrating User Rights Assignments Policies to InTune
I have a number of GPOs I want to migrate. Some of these have User Rights Assignments settings, such as the Allow Log on Locally setting, so for the sake of safety, I want to keep the old GPOs in place. I have tried using a configuration profile and the…
Stuck with AD DS Config Wizard
Hi, There are 2 AD DS in a domain X. One is left over from a previous AD DS FSMO in domain X that is no longer existing. The other is a new AD DS to be built in the same domain X. Since days I'm stuck at the AD DS Config Wizard - "Select the…
How to change days before password expires notice
I'm looking for a way to change the number of days before notifying users of password expiration from the default of 5 to some other number. I've found a web posting that references: Default Domain Policy (or Default Domain Controller Policy?) >…
Windows 11 23H2 not able to connect to wireless Miracast
Hello, We are currently testing Windows 11 23H2 and ready to deploy to all users in our organization. We ran into an issue that stopping us from going forward with our Win 11 deployment. Many of us using wireless Miracast device to project our laptop…
Entra Hybrid join error
Hello, I'm trying to deploy Entra Hybrid AD join for a company and on our devices the following error occur: (The devices in Entra remain "Entra registered") I used DSRegTool but it only said that my device is not in local domain but it is…
Assistance Required: Disassociating from a Client's Azure Directory to Stop Receiving Alert Emails
I have been encountering an issue related to receiving multiple unsolicited emails daily, since my work with a particular client concluded. These emails often contain notifications such as "Azure: Deactivated Severity: 3 cpu greater than 60",…
Regarding access token generation using REST API
We are using Azure subscription with the Standard Tier. We have a requirement to use Cost Details API in our application. For that, we need to generate access token for Cost Details API authorization. Is there any REST API available to generate access…
Why does Cloud Sync Review and enable show Scoping filters set to All users?
I'm setting up Cloud Sync and set my Scoping filters to "Selected organizational units". The Distinguished name of my test organizational unit has been saved in the configuration, but when I go to Review and enable cloud sync it shows Object…
Methods or tools to back-up cloud-only Entra ID identities and import this back-up in a local AD?
Are there methods or tools available to back-up cloud-only Entra ID identities and import this back-up in a local AD?
Azure B2C Custom Policy donot honor login prompt
I have B2C Custom Policy and it works great except only one issue. If I pass login prompt then it doesnot work and shows select account but If same code is used against standard userflow then it works without any issue
IIS and Domain Certificate
Hi, I am currently in training and working on a LAB (Hyper-V) in a Microsoft environment. I am encountering an issue with SSL certificate validation on an IIS server running on Windows Server 2019 and 2022 (I have tested both). Two virtual machines,…
AZUREADSSOACC Key Rollover no longer works using Hybrid Identity Administrator creds
Hi I use a PowerShell script in an Azure Hybrid Worker Runbook to automate the rollover of the Kerberos decryption key for the AZUREADSSOACC computer account. It uses a service account in Entra ID which is assigned the Hybrid Identity Administrator…
No Mobile Phone Option for AAD B2C SignIn or SignUp
Hello, We currently encountered a situation in which a user didnt have a mobile phone to sign up to create an Entra ID account. The mobile phone is required to send them a verification code as our account sign up is password-less. Is it possible to have…
Unable to Access Windows Server 2019 Datacenter Using Azure Active Directory User
I am facing an issue while attempting to access a Windows Server 2019 Datacenter instance using an Azure Active Directory (Azure AD) user. Despite configuring various settings on the server, I encounter an error stating "the username or password is…
How to onboard On-premise Windows Servers on Azure Arc on scale using PowerShell (PSSession)
We are planning to onboard our on-premises Windows Server (lowest version is 2012 R2) to Azure Arc on a scale (Approx. 400 Servers). We downloaded PS script from Azure Arc and ran from one of the servers to other remote servers using PS Session to…
Users are unable to log into Outlook mobile devices
Dear Expertise, In my on-premises Exchange environment, some users are unable to log into Outlook mobile devices. However, these same users can log in using other mobile email apps such as Gmail or the default email app through the email address. Here's…
Hybrid environemtn - SSO not working
Hi, We have a Hybrid environment, and are trying to auto enroll our Hybrid joined machines to Intune. I have created a GPO and linked it to the machines It seems to work for some, but many fails. When I check dsregcmd I get the following EntraID…
How to migrate mail from mdaemon to office 365
Dear team, My client want to migrate mail service from MDaemon to Office 365. With existing environtment have active directory windows server 2012 that sync with mdaemon and sso they don't want to upgrade active directory for now and expect they will…
using Azure AD B2C SAML custom policies, How to add redirectino to a default website after users successfully authenticate so the new site will have access to all the SAML response attributes
the SP here is Splunk we have succssfully implemented SAML integration with Azure AD B2C using custom policies We followed MS documentations to add the redirect url on the registred APP but it is not working I added an extra line to the SigninSignup…