Steps to secure Active directory pass the hash attack and clear text . . . Limit groups accounts with full Active Directory rights, especially service accounts Protect every copy of the Active Directory database (ntds dit) and don’t place on systems at a lower trust level than Domain Controllers Configure Group Policy to prevent local Administrator accounts from authenticating over the network
Could not create the NTDS setting object in Window Server 2008 R2 12 29 2010 19:13:47 [INFO] Configuring the local computer to host Active Directory Domain Services 12 29 2010 19:13:56 [INFO] EVENTLOG (Warning): NTDS General Internal Configuration : 1463 Active Directory Domain Services has detected and deleted some possibly corrupted indices as part of initialization 12 29 2010 19:13:58 [INFO] EVENTLOG
User Profile Service Not Syncing Manager Using Active Directory Import ANSWER: After several weeks with Microsoft support we found out that when using the User Profile Active Directory Import setting you have to leave the manager mapping in the User Profile Properties blank in order for them to sync If you map the manager field to an Active Directory attribute SharePoint will not be able to resolve the user