This article is about the backup and recovery of Group Policy Objects (GPOs) in the Active Directory domain environment. If the GPO files in SYSVOL are modified, corrupted, or deleted, GPO backups allow you to revert to a previous version of the policy.
Continue reading “Backup and Restore Group Policy Objects (GPOs) in Active Directory”
Category: Windows
In order to safely run third-party services in Windows, you can use a user account that doesn’t have local administrator permissions. To do this, you must change the local security policy settings to allow the user to log on as a service.
Continue reading “Run a Windows Service with a Non-Admin User Account”
The built-in WindowsAdministrator account has unlimited rights on the computer and, if compromised, gives the attacker complete control over the system. In this article, we will look at some basic techniques that can help secure Windows’s built-in Administrator account.
Continue reading “Securing the Built-in Administrator Account in Windows”
You can use self-signed certificates for internal use or testing of HTTPS web services. This means you don’t need to buy a certificate from a commercial CA or generate a free Let’s Encrypt certificate. This article describes how to use the OpenSSL tool to issue a self-signed certificate in Linux, bind it to the Nginx web server and add it to the trusted certificate list on the user’s computer.
Continue reading “Creating a Self-Signed Certificate in Linux with OpenSSL”
Split Brain DNS allows you to configure the DNS server to return different responses depending on the request source address (IP subnet). In this post, we will look at how to configure Split DNS on Windows Server using DNS policies (supported on Windows Server 2016 and newer).
Continue reading “Configuring Split-Brain DNS on Windows Server”
Trust relationships between AD domains allow users from one domain to authenticate to another domain. Trusting relationships are most often configured when merging or migrating multiple organizations.
Continue reading “Create Trust Relationship Between Active Directory Forests”
Active Directory Certificate Services (AD CS) allows you to deploy your own PKI infrastructure on a domain network and use it to issue and manage certificates. In this article, we will look at a typical Certification Authority (CA) deployment scenario: installing a root CA and subordinate enterprise AD CS on two Windows Server hosts, and configuring Group Policy to issue certificates in a domain.
Continue reading “Install Active Directory Certification Authority (ADCS) on Windows Server”
The Active Directory Recycle Bin allows a domain administrator to restore any deleted object (user, computer, security group) in the AD domain. AD Recycle Bin is available in all versions of Active Directory starting with Windows Server 2008 R2. In this article, we will show how to enable the Active Directory Recycle Bin and restore a deleted user.
Continue reading “Active Directory Recycle Bin: How to Enable and Restore Delete Objects”
Windows lets you mount any shared (SMB) network folder located on a remote computer or server as a local drive. In this way, you can also connect a share on a NAS device or a USB drive that is connected to the network router. The mapped network folder is assigned a separate drive letter that can be accessed in File Explorer and file managers.
Continue reading “Mapping Network Drives (Shared Folders) on Windows”
When you try to select a hard disk to install Windows 10/11, Windows Setup may display an error message:
Continue reading “Windows Cannot Be Installed on Disk with GPT Partition Style”