I’m currently working through an upgrade of TFS2010 to TFS2012. In our old configuration, TFS, Sharepoint, and Reporting Services were on the same server, with the rest of the DBs on a separate SQL server. During the upgrade, we put Reporting Services on the SQL Server and put Sharepoint on it’s own server. We also … Read more
I’m trying to create a scheduled task on Server 2012 R2 to run as a domain service account. I select “Run whether the user is logged on or not”, and select the domain service account, click on OK, enter the credentials, and then I get this error message: An error has occurred for task LPAEmail. … Read more
Our Unix systems rely on corporate AD for authentication and authorization. We need to create a few “role” accounts, which shall not be able to login themselves, but to which other accounts (belonging to real persons) will be switching (with ksu or sudo). The accounts will also need to run cron-jobs and some daemons. The … Read more
I had a standalone machine running SQL Server 2008 R2 that I joined to a domain. I set up an MSA and set all of the SQL services to log in under it. I can access the DB remotely and run queries, but database mail doesn’t work. I created a user in MSDB for the … Read more
I have a workstation, running Windows 8.1, that is joined to a domain. I want to create a local (non-domain) user without the ability to log on interactively. I’d like to avoid Group Policy because the work I’m doing is just for testing – there is a production environment with a user that does not … Read more
I have SQL Server 2012 running in an Active Directory Domain environment. I set up a Managed Service Account for the SQL services to run under, as per this document. Since my domain functional level is 2008, it’s a regular MSA and not a gMSA (group). So far, so good. The problem is that I … Read more
I created more than 5 service account in GCP to use Pub/Sub services. Now, I want to delete 4 of the 5 accounts. But I don’t know which 4 accounts are not using, which one is active. I don’t want to check all the Json config file any more, there are so many servers and … Read more
We have a patching service which is a windows service that patches the non domain controller and domain controllers. Currently we were using same service account(account_abc) which has a Domain Administrator privilege to patch all the servers We are planning to remove this privilege due to security reasons. So now we have to come up … Read more
I went and looked at a service that was run by a domain user. The process for the service read from a file on the machine’s hard drive, and in the ACLs for that service there was an ACE for the local domain administrator group. And inside the domain administrator’s group, there was the domain … Read more
I have downloaded the GCP service account key to my local system. In Terraform, I have set the GOOGLE_APPLICATION_CREDENTIALS as a path to this file in the startup-script part of my bastion instance. Below is a snippet: variable “credentials”{ default=”C:/GCP/service-account-key.json” } . . . . . . metadata= { startup-script=<<SCRIPT export GOOGLE_APPLICATION_CREDENTIALS=”${file(“${var.credentials}”)}” SCRIPT } Later … Read more
