Beep boop
This requires a fairly specific configuration to occur but I didn’t see this documented anywhere so I figured I’d write about it. If you run your own Enterprise Certificate Authority using the Active Directory Certificate Authority and have used the default ‘Domain Controller’ template you may run into this problem. By default, it does not … Read more
It’s read-only Friday so I decided to perform a offline audit of our Active Directory passwords. I found this great tool: https://gitlab.com/chelmzy/five-minute-password-audit which in turn is a fork of this tool: https://github.com/DGG-IT/Match-ADHashes What I’m going to write here is mostly a repeat of these two Gitrepos with a few tweaks and corrections. To perform this … Read more
We have an application that uses LDAP over SSL to authenticate users via Active Directory. The server running the application is a member of the domain and has the domains Root CA installed in it’s local certificate store. Technically the Root CA should be good enough for the server and any applications on it to … Read more
We recently switched to a new VPN server after Mac OS dropped support for PPTP and because we were way overdue to do it anyway. Since then personal computers were unable to access network shares via DFS. They could go directly to the file server and that would work. Users who connected to VPN with … Read more
We just recently went through an AD forest migration AND an Exchange 2010 -> 2016 migration across forests at the same time. Good times. One of the many issues that came up after the migration was the majority of our users being unable to share their calender’s with other users. When trying to share via … Read more