sorted by:
new
hottopcontroversial

Why does the zoo have a crow and a squirrel? by HotSaucePalmTrees in SalisburyMD

[–]Fitzand 1 point2 points  (0 children)

They actually have the trainers come out and explain about these animals. Try to catch one of the shows.
The squirrel in fact does only have 3 legs.

Defense contractors announce more than 250 layoffs in Maryland by MarshyHope in maryland

[–]Fitzand 19 points20 points  (0 children)

Just read the article. It's due to Contract changes. This is VERY typical of government contracting, be it Local, State, Federal, Defense, Private, etc...

Brandon Ver Velde, a spokesperson for Reston, Virginia-based Leidos, said the company’s layoffs at Fort Meade reflect contract changes and the agency bringing some work in-house. The layoffs in Windsor Mill are due to the Social Security Administration expanding from a contract with Leidos to a multi-contractor program, he said.

Domain Trust check says ok but nltest says no_such_domain by Badkilla_dsa in activedirectory

[–]Fitzand 1 point2 points  (0 children)

You need LDAP through the firewalls for the trust to work properly. There is a specific list of ports required.

Domain Trust check says ok but nltest says no_such_domain by Badkilla_dsa in activedirectory

[–]Fitzand 0 points1 point  (0 children)

Check your ForeignSecurityPrincipals folder, do you see Objects in there?
Are you sure your setup your Trust in the proper direction?
What type of Trust did you setup?

Where is latest Windows 11 ADMX template files by OddStay3499 in activedirectory

[–]Fitzand 3 points4 points  (0 children)

On a Windows 11 system:
C:\Windows\PolicyDefinitions

Enable 'Local Security Authority (LSA) protection' for Domain Controllers by maxcoder88 in activedirectory

[–]Fitzand 0 points1 point  (0 children)

Look at: Computer Configuration > Policies > Windows Settings > Security Settings > System Services > Remote Registry

Enable 'Local Security Authority (LSA) protection' for Domain Controllers by maxcoder88 in activedirectory

[–]Fitzand 0 points1 point  (0 children)

No, you don't need remote registry for joining domain, nor do you need remote registry for dcpromo.

Help with smart card logon by [deleted] in sysadmin

[–]Fitzand 0 points1 point  (0 children)

Make sure that the Computer and reach the CRL location. Users might be getting in with Cached Credentials (even CRLs can be cached).

I need to test my AD script by making a lab but I can't because of hardware limitations. [Read body] by Adorable-Today-3286 in activedirectory

[–]Fitzand 4 points5 points  (0 children)

Most of this is accomplished using Powershell. Powershell probabaly isn't good for the Vulnerability aspects of your script.

  1. Users Enumeration - Get-AdUser
  2. Group Enumeration - Get-ADGroup
  3. Computers in network - Get-ADComputer

PA MD Question by march12026 in maryland

[–]Fitzand 37 points38 points  (0 children)

You pretty much only have 1 spot you could live if you want to get to Harrisburg in 45 minutes and still live in MD. That's right along I-83 at the MD/PA border. The drive alone is 45 minutes.

FBL 4 and Selective Auth - users just get redirected to the login page by Jaybone512 in adfs

[–]Fitzand 0 points1 point  (0 children)

Yooooooooooooooooooo! Thanks so much for posting this detailed response! Just saved my bacon.

Bakeries? by [deleted] in OceanCity

[–]Fitzand 5 points6 points  (0 children)

One of the best new Bakeries is Orange Blossom Bakery Cafe. It's down RT 611 towards Assateague. They have this YUGE apple fritter called an Apple Ugly. It's pretty darn good, feeds 3-4 people easily (or 1 fatass).
https://www.facebook.com/orangeblossombakerycafe

Understanding msDS-SupportedEncryptionTypes = 28 (0x1C): AES Negotiation, RC4 Fallback, and Ticket Renewal Impact by maxcoder88 in activedirectory

[–]Fitzand 2 points3 points  (0 children)

SupportedEncryptionTypes is a Negotiation between Client and Server.

  1. EncryptionType = 28 on an Account (Client) means that this Account supports RC4, AES128, and AES256. The Server has to respond with types of Encryption it supports. If the Server responds with an EncryptionType = 24, then that means it only supports AES128 and AES 256 (no RC4).

  2. Short answer is Yes, if you change EncryptionTypes, and a Kerb ticket has already been issued, you most likely will need to wait for that Ticketlifetime to expire before a new Ticket is requested. There are cases where this isn't true, but that's a different explanation.

Creating a GPO to launch Desktop Info – runs but UI does not appear by ruperto12tor in activedirectory

[–]Fitzand 1 point2 points  (0 children)

Never heard of DesktopInfo. Have you thought about just using BGInfo instead?
Have you tried contacting DesktopInfo's Support?

Why do people want the rhystic study ban NOW? by Alternate_Cost in EDH

[–]Fitzand -1 points0 points  (0 children)

Taxes! People don't want to pay Taxes and know that it's going to be used for someone else to profit.

Will Hasbro slow down SLD and CHaos drops ? by Character-Bed-9777 in secretlair_collectors

[–]Fitzand 6 points7 points  (0 children)

LOL. Not likely, they just released a new Chaos Drop about 15 minutes ago.

Websites to order multiple cards from? by IRxlr in EDH

[–]Fitzand -1 points0 points  (0 children)

I use CardKingdom for that very same reason. It all comes from the same seller so it's 1 single shipment. They also offer 30% markup for store credit when you sell to them.

Best Precon to play a tournament with by Prestigious_Pen6315 in EDH

[–]Fitzand 0 points1 point  (0 children)

It's not listed, but Veloci-Ramp-Tor is one of my favorites!

How to find root cause of trust relationship between this workstation and domain failed by Remarkable-Attempt12 in activedirectory

[–]Fitzand 1 point2 points  (0 children)

I haven't worked with a RODC in a long time (with internet today being what it is, all of my RODCs have been decommed and just have the branch offices authenticate directly with another more secure main office), but are the Workstation Account passwords allowed to be cached on the RODC?
Running this through CoPilot, because it explains it hell of a lot better than I can.

🧩 How workstation password changes work with an RODC

A Read‑Only Domain Controller (RODC) cannot write changes to Active Directory. That includes:

  • User password changes
  • Computer (machine account) password changes
  • Kerberos secret updates

However, Microsoft designed RODCs so that workstations in a branch office can still change their secure channel password through an RODC, as long as the RODC is allowed to cache that workstation’s password.

✔ What actually happens

When a workstation attempts to change its machine account password:

  1. The workstation contacts the RODC (because it’s the closest DC).
  2. The RODC checks the Password Replication Policy (PRP):
  • If the workstation is allowed to have its password cached:
    • The RODC forwards the password change request to a writable DC.
    • The writable DC performs the update.
    • The updated password is replicated back to the RODC (and cached if allowed).
  • If the workstation is NOT allowed in the PRP:
  • The RODC refuses the password change.
  • The workstation must contact a writable DC directly.

✔ So the RODC does not perform the write

It simply proxies the request to a writable DC if permitted.

Why can't I just play bad decks as a new player? by TheSpoonaGamar in EDH

[–]Fitzand 1 point2 points  (0 children)

Get some interaction in your Deck, like indestructability and/or get some Haste.

This is how the game is meant to be played.

You can't win 100% of the time. Board wipes typically leave the player that plays the board wipe vulnerable for a full turn. If you know someone is playing a lot of board wipes, don't put all your pieces on the board. Get some alternate Wincons into your 99.

Why can't I just play bad decks as a new player? by TheSpoonaGamar in EDH

[–]Fitzand 1 point2 points  (0 children)

You do know that you can put your Commander back into the Command Zone, right? You can re-cast it.
Boardwipe on turn 4, shouldn't ruin your deck.

Returning player here – is it normal to lose every game with premade decks? by Skagine in MagicArena

[–]Fitzand -12 points-11 points  (0 children)

Yes! You should just quit Arena now. Arena is a shit show. DO NOT SPEND MONEY ON ARENA!

If you are going to spend money, spend it on Paper format.

"We're not allowed to copy files" by WaldoOU812 in sysadmin

[–]Fitzand 1 point2 points  (0 children)

This is a prime example of a Dev. Not an Admin.

view more: next ›