Certificate Templates Microsoft created certificate templates for you to use as a starting point. They are meant to be duplicated and configured for your specific needs. All Enterprise CA servers issue certificates based on one or more of the certificate …
The below PowerShell script will generate a CSV file that lists each replication subnet in Active Directory Sites and Services. The list includes the site associated with the subnet, and whether or not a domain controller is in the site. …
Some notes for deploying a single online Enterprise Root Certification Authority (CA) using Active Directory Certificate Services (ADCS) in a lab environment. For this lab deployment, ADCS is installed on a Windows Server 2016 domain controller (do not do this …
Some notes about the process and steps for renewing (rolling over) the self-signed Active Directory Federation Service (ADFS) token-signing and token-decrypting certificates. This applies to ADFS v3.0 on Windows Server 2012 R2 and ADFS v4.0 on Windows Server 2016. …
You have a domain joined computer, and you want to add a domain user or domain group to one of the computer’s local groups. If you have administrative permissions on the domain joined computer, this can be done quickly with …
Some PowerShell commands to quickly add a Windows 2012 R2 server to an active directory domain in a lab environment. This includes configuring the NIC, renaming the server, and creating the AD computer account in a defined OU path. …
Some PowerShell commands to quickly build a Windows Server 2012 R2 DC for a new forest/domain in a lab environment. This includes some configuration changes to DNS, setting an external time source, building an OU structure, and creating administrative user accounts. …
Windows 7 Command to Update Group Policy on the Local Computer. Run the command prompt as Administrator. gpupdate gpudpate /Force Windows 7 Command to View Group Policy Settings on the Local Computer. Run the command prompt as Administrator. gpresult /R …
You cannot disable a Security Group in the same way a user account is disabled. However, you can change a Security Group to a Distribution Group, which disables all access provided by the group, but does not modify the group’s …
Before using these commands, make sure the domain controllers know about each other’s domains. Configure DNS forwarders. Establish a Trust netdom trust <trusting domain> /Domain:<trusted domain> /userD:<domain admin> /passwordD:<password> /add /twoway /enablesidhistory:yes Turn Off SID Filtering netdom trust <trusting …