Remote execution

Problem with remote execution

One of my customers wanted recently to run a remote administration using a local account. The firewall on the server was disabled and inactive UAC. However despite these operations, it was not possible for a local account (non-administrator) to perform the remote operation.
Lire la suite de

Manage local Account

Manage Local Account Password

An element that is rarely changed it’s the password of local accounts. It is common to put the same password for a local administrator on all workstations and servers. This has created an impact of a security breach.
It’s important to have a different password on each machine and server. Thus in case of a compromise of passwords, the other machines / servers are not impacted. However a regular change of password or managing a machine password can greatly complicate the daily administration.

Lire la suite de

Manage version CB-CBB

What is Windows As A Service ?

Before Windows 10, Microsoft implemented a major version of an operating system through a package service.A new version of the system appeared after several years.It was common to have significant differences in the nucleus of different operating system.
With Windows 10 , a new management of major release appeared. Indeed every 4 months (for Current Branch – CB) or eight months ( Current Branch For Business – CBB), Microsoft provides a new release of Windows 10.
Lire la suite de


Problem Bitlocker

During a Bitlocker project at a customer I had a problem with the storage of bitlocker recovery key in Active Directory
After you set up group policy which configured the desktop and laptop client (store in AD the recovery key, use tpm,…), I launched the script which enabled BitLocker on the system partition or opther partition. The bitlocker has been actived and partition has crypted, however the recovery key was not stored in the Active Directory. After several tests, I realized that some partition encryption failed (error message when i try to initialize TPM chip) and this randomly.
The project consisted to encrypt partitions systems from a laptop computer to decrypt the partition using the TPM chip.

Lire la suite de

Problem Active Directory

Problem Active Directory

Migrating Active Directory at one of my clients, it seems interesting to share a solution to a problem. When you update the schema to add the RODC objetcts (adprep /rodcprep), an error 0x3 appears. At the time of depromote domain controller, the error messages appear informing me of a problem.

A surviving domain controller must seize any operations master roles, also known as flexible single master operations or FSMO, that were previously held by the forcibly demoted domain controller. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Lire la suite de

RSAT Windows 10

RSAT Windows 10

Administration can be performed locally on the servers (domain controller, file server, print,…). However it is often easier to proceed with the configuration of the server since its local post or a central server. This allows to avoid multiplying connections on multiple servers.

The position or the central server must obviously have different consoles to administer the roles offered by servers (active directory, DHCP,…).

Lire la suite de

L’importation des pilotes Windows 10 avec SCCM 2012 R2 SP1 et SCCM 2012 SP2 peut poser des problèmes.

Après avoir effectué l’importation, l’évènement ci-dessous est présent dans le journal DriverCatalog.log

Initializing driver digest from ‘\\server\Windows10-x64\{Windows10-driver}.inf’\\server\Windows10-x64\{Windows10-driver}.inf is not applicable to any supported platforms.Driver is not applicable to any supported platforms. Code 0x80070661

Pour solutionner le problème, il est nécessaire d’installer le CU1 pour SCCM 2012 R2 SP1 et SCCM 2012 SP2. Ce dernier est disponible ici

Source :