Setting up Virtual Smart card logon using Virtual TPM for Windows 10 Hyper-V VM Guests

Hello Everyone, my name is Raghav and I’m a Technical Advisor for one of the Microsoft Active Directory support teams. This is my first blog and today I’ll share with you how to configure a Hyper-V environment in order to enable virtual smart card logon to VM guests by leveraging a new Windows 10 feature:… Read more

Friday Mail Sack: It’s a Dog’s Life Edition

Hi folks, Ned here again with some possibly interesting, occasionally entertaining, and always unsolicited Friday mail sack. This week we talk some: DNS partition absence Controlling DCDIAG event messaging Inventorying SYSVOL replication architecture Weird WMI DFSR volume paths Tightening up your inactive user account queries More logon banner info Smart card logons working “too well“… Read more

RSA SecurID Do Over

Ned here. If you are using RSA SecurID, you’re probably aware they were compromised several months ago. You may also have heard that since then, hackers have been using that stolen info to attack or compromise various organizations. What you may not know is RSA is now issuing replacement tokens for their customers. The catch… Read more

Certificate Authority disaster recovery steps when smartcard logon is required but no valid CRL can be published

[Editor’s note: this is a reprinted post from the AD Troubleshooting Blog. If you’re not already a subscriber to that blog, you absolutely need to add it to your feed. Ingolfur is a Sr. Support Escalation Engineer in Sweden and a very smart dude – with rather odd hair – who deserves your attention. Make… Read more

Friday Mail Sack: No Redesign Edition

Hello folks, Ned here again. Today we talk PDCs, DFSN, DFSR, AGPM, authentication, PowerShell, Kerberos, event logs, and other random goo. Let’s get to it. PDCE and user auth DFSR full mesh recommendations Access Denied when delegating Kerberos Clearing Event Logs en mass Where to install AGPM Using Authentication Mechanism Assurance without MS PKI The… Read more

Friday Mail Sack: Newfie from the Grave Edition

Heya, Ned here again. Since this another of those catch up mail sacks, there’s plenty of interesting stuff to discuss. Today we talk NSPI, DFSR, USMT, NT 4.0 (!!!), Win2008/R2 AD upgrades, Black Hat 2010, and Irish people who live on icebergs. Faith and Begorrah! NSPI max sessions per user DFSMGMT.MSC compatibility in mixed environments… Read more

Mapping One Smartcard Certificate to Multiple Accounts.

Good morning world, Paul Fragale here to bring you the latest trend in smart card logon requests. Some people have been reading on our TechNet pages, such as Smart Card Authentication Changes, about the ability to allow users to have one smart card, one certificate on that smart card, and map to multiple users. This… Read more