Local Administrator Password Solution (LAPS) - Cannot Reset Password

Description:

You have properly setup Local Administrator Password Solution (LAPS) in your Domain Environment.

• Admpwd.dll is being deployed and register at client computer
• Group Policy to manage password is configured and linked to the proper OU
• Permission to read and reset password is properly setup at the OU

However when you try to reset the local admin password for one of the computer, the new password never get generated automatically.

Resolution:

Please check the time configuration on where you reset the password. Does the machine time sync properly with the Domain Controller? If not, please fix it, restart the machine, and try to reset the password again.

Please also check the following registry at the machine:

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters

Value Name: Type

Value Data: NT5DS

Azure AD Connect - AD DS Connector Account

If we want to know the specifics of the service account for the Active Directory connector(s). 

Use the following two lines of Windows PowerShell:

Import-Module "C:\Program Files\Microsoft Azure Active Directory Connect\AdSyncConfig\AdSyncConfig.psm1"

Get-ADSyncADConnectorAccount

Network Policy Server (NPS) - Event Logs not appear

Description:

You have setup NPS in your environment and it seems to work properly. However when you check the event viewer at Custom Views\Server Roles\Network Policy and Access Services, you only saw very minimum event.

Resolution:

Run the following at elevated command prompt on the NPS Server

auditpol /set /subcategory:"Network Policy Server" /success:enable /failure:enable

PowerShell Script to Find Last Logon Date Information from Computer with Windows 7 Operating System

Description:

You need to get a list of all Windows 7 computer with Last Logon Date information in your domain.

Resolution:

Run the following PowerShell command:

Get-ADComputer -Filter * -Properties OperatingSystem, LastLogonDate | where {$_.OperatingSystem -match "Windows 7 Professional"} | select Name, OperatingSystem, LastLogonDate | sort LastLogonDate –unique | Export-Csv c:\workcomputers.csv

Error when Upgrading Azure AD Connect version

Description:

When you upgrade Azure AD Connect from a previous version, you might encountered the following error: "Upgrade cannot proceed because the Azure Active Directory connector (b891884f-051e-4a83-95af-2544101c9083) is missing.

Resolution:

Make sure the PowerShell Execution Policy is set to unrestricted. You can check by running the following command at PowerShell:

Get-ExecutionPolicy

To change the execution Policy to unrestricted, run the following PowerShell command:

Set-ExecutionPolicy Unrestricted

Type Y when asked.

Re-Run the upgrade process again.