Category Archives: Active Directory 2012

Microsoft August 2020 Patch issues and unanswered questions: No Netlogon events in Domain Controller logs after August 2020 Patches

August 2020 Patch (CVE-2020-1472) is fixing Netlogon Elevation of Privilege Vulnerability, we have to patch all the Domain Controllers to secure our environment from this Vulnerability and its two-part rollout stars on August 2020 and Feb 2021, we have many unanswered questions like, is the August 2020 patch will affect the non-secure clients? is there… Read More »

GPO Update failed with LDAP Bind function call failed error on Windows Server 2016/2019/2012 and Windows 10

If you are forcing GPO Update then you will get LDAP Bind function call failed error on Windows 10 and Windows Server 2012/2016/2019 and also can’t access Sysvol/Netlogon share and also getting other authentication failure errors Also Read: Group policy is not applying/working after patching (GPO Permission issues) Getting below error on gpupdate /force  Updating policy “Computer… Read More »

msds-generationid not set on Windows Server 2012

msds-generationid attribute is not set for windows server 2012 virtual domain controller on vmware, if you notice when querying msds-generationid attribute value and it return blank, why attribute valve not set and blank? Any reason for this behavior? Its new feature of Active Directory 2012, which is used to restoring AD database from snapshot image,… Read More »

Planning safe Decommission of Domain Controller (Decommission of Active Directory site) Without Impacting Users

Best practice for decommissioning a Domain Controller Server: In general Decommission of Domain Controller is straightforward procedure and not required a much planning as we always have a redundant Domain Controller in a same site, so the client authentication will be handled by the other DC’s, if you want to find is any application hard-coded(“hard path”… Read More »

Windows Server 2012 Active Directory Trust Relationship Problem

You use to get the error message “The security Database on the server does not have a computer account for this workstation trust relationship.” or shows “Login ID or password incorrect” while the time of logon on Windows Server 2012 R2, most recommended solution is re-join toActive Directory Domains or rebuild the server to fix… Read More »

Why PowerShell remoting can’t be enabled on a Windows server 2008

By default PSRemoting is disabled in Windows server 2008, is there any reason why PowerShell remoting can’t be enabled on the Windows server 2008 box? And of course we can enable manually through multiple ways, any security risks/issues on Windows server To address about risks/issues of enabling it, there might actually be none. The question… Read More »

Enable Powershell Remoting on Windows server 2008 R2 and 2012

Powershell Remoting is very impressive feature from Windows server 2008 R2 / Powershell 2.0, it allows to run any PowerShell commands or access full PowerShell sessions on remote Server unlike the older native commands that run on the same server where the command been executed , so it’s powerful and easy to run a function from multiple… Read More »

Monitor NTLM authentication delays and issues on Windows 2008 and 2012

Events to track authentication delays and issues: Finally we have new event log entries that can track NTLM authentication delays and issues in Windows Server 2008 R2, in a complex environment with multiple Forests and multiple Domains NTLM authentication request will be more and it’s difficult to monitor and track the Bottlenecks Also Read: AD… Read More »