Category Archives: Delegation of Control

Security Thoughts: Microsoft Local Administrator Password Solution (LAPS, KB3062591)

As you might recall, Microsoft offered a solution to systems administrators to set the local administrator password on domain-joined devices using Group Policy Preferences, but ended the solution, almost a year ago, when the encoding mechanism was decoded and an attack was created towards this vulnerability (CVE-2014-1812).   Introducing LAPS Yesterday, Microsoft introduced version 6 […]

29  

KnowledgeBase: You receive a “Your request could not be processed” error when using Azure Self-service Password Reset (SSPR)

Recently, after deploying Azure Self-service Password Reset (SSPR) for a customer, I discovered some odd behavior. After we worked through the error tree, we finally worked out the issue. Since it wasn’t documented yet (many other errors are!) at Microsofts KnowledgeBase, here it is.   The situation In an organization with an on-premises Active Directory […]

3  

I’m still an ADPrep kinda guy

In Windows Server 2012, Microsoft introduced the new streamlined Active Directory Domain Services Configuration Wizard, that in most Microsoft documentation is labeled the successor to dcpromo.exe. I’m a big fan of the new wizard, but there’s one feature I don’t use: the automatic Active Directory preparation steps it can perform for you to update the […]

0  

New features in Active Directory Domain Services in Windows Server 2012, Part 19: Offline Domain Join Improvements

This entry is part 18 of 21 in the series New features in AD DS in Windows Server 2012

With Windows 7 and Windows Server 2008 R2 Microsoft introduced a new Active Directory feature called Offline Domain Join (ODJ). This feature allows for clients to be joined to an Active Directory domain, without the need of having a direct connection to any of the Domain Controllers for the Active Directory domain.

4  

Tip: Zohno’s Z-Hire & Z-Term (freeware)

Many software vendors and organizations have adopted workflow tools to accommodate their needs towards faster delivery of the same quality. At least, getting an OK from a senior executive, is something that can be automated to save time, right? Another angle a lot of organization explore is Delegation of Control. Why wait for a centralized […]

0  

From the Field: the Case of Display Issues (garbled or missing Text) in Active Directory Administrative Center

I’ve been working with Active Directory Administrative Center (ADAC) for a while now, but didn’t have time to look at Delegation of Control lately. Yesterday I finally came round to configuring it and was baffled by a serious issue

0