Turn on that Scary DC

Stephen Mathews here; now tell me, do you have a domain controller you’re afraid to turn on? Maybe it lost power and nobody noticed for a couple months or you don’t trust your AD restore procedures; perhaps a troubled DC keeps deleting your DNS records – whatever happened, I’m going to show you how to… Read more

The Case of the Vanishing Static Reverse DNS Records

Hey everyone! PFE Tim Beasley here coming to you live from the warm, cozy sands of Bora Bora…Pfft yeah. I wish! … No I’m in Missouri…where it’s miserably winter outside. But I digress, I am writing this post to hopefully shed some light on a bizarre issue I recently faced at one of my dedicated… Read more

Convert a Federated Domain in Azure AD to Managed and Use Password Sync – Step by Step

Hi all! I am Bill Kral, a Microsoft Premier Field Engineer, here to give you the steps to convert your on-premise Federated domain to a Managed domain in your Azure AD tenant. In this case, we will also be using your on-premise passwords that will be sync’d with Azure AD Connect. There are many ways… Read more

The Riverbed Field Guide for the AD Admin

Unexpected TCP resets, intermittent “Network Path Not Found”, and SMB dialects being downgraded. These errors point to something very odd and potentially very bad, happening on the network. If you are like many AD administrators, at the first sign of network impropriety, you likely engage the network team and request the network issues be addressed…. Read more

Two Unusual Azure AD Connect Configuration Issues

Hello, my name is Michael C. Bazarewsky, and I’m a Public Sector Secure Infrastructure PFE, spending most of my time working on Azure-related engagements. Today, I wanted to present two quick notes about some issues I saw while helping a customer perform a parallel installation of Azure AD Connect, to upgrade from an older DirSync… Read more

AskPFEPlat Ask Me Anything-September 2016

UPDATE (9/26/2016 @ 10:45a ET): Thank you all for your participation in this AskPFEPlat Ask Me Anything Q&A blog session! We are ending active questioning at this time. Rest assured, if you have asked us questions and have not yet gotten a response, we are still working on it. Additionally, we would like to request feedback on… Read more

WPT: Peeking at Logon Delays

Hi everyone, Randolph Reyes (Randy) here with another blog contribution. In this particular engagement, I was working doing an Active Directory Offline Security Assessment (awesome delivery), and one employee with knowledge of using Windows Performance Toolkit stopped me on my way to lunch. Customer: Can we see how long takes an employee to type their… Read more

Determining the Dominant User and Setting the ManagedBy Computer Attribute

Hi again, this is Stephen Mathews and I’m here to talk about how to determine the dominant or primary user of a Windows operating system. This insight can help administrators facilitate direct communication with the affected user when a system needs management, and can even help non-enterprise users, such as a parent questioning which child… Read more

Monitoring Service Accounts with System Center Operations Manager

Brad Watts with another blog on System Center Operations Manager. One of the common scenarios I run into with customers is monitoring service accounts with Operations Manager. Specifically, three common scenarios dealing with service accounts: · Account Locked Out: typically there are a group of service accounts that you need to know immediately if they… Read more

The Importance of KB2871997 and KB2928120 for Credential Protection

Hello, my name is Paul Bergson and this is my first time writing a blog for AskPFEPlat. I am a platforms PFE in the Premier division of Microsoft. If my name looks familiar, it could be because I spent about 10 years in TechNet’s Directory Service Forum as an MVP and Moderator (pbbergs). I wanted… Read more