User Profile
steve02a
Copper Contributor
Joined Jan 19, 2020
User Widgets
Recent Discussions
Azure AD connect - a few questions
I've used Azure AD connect for two clients of mine on a very limited test basis and it now has me asking myself several questions I'm hoping someone can answer for me. I understand the concept of Azure AD connect and I've read in KB articles about the benefits. One is the sync options (keeping local AD and Azure AD users and their passwords in sync). Easier to manage overall (as opposed to having to manage local AD users/passwords, and Azure users & passwords). What I was and wasn't aware of: On the local AD, all the users have cheap not-strong passwords. Passwords they have been using for years. No password policy for the local AD. I wasn't aware, until after I did my 1st sync - that all those local AD passwords would replace the Azure user passwords (which stemmed from their Office 365 subscription). That would explain why the test users contacted me saying "my outlook is nagging me for a password, and I'm using my office 365 password, but it doesn't work" - and I'd tell them to use their computer password because their computer is in a domain environment, thus the local AD password, which is now synced with their Azure account. OK - lesson learned. Now I shall implement a password policy so the user will be forced to make a strong password. I wish I knew this ahead of time as I would have set up a policy on my local AD and forced everyone to redo their passwords. Moving on - I've noticed that Azure AD joined devices don't show up my local AD devices/computers. Aww, I'm not using Device Writeback. And since I'm not and this new Windows 10 machine which is Azure AD joined, but not showing up in my local AD devices/computers - well, my local AD doesn't even know it exists, thus, it's running in batch files during login to map network drives. OK, I understand. I can run the batch file manually for a few computers as I set them up - but I don't want to do it for 100 users! So I should be using Device Writeback in my Azure AD Connect tool. That should solve that problem. Sorry, I don't really have any technical questions. More ranting a conversation here. Any other hidden tips I should be aware of before rolling this out for an entire company? I've read just about everything possible on the Azure AD Connect, but as I do more stuff, I find more stuff I've never read about. I'm sure there are some hidden tricks, secrets, and other stuff hiding (if you do this, that will happen, which in turn will cause this/that to happen too - so be aware). Thanks for listening.Storage Migration Services Issue with scanning and validation
Here's my setup: Source server: Win 2008 R2 that has 5 shares on it (all from the same drive - D Drive). This is my AD and DC and DNS server. Destination server: Win 2019 Std. This is my secondary AD/DC/DNS. I have Windows Admin Center with Storage Migration Services setup. Both computers have 100% of their updates installed. During the project setup for Storage Migration Services - I'm adding and scanning a device (my 2008 R2 server). The scan goes fine, but the state will eventually tell me "Couldn't inventory some devices" - which is strange. I only have 1 device. Maybe it's talking about some folders. When I'm finally at the Transfer Data stage - validate devices: the validation fails with this message: We can transfer data from the source computer at maximum speed. This might fail when required software updates are not installed on the source. Fail: Error HRESULT E_FAIL has been returned from a call to a COM component. All the other validations pass. If I attempt to start the transfer, I get this error: Migration-01 : Start transfer : RemoteException: Transfer validation failed or was not run. Fix errors and rerun validation or override this check in Transfer settings. (Migration-01 is the name of the project I'm setting up). Not sure what's going on here. I suspect I need to resolve the first error, but I can't. I haven't found anything online related to this. The error is so generic it doesn't give me any information go really research. Can someone help? I'd greatly appreciate it. Thank you2.8KViews1like1Comment
Recent Blog Articles
No content to show