How to disable the Cocreator feature in the Microsoft Paint app
How can I disable the Cocreator feature in the Microsoft Paint app using the Active Directory Group Policy Management Console (GPMC)? If it is not possible to disable only the feature, please tell me how to disable the Microsoft Paint app itsel.
Certificate Authority Revocation issues: CRL db lost in migration
We currently have a CA which was migrated from a retired server no longer available - over 6 months now but they didn't complete the migration, and the revocation database is missing. We're now experiencing issues with certs issued but the former server that it cannot issue renew certs. What is the best approach to this? I can create another CA server but what about the root certificate of the current one? How do you point renew requests to the new server if there is no revocation DB for the already issued certs? What about the current certs issued by the current server if I migrate the current one to a new CA? I do have copies of the system32\certsrv folder and CA backup from the retired server, but this backup was used to migrate the current one which resulted in its current state. Can the revocation db just be imported? Any help would be appreciated! Thanks.Reports on failed logins
Hello, In a Windows domain network, I want to know which user has made unsuccessful attempts to log into the system. I checked the Event Viewer of the server where Active Directory is installed. I checked the Event Viewer of the server where Active Directory is installed and filtered the logs based on Event ID 4625, but found nothing. I entered my password incorrectly several times for testing, but no log was recorded on the server. Why? Thank you.
One DC with two subnets - Best practices
Hi all Our company will expand with a second physical site, and therefore a separate LAN. We already have an Active Directory in place, running on a Windows Server 2022 machine, with DHCP and DNS services. So we will now have two separate local networks, connected with a site-to-site VPN on router/gateway level, and one AD controller. I was wondering if there is a guide/instructions for setting up such a scenario. Can one AD controller handle this setup? How can I properly set up the DHCP and DNS requests from two different LANs? Thanks for your helpDC Client DNS Config
Hello, We have two buildings and two DCs in each building. The network speed within each building, between DCs, is 10Gb. The network speed between the buildings is 1Gb. There is a single domain and a single AD site. Each DC has AD integrated DNS. What should the DNS settings be on each server? I'm thinking.. Building 1 DC1 Building 1 DC2 Building 2 DC1 Building 2 DC2 Loopback Building 1 DC2 Building 1 DC1 Building 2 DC1 Building 2 DC2 Loopback Building 2 DC1 Building 2 DC2 Building 1 DC1 Building 1 DC2 Loopback Building 2 DC2 Building 2 DC1 Building 1 DC1 Building 1 DC2 Loopback If there were two AD sites, I'd have each site DC1 point to DC2 on the same site and itself by loopback. I'd have DC2 point to DC1 on the same site and itself by loopback. But with a 1Gb link between buildings, it doesn't seem necessary to have two AD sites so I have four DCs in the same AD site. Thoughts and references if possible. Many thanks.
Arquivos .tmp sendo criados no servidor
Bom dia. Estou tempo um problema e ja esgotei minhas tentativas de correção. O meu servidor de arquivos esta criando arquivos temporarios conforme a manipulação e criação dos arquivos salvos no servidor. Estes arquivos ficam impossibilitados de serem deletados ate proximo restart do servidor, e em seguida voltam a ser criados novamente. Gostaria de saber se alguem ja presencial um acontecimento deste e se sim, como foi corrigido. Segue a imagem com os arquivos criados. OBS. As pastas do servidor tem sincronismo com o GoogleDriveGroup Policy to allow specific users to install specific software without admin privileges
I am a newly system administrator for an organization and I am trying to create a Group Policy that will allow specific users to download and use certain software like LogMeIn123 without having to use admin privileges. We don't want to give full admin rights, but only for this specific instance. I have done some research, but I am not sure the best way to set this up. The problem is our IT team consists of 3 members total and cannot be everywhere at once and this would be beneficial in key times. I have seen some people recommend using a login script, but I am not sure how to do that. I have also seen some people recommend using a third-party tool which is out of the questions for our organization. I am also open to other ways and ideas of having preforming this. Can anyone please provide me with some instructions on how to set this up? Thanks in advance for your help! Additional information: I am using Windows Server 2012R2. I have a list of the specific users that I want to allow to install LogMeIn123. I have the LogMeIn123 installation file located on a network server.
