Manipulate the ‘NameID’ SAML content – part 1
In this article I will show you a way to connect a guest (company) via SAML to allow them access to your Citrix environment without the need for adding the guest companies suffix to your domain.
Active Directory
Manage Native OTP tokens via Windows, Part 2
A couple weeks ago someone asked me if OTP4ADC could also support encrypted tokens. And at that time I hadn’t done anything with encrypted tokens on a Citrix ADC. And if you not have heard of the OTP4ADC tool/script you can read my initial blog article from when I released […]
Manage Native OTP tokens via Windows 6
Today I want to release an early (beta) version of a new tool I created, “OTP4ADC” With this tool you can add, remove or change the native OTP tokens used within your Citrix ADC, previously called NetScaler. It’s a powershell script but when you run it a GUI will be […]
Changing Microsoft ADCS from sha1 to sha256
When ADCS uses sha1 for their certificates, you might want to change it to sha254. NOTE: Make sure all your devices support sha256 sha1 sha256 To achieve this enter the following commands in an elivated DOS-box: certutil -setreg cacspCNGHashAlgorithm SHA256 net stop certsvc net start certsvc
Active Directory RecycleBin
Requirements: At least one Domain Controller running Windows Server 2012 with the Active Directory Administrative Center enabled. All Domain Controllers (or servers running AD LDS) must be running Windows Server 2008 R2 or higher. The Forest must be running at Windows Server 2008 R2 functional level. Import the Active Directory […]
AD Defragmentatie (Server 2012)
Stop de ADDS Service ntdsutil activate instance ntds files compact to c: copy “c:ntds.dit” “c:WindowsNTDSntds.dit” del c:WindowsNTDS*.log Start de ADDS Service
Profile Permissions
NTFS Permissions for Roaming Profile Parent Folder User Account : Minimum Permissions Required Creator Owner : Full Control, Subfolders and Files Only Administrator : Full Control (Microsoft actually recommends none but it simplifies things if you give admins full control) Security group of users needing to put data on share […]
FSMO
How to place FSMO and Global Catalog roles in Active Directory During installation of Active Directory on a Windows Server 2000/2003/2008 all FSMO roles will automatically be installed on the first server. But Best Practice dictates to move some of theese Flexible Single Master of Operation (FSMO) roles to seperate […]