Quantcast
Channel: Active Directory Rights Management Service(On premise) forum
Viewing all 1025 articles
Browse latest View live

Allow user software installation right in active directory server.

August 24, 2020, 12:23 am
$
0
0

Hello Team,

We are deployed DNS,AD and application server in a single server.Due to application server we have to provide software update and installation right for software support team.Now on current scenario.if we allow administrator right for support team they can able perform software update install update patches task.In administrator right they able perform active directory user and site and change anything from themselves.

So we want to require only installation rights form support team in active directory server.anyone have any idea about this issue.

Thank you.


Search

Requested security protocol not supported - Windows Server 2016

September 3, 2020, 7:56 am
$
0
0

Good day,

I am having an issue with the "Requested security protocol not supported" error.I am using Windows Server 2016.

I once had the same issue on Server 2012R2 and i applied the hotfix windows 8.1 -kb3154520 -X64 and it fixed the problem.

How can i fix this on Server 2016 because the above hotfix is for server 2012

Thank you 

Tawanda

Cannot add buitin groups in the properties of a user in Active Directory

September 15, 2020, 6:12 am
$
0
0

Hello Folks,

Cannot add buitin groups in the properties of a user in Active Directory

Example : I have user abc in xyz domain, I want to add the user as member of Builtin/Administrators and Builtin/Remote desktop users but i cannot add it.

Need your suggestion.

Regards,

Arif

Arif

Kerberos Errors in One-Way Trust

September 17, 2020, 6:53 am
$
0
0

I've never posted here before, so I hope this is the right forum category.

I'm trying to get single sign-on working for our web application and I'm not having much luck. The setup is two separate domain forests, clientdomain.com and serverdomain.com.

The web application is installed on serverdomain.com. Before we added clientdomain.com to the mix, SSO was working correctly (everything was running locally on serverdomain.com). But when I try to connect to the web application from clientdomain.com, I'm getting kerberos errors in the event viewer:


A Kerberos error message was received:
 on logon session
 Client Time:
 Server Time: 13:41:42.0000 9/17/2020 Z
 Error Code: 0x7  KDC_ERR_S_PRINCIPAL_UNKNOWN
 Extended Error:
 Client Realm:
 Client Name:
 Server Realm: SERVERDOMAIN.COM
 Server Name: krbtgt/CLIENTDOMAIN.COM
 Target Name: krbtgt/CLIENTDOMAIN.COM@SERVERDOMAIN.COM
 Error Text:
 File: onecore\ds\security\protocols\kerberos\client2\kerbtick.cxx
 Line: 127f
 Error Data is in record data.

I'm a programmer and not an IT guy, so I've been doing tons of searching online but I haven't found anything that works.

The trust is one-way. SERVERDOMAIN.COM trusts CLIENTDOMAIN.com. The expectation is that users on CLIENTDOMAIN.com can connect to the web application running on webserver.serverdomain.com without any login prompts.

There is also a network load balancer in front of serverdomain.com with SSL configured. The load balancer dns name is clients.testing.serverdomain.com.

Any help would be greatly appreciated. Thank you!

Secure Active Directory Administration to Admin-Groups

September 23, 2020, 9:58 am
$
0
0

 Hi!

 I have created separate admin accounts for our System Administrators. How can I give full rights to them to perform their work? Do I need to delegate permission on each OU or I can give rights to them to top of domain?

Can anyone explain this and refer me to some examples to achieve this?

Thanks

Viewing all 1025 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>