how to know which application or update reason for system restart device managed by SCCM
Hello Expert, I have deployed Windows 365 PC that is co-managed in sccm. I have deployed a task sequence on this pc collection but found that this task sequence is not get started showing status in Progress in sccm deployment status of Task sequence. …
How to decommission an AD CA with active templates
I have been asked to decommission an old CA in my domain. There are about 8 domain controllers with old certificates in the cert store, along with active LDAPS2 and ldaps 2.1 templates. We need to keep only the root CA, but I see certificates for old CAs…
The trust relationship between this workstation and the primary domain failed
Good day, I have some issue which is this error will appear when try to login the PC that has been joined the domain. The error was "The trust relationship between this workstation and the primary domain failed". I try several solution which is…
AD Sync: Unable to select domain when creating new configuration with Microsoft Entra ID
I am trying to sync an Active Directory with Microsoft Entra ID cloud sync. However, when I click "New configuration," the drop-down box to select the domain is greyed out. I am a licensed global admin, and the DC agent appears as live in the…
We encountered an 'invalid_grant' error connecting to the identity provider. Please try again later
Category : Azure AD B2C We have added federated login(Sign in with Google) to our application. Google IDP is working well for users having @gmail domain users but non gmail users , some of the users we are getting below error. "We encountered an…
Navigating to an Azure AD B2C tenant results in a Limited or No Access prompt even though my account is a member of that tenant
When navigating to an Azure AD B2C tenant results in a Limited or No Access prompt even though my account is a member of that tenant. Navigating to this tenant worked for previous admins. The prompt says, "You are not a member of this tenant and do…
Problems with MS Teams logging in from browser (but works on mobile)
During login to MS Teams a user in our AD gets the following unspecific error: When we examined the Dev console we saw that error, that might be relevant - "Unrecognized Content-Security-Policy directive 'prefetch-src'" and "AuthZ Token…
active directory login and teams account are different
I have a Teams account that is different than the AAD Azure Active Directory account. Changing meeting options is difficult because the url when changing the meeting options does not allow the active directory account the ability to change the meeting…
Workday to Active Directory User Provisioning - Management Level Attribute
Hi All! I’m trying to add a workday attribute : Management Level (senior manager, manager etc). I’m trying to use the below XPath, but it is not bringing anything…
Fail to join a domain in DC2 Active Directory
Hi, I've completed 1st DC1 active directory setup as follow When I try to jon a domain in DC2 [20.136.20.252], it prompt this [An error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory…
Group Policy setting Cached Exchange Mode not working.
Hi All, I am struggling to set outlook Exchange Cached Mode to 6 Month Group policy.We have Citrix Environment users will connect to Windows 2019 server with RDS license's multiple connections, we have FSlogix configured. User will use Outlook and most…
Windows 11 connecting to Active Directory via Cisco AnyConnect
I'm going to start with the question here and if I need to move this elsewhere, I can. We have just started deploying Windows 11. We have a couple of users that it is working well for, however, just this week two new computers were unable to access…
Couldn't access member attribute of "Domain Computers" even if full control is present
The member attribute data cannot be fetched using the administrator credential for the group "Domain Computers/Users". The credential has full control access to this group. Any specific access needs to be provided to get the members of this…
Process of renewal of subordinate certificate of certificate server.
Hi Team. I have a few queries regarding our subordinate certificate server's upcoming certificate expiration. We need to renew the expiring certificate, but I'm concerned since it is integrated with many other services. We have an offline root CA and…
Microsoft 365 Defender for endpoint GPO
Hi all, We are in phase of implementing Microsoft 365 defender for endpoint and we are not going to use Intune for deployment. We are using service similar to intune for mobile device management. My question is how can we use GPO for defender config?…
New User not syncing from On Premise AD to Office O365
Our organization uses a hybrid cloud model. Just as it says in the title. I have a new user starting, I created the account in AD then sync to Office 365, but the user does not show up at all. There are no errors noted but I did see them listed at…
GPO is not applying
Hi All i am applying the below GPO on an OU, this OU has Windows 2019/2016 Servers. My domain controllers are a mix of Windows 2019/2016. On the member server when i check RSOP i am seeing that the GPO is applied but when i check from gpedit.msc the gpo…
How do I limit the size of Sysmon folder content?
We have sysmon configured in our servers C:\Sysmon. There is no quota or limit on this folder set, so it keep inclreasing and we get the high disk volume alerts in odd hours, then we have to delete the files manually. Is there any option to capping the…
Entra ID - Enterprise Application SCIM - Manager Value is missing on some users
I have a problem that I'm not sure how to solve. We have an Enterprise application, but for some users, the manager value in the at SAAS app is empty, so if a manager is using the application, the manager will not see all of the employees. The…
How to update FFL/DFL from Windows 2003 to Windows 2016
Hi Everyone, I have a domain with an FFL version of Windows Server 2003 and a DFL of Windows Server 2008. The DC's on the domain are Windows Server 2016. I want to upgrade the FFL and DFL versions of the domain to Windows Server 2016. I have some…