Certificate Templates Microsoft created certificate templates for you to use as a starting point. They are meant to be duplicated and configured for your specific needs. All Enterprise CA servers issue certificates based on one or more of the certificate templates. You cannot create a new template from scratch. There is only one set of …
The below PowerShell script will generate a CSV file that lists each replication subnet in Active Directory Sites and Services. The list includes the site associated with the subnet, and whether or not a domain controller is in the site. This script assumes you have a healthy AD and that your domain controllers are online. …
Update [06-Feb-2018]: Initially, this post was written to show how a single certificate could be used for all ConfigMgr Clients on workgroup computers. But, based on further testing (thanks Bill), it turns out you cannot use a single certificate for ConfigMgr Clients on workgroup computers. I’m assuming this is because the ConfigMgr client uses a …
Exchange resource mailboxes can be defined as conference rooms or equipment. Each of these mailboxes have a booking attendant service that is turned on by default. Sending a scheduling request (a meeting invite) to a resource mailbox will trigger the booking attendant, and the booking attendant will respond to the scheduling request (approved or denied) …
Some notes for deploying a single online Enterprise Root Certification Authority (CA) using Active Directory Certificate Services (ADCS) in a lab environment. For this lab deployment, ADCS is installed on a Windows Server 2016 domain controller (do not do this in production) using contoso.com. PowerShell and the CertUtil commands are used whenever possible to complete …
When working with multi-dimensional arrays like imported CSV data, sometimes you want to change one or more values in one of the rows. For example, you have imported user account data from a CSV file that uses an AD account’s samAccountName as a unique value for each row. Included in this CSV data is the …
Some notes about the process and steps for renewing (rolling over) the self-signed Active Directory Federation Service (ADFS) token-signing and token-decrypting certificates. This applies to ADFS v3.0 on Windows Server 2012 R2 and ADFS v4.0 on Windows Server 2016. ADFS Token Certificates Out of the box, ADFS generates two self-signed certificates that are good …
When developing an update plan for Office 365 click-to-run products, part of the process is deciding where the Office applications will source their updates. For smaller organizations, using Microsoft’s Content Delivery Network (CDN) works just fine. For larger organizations, which have offices holding thousands of computers, it’s better to use an internal source. An internal …
Some notes about deploying and managing OneDrive for Business in an enterprise environment. There’s no lack of information on configuring an Office 365 tenant for OneDrive for Business. The problem is that it’s scattered all over the place, and since OneDrive for Business is layered on top of SharePoint Online, a lot of the information …
The following notes are for deploying the Office 365 Click-to-Run (C2R) suite of applications in an enterprise environment. Most of the information here leans towards an Office 2016 Professional Plus deployment. [Update] This post was updated 14-Oct-2017 to reflect the new Update Channel names. According to Microsoft, the old update channel names are still supported …
You have a domain joined computer, and you want to add a domain user or domain group to one of the computer’s local groups. If you have administrative permissions on the domain joined computer, this can be done quickly with the below PowerShell. If you have a large number of domain joined computers that require …
Some PowerShell commands to quickly add a Windows 2012 R2 server to an active directory domain in a lab environment. This includes configuring the NIC, renaming the server, and creating the AD computer account in a defined OU path. Setting up the NIC # Define the IPv4 Addressing $IPv4Address = “10.10.99.50” $IPv4Prefix = “24” …
Some PowerShell commands to quickly build a Windows Server 2012 R2 DC for a new forest/domain in a lab environment. This includes some configuration changes to DNS, setting an external time source, building an OU structure, and creating administrative user accounts. Setting up the NIC, Renaming the Computer, and Rebooting # Define the Computer Name …
I wanted a way to choose what my PowerShell session would connect to when starting up. At various times I need to connect to on-premises production systems, to lab systems, or to an Office 365 tenant. Editing my profile each time I wanted to connect to something different became time consuming. So I figured out …
Three Network Topology Options Because DirectAccess in Server 2012 R2 can be configured with a single NIC, there are actually more than three network topology options. However, I will only be covering the options when using 2 NICs. A DirectAccess server supports being behind a NAT device such as a firewall, but it can also be placed directly on the Internet …
The following will show you how to configure your Microsoft Lync client with up to 4 custom states. At the time of this writing, this configuration has worked with both the Lync 2013 client and the Skype for Business client on Windows 7 SP1, and Windows 8.1. [Update] This also works in Skype for Business …
Scenario I had a client with a mixed 32-bit/64-bit install base of Office Pro Plus (2010 & 2013). At one point they decided to start rolling out the 64-bit versions, but then switched back to 32-bit after having issues with some 3rd party plugins. They also had a number of systems with Visio & Project installed. All of this was …
[15-Oct-2017]: Updated the installation steps and web portal configuration steps to support pfSense v2.4. Introduction I wanted to build a virtual lab environment at home that would emulate an office environment. My requirements were to have separate network segments for Clients & Servers, and two DMZ networks. I also wanted my home network, which is external to the virtual …
Various Cisco Switch Commands. View User Accounts show run | in username Set User Account Password config t username <username> privilege <Num> sec <Password> exit write memory List All Interfaces & Status show int status List Interface Configuration show run int <PortNum> Configure an Interface config t int <PortNum> switch access …
A checklist of tasks one can do after installing Server 2012 R2. Note that Sysprep will reset some of these changes. Server Configuration Tasks Server Manager > Local Server Enable Remote Desktop Change Time Zone IE Enhanced Security – Admin: Off; User: On Change Computer Name, and add a domain suffix, or join to the domain …