Tag: Active Directory

How to Fix Prepare AD Schema Error at Installing the Exchange 2016 Cumulative Update 23

Today, I helped a client migrate Exchange from 2010 to 2019. As you know, Exchange 2010 can’t migrate to 2019 directly. You need to migrate Exchange from 2010 to 2016 and then 2019.
When I tried to prepare the AD schema for installing Exchange 2016 CU23, and it happened the error message is below.
“One or more servers in the existing organization are running Exchange 2000 Server or Exchange Server 2003”.
The error is because they were not uninstalled Exchange 2000 or 2003 completed. Let’s fix it.

How to Remove On-Premises Directory Synchronization Service Account from Microsoft 365

If you are trying to rebuild the Azure AD Connect server, but you noticed y the Delete user is greyed out and you cannot delete the existing On-Premises Directory Synchronization Service Account from Microsoft 365 admin center.

Azure Active Directory Synchronization Migration to MS Graph API at Mimecast

Microsoft is ending support for the Azure Active Directory Graph API. To allow for continued service, if your application providers migrate all Azure Active Directory Synchronization integrations to the MS Graph API, you need to change your API permissions.

How to add organization with Basic Authentication at Veeam Backup for Microsoft 365

You are required to provide a username and password to authenticate to your Microsoft 365 organization if you add an organization using the basic authentication method.
I won’t recommend adding organization with basic authentication, Microsoft announced that effective October 1, 2022, we will begin disabling Basic authentication for Outlook, EWS, RPS, POP, IMAP, and EAS protocols in Exchange Online. SMTP Auth will also be disabled if it is not being used.

How to add organizations with Modern Authentication and Legacy Protocols at Veeam Backup for Microsoft 365

You will use both Veeam Backup account and Azure AD application for authentication if you add an organization using the modern authentication method with legacy protocols allowed. Veeam Backup for Microsoft 365 uses Veeam Backup account and an application to establish a connection to your Microsoft 365 organizations with disabled security defaults and maintain data transfer during backup and restore sessions.

How to configure Azure AD Application Permissions for Modern Authentication and Legacy Protocols Authentication of Veeam Backup for Microsoft 365

Veeam Backup for Microsoft 365 Modern Authentication and Legacy Protocols Authentication requires that you grant permissions to Azure AD applications to back up and restore data from/to your Microsoft 365 organizations.

How to configure service account permissions required for Veeam Backup for Microsoft Office 365

You are required to provide a username and password to authenticate to your Microsoft 365 organization if you add an organization using the basic authentication or Modern Authentication and Legacy Protocols method.
I won’t recommend adding organization with basic authentication, Microsoft announced that effective October 1, 2022, they will begin disabling Basic authentication for Outlook, EWS, RPS, POP, IMAP, and EAS protocols in Exchange Online. SMTP Auth will also be disabled if it is not being used.

How to deploy Microsoft Local Administrator Password Solution (LAPS)

Cyberattack is one of the fastest growing crimes in the world, we have seen passwords being leaked regularly, local administrator account is like God of machine, it has superpower to do anything for the machine. A lot of IT guys simply use the same password for all local administrator accounts, the attacker easy access to the whole estate if one machine is breached.

Microsoft LAPS is one of solutions to prevent the issues, The “Local Administrator Password Solution” (LAPS) provides management of local account passwords of domain joined computers. Passwords are stored in Active Directory (AD) and protected by ACL, so only eligible users can read it or request its reset. Today, I am going to show you how to deploy it.

How to move failover clusters on the same hardware to another domain

How to move failover clusters on the same hardware to another domain

How to fix FRS is deprecated error

      No Comments on How to fix FRS is deprecated error

If you are trying to promo windows server 2019 as domain controller, it happened “Verification of replica failed. The specified domain {Domain-Name} is still using the File Replication Service (FRS) to replicate the SYSVOL share. FRS is depreciated.” Error, this is because Windows Server version 1709 (or after version) can no longer be added as an Active Directory domain controller (DC) to an existing domain that is still using File Replication Service (FRS) for replication of the SYSVOL share.

How to fix trust relationship between workstation and primary domain failed without rejoin domain

If you tried to restore VMs (or physical machines) and it shows the trust relationship between this workstation and the primary domain failed, I won’t recommend using rejoin domain to solve issues, because it will happen unexpected issues after disjoin and rejoin domain.

Today, I am going to show you how to fix it without disjoin and rejoin domain.

How to increate office 365 E3 (E5) mailbox storage limits from 50GB to 100GB

If your organization currently has subscriptions to Office 365 Enterprise E3 or E5, the default mailbox storage limit is supported 100GB. You can check it from the account information of outlook.

Unfortunately, there are many people noticed the default size is still showing 50GB, today, I am going to show you how to increase it to 100GB.

How to Configure the Microsoft Active Directory Domain Controller as Authentication Server at Citrix ADC

Today, I am going to show you how to configure the Microsoft Active Directory Domain Controller as Authentication Server at Citrix ADC.

How to Fix Missing SYSVOL and NETLOGON share and replication issues on new Domain Controller at Azure

Today, I deploy a new domain controller server at Azure after site to site VPN built. Verify the replication status looks fine, but when I check the SYSVOL and LOGON shares folders status, I noticed there is no any shared folder at the new domain controller server.

How to Transfer FSMO Roles and Time Server Roles to new Domain Controller

Today, I am going to show you how to step by step transfer FSMO roles to new domain controller server, and transfer time server role from the old domain controller to new domain controller.