Upgrading Microsoft Server 2008 R2 domain controller to Microsoft Server 2016

By Mark D. Albin, M.S. | January 20, 2019

The below document walks you through how to upgrade a single Domain Controller in a small business environment from Microsoft Server 2008 R2 to Microsoft Server 2016. Join server 2016 to current domain. Add administrator account to remote access Install AD DS role on 2016 server Click the link to promote domain controller Add Administrator

How to Detect Low Level Active Directory Database Corruption

By Mark D. Albin, M.S. | January 14, 2019

Active Directory maintains a multi-master database, like any other database there, can be data corruption and crashes. I have not come across an Active Directory environment that a full Active Directory database recovery is required. I have seen situations where there is some corruption that needs to be addressed. By running integrity check, we can

Activating Microsoft Server on Dell OEM license

By Mark D. Albin, M.S. | January 13, 2019

Follow the below steps to solve the problem activating a Dell server OEM Microsoft Server license when using the supplied OEM disc to install the VM in Hyper-V. And you use the same key you use when installing the Hyper-V Host. Auto-activation failed, the activation screen had an error code listed and would not let

Using Automatic Virtual Machine Activation on Microsoft Server

By Mark D. Albin, M.S. | January 11, 2019

Automatic Virtual Machine Activation is a feature that handles the activation process for an instance of Windows Server inside a Hyper-V virtual machine, so it does not need to directly contact any other system to activate the Windows Server instance. Automatic Virtual Machine Activation is engineered to digitally facilitate the guest virtualization rights allowance of

Widespread DNS Infrastructure Hijacking Campaign

By Mark D. Albin, M.S. | January 11, 2019

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization’s domain name resources resolves. This enables the attacker to redirect user traffic to

Installing Active Directory Certificate Services

By Mark D. Albin, M.S. | January 9, 2019

Before you install Active Directory Certificate Services there are a few tasks that you must complete first. You must name the server, configure the server with a static IP address, and join the server to the domain. To install Active Directory Certificate Services, the server you are installing AD CS must be joined to a

Server 2016: Enabling the Active Directory Recycle Bin

By Mark D. Albin, M.S. | January 2, 2019

In order to make recovery of Active Directory objects very simple in Microsoft Server 2016 and beyond you must enable the recycle bin, because by default the Active Directory recycle bin is turned off. To accomplish this, you need to open the Active Directory Administrative Center and click the “Enable Recycle Bin” link on the

PowerShell: Counting users in Active Directory Group

By Mark D. Albin, M.S. | January 1, 2019

Sometimes it is important to know how many users are in a particular Active Directory Security Group. The below PowerShell code will accomplish this for you. The Get-ADGroupMember cmdlet gets the members of an Active Directory group. Members can be users, groups, and computers. Code: $users = Get-ADGroupMember -Identity ‘Group Name’ $users.Count If you need

Server 2016: Backing Up Active Directory with PowerShell

By Mark D. Albin, M.S. | January 1, 2019

Backing up Active Directory with Windows Server 2016 can be achieved by following the below instructions. We use this for small businesses that don’t want to use the more expensive third-party backup options. Setting Up Server Backup Environment First you need to have a separate volume partition to save the backup too. I am will

Creating a Group Managed Service Account

By Mark D. Albin, M.S. | January 1, 2019

The group Managed Service Account (gMSA) provides the same functionality within the domain but also extends that functionality over multiple servers. When connecting to a service hosted on a server farm, such as Network Load Balanced solution, the authentication protocols supporting mutual authentication require that all instances of the services use the same principal. When