Posts

Showing posts from April, 2023

User Account not shwoing in Azure Metaverse - Azure Sync Issues

  Issue : One user was not syncing to Azure AD from AD.   Outcome : Found that the user had been joined in the MV to another user and had to have their immutableID corrected to get the AD user matched back to their AAD object.   Troubleshooting: User had previously been synced to AAD, so the matching AAD object still existed in AAD, but was no longer connected to the AD object for that user. The AAD object for this user had become orphaned. Sync Server Manager Metaverse search showed that users's account had become synced with another user's account and the affected user's immutableID (msDS-ConsinstencyGuid) had been changed in AD to match the wrong AAD user. In order to separate the user's AD object from the incorrect user in AAD, we first pulled the user out of their syncing OU, ran a sync, and then put them back into their original OU and ran another sync; this was to un-sync the user from the incorrect user ...
Post a Comment
Read more

How to create a Service account in Active directory\AD

Image
Procedure to Create a Service Account Table of Contents   1.      Introduction . 4 2.      Objective of this document . 4 3.      Prerequisites . 4 4.      How to create a Service account . 4 1.    Introduction A service account is an account that is used to configure and/or run a specific infrastructure system or component.  These accounts are not used directly by normal users and the passwords are known only by selected service Administrators. 2.    Objective of this document This document details the step-by-step procedure to create a Service Account. 3.    Prerequisites Ø   Application/Service name for which the service account is requested Ø   Short description of the usage of the Service Account 4.    How to create a Service account a.      Logon to the server “DC” where AD tools are installed. b.   ...
Post a Comment
Read more

Account lockout : Script to identify the caller's computer name

  Use this script to identify the caller's computer name ################# $filter = @{ logname='security' id=4740 starttime=(get-date).adddays(-7) } $filter.add('data','Accountname') get-winevent -computername DCservername -filterhashtable $filter| select-object -property timecreated, @{label='username';expression={$_.properties[0].value}}, @{label='computername';expression={$_.properties[1].value}} ##########################3
Post a Comment
Read more