SUMMARY:

• Professional Experience on Windows, Active Domain Services and VMware administration.
• Renovate, design and implement Microsoft Active Directory (Access Controls, Group Policy, Kerberos Authentication, naming standards, trust relationships, best practices, security policies and standards). Ensure all Directory Services solutions and Operating System designs are secured and HIPAA/FERPA compliant. Assist with security incidents and provide digital forensic analysis as required by ISO.
• Experience with Virtualization technologies like Installing, Configuring and administering VMware ESX/ESXi and created, managed VMs (virtual server) and also involved in the maintenance of the virtual server.
• Windows and VMware with Core Experience with Active Directory Administration and VMware virtualization technologies and Sr Operations Support.
• Experience with NetIQ Directory Resource Administrator (DRA) product requires regular read and write access into the Active Directory Domains, and any Office 365 tenants managed by each DRA Server. ensure this process occurs in a timely manner each DRA Server will cache a limited number of properties about all AD object types supported by DRA
• Implementing, Maintaining AD Infrastructure as a service in Microsoft Azure cloud platform
• Implementing, Maintaining AD Infrastructure.
• Providing security for servers using iptables, ssh, kerbos
• Install, configure and maintain VMWARE ESX virtual environment.
• Installed, configured, and maintained multiple production and development servers
• Designed and maintained both Solaris and Red Hat Linux infrastructures
• Provided system and log analysis, performance tuning, and monitoring.
• Maintained and support eTrust Access Control and KERBOS for all UNIX user accounts
• Troubleshooting weblogic, tibco, and java related problems in production, staging and QA environment
• Installed, configured and provide support for the LDAP in the development, testing, staging and production environment
• Design and configuring AD Forests, Domains, Trusts, Group Policy, OU's, promotion & demotion of domain controllers.
• An Active Directory Engineer Designing, implementing changes, troubleshooting, supporting Enterprise Wide Windows Active Directory environment composed of Multi - Forest environment with different Trusts, Multi-Forest migration and creation, multiple Domain environment, multiple domain consolidations and retirements, Sites and Services, Site replications, domain controllers holding different FSMO roles, DNS troubleshooting,
• User base accounts of 15,000 and Windows server count of 2,000 running different flavors of Windows Operating Systems such as Windows 2012 R2, Windows 2008 R2 and Windows 2003.
• Involved in Designing domain Solutions such as Domain consolidation and trust creations both Forest level and Domain level.
• Supported and implemented Active Directory in relation to PCI DSS (Payment Card Industry Data Security Standard) best practices and guidelines to protect credit card information through the use of audit policies, control access via security groups and network segmentations.
• Exposures with Azure Active Directory compatibility. Extensive experience in deployment, migration, patching and troubleshooting of windows 2008 and 2012 R2 Domain Controllers in Active Directory.
• Monitoring the Active Directory Replication status of the Domain Controllers.
• Active Directory Services, DNS, Lync Administration, Power Shell in a very large network.
• Expertise in Active Directory design and support (Group Policy Object (GPO), Active Directory (AD) Schema, Organization Unit (OU), LDAP, Sites, Replication, etc.)
• Creating and Linking Group policies for Windows Server in AD domain.

TECHNICAL SKILLS:

VMware: VMwarevSphere 4.0/4.1/5.0, vCenter Server 4.0/4.1/5.0, ESX 3.5/4.0/4.1/5.0 , VMware Update Manager, HA, DRS, FT, vMotion, Storage vMotion, VMware Capacity Planner, VMware Workstation

Active Directory Skills: Active Directory Design, Active Directory Replication, Active Directory Maintenance and Troubleshooting, Azure Active Directory, Group Policy Management, Group Policy Design and Structuring, Group Policy, Troubleshooting, DNS Server Management Zone, Design DNS Server Troubleshooting, DHCP Server Design and Maintenance, PKI and Server Design and Maintenance, IP Address Management, Access Control, Design PowerShell Scripting, ITIL Foundations and MOF Guidelines

Windows Administration: Configuration of DHCP and DNS, installation and configuration of VPN client, Windows Server 2003/2008/2012 R/2016 - installation and configuration, installation and configuration of Active Directory creating users and groups, setting user access controls, domains creation and setup.

Networking: OSI Model, IPv4 and IPv6 addressing and subnetting, Ethernet LAN, TCP/IP, UDP, switches, routing concepts, virtual network concepts including vSwitches, VLANs, dvSwitch, TCP/IP stack for virtualization, configuration of printers and, scanners.

Hardware: HP ProLiant DL380 G5/G6 Intel Xeon, HP ProLiant DL385 G6/G7 AMD Opteron, Dell PowerEdge 2850, 2950, R710, HP BL 460c G5/G6 blade servers, C7000 HP Chassis. NetApp V6000 Series.

Operating Systems: Windows servers 2000, 2003, 2008, 2008 R2, 2012, Windows client OS XP/Vista/Windows 7.

PROFESSIONAL EXPERIENCE:

Confidential, CHICAGO, IL

Sr. AD Engineer/SME

Responsibilities:

• Implementing & administering AD Infrastructure.
• Redesigned total AD infrastructure and migrated to New forest from 2003 functional level to 2016 functional level
• Responsible for creating the HLD and LLD documentation
• Responsible to gather info from the other department like application team, Network team, Tech Ops team etc in planning phase.
• Implementing & administering AD Forests, Domains, Trusts, Group Policy, Organizational Units and Delegation permissions.
• Provide day to day support for AD infrastructures.
• Discovered the Source Forest, prepared documentation
• Created roll back/ disaster recovery plans
• Deployed internal PKI s to the internal sites in new forest.
• Troubleshooting AD related issues (DNS, Replication, server and User related issues).
• Troubleshooting AD user account lockout issues.
• Troubleshooting on AD trust related issues.
• Upgrading and patching servers as per the schedule.
• Troubleshooting AD permissions.
• Deploying servers using VMware and Hyper V
• Knowledge on Forefront identity management (FIM).
• Responsible production support of Active directory (AD), GPO, Domain users, Users and groups and given appropriate permissions, shares and privilege to access LAN and Domain environment.
• Creating group policy objects as per security requirements.
• Identifying and cleaning stale records in AD environment.
• Identifying uncertain AD groups and cleaning up accordingly.
• Installing and managing DNS, DHCP, ADFS, IIS, SSL, LDAP and FTP Servers.
• Experience in Migrating Users, Groups, computer and servers from cross forest
• Infrastructure using ADMT and Quest, Binary migration tools.
• Experience in deploying PKI Infrastructure.
• Deploying and managing Microsoft WSUS.
• Migrating AD user objects, computer objects, group objects from one domain to other.
• Migrated legacy applications to Windows using Azure.
• Managing Servers, PCs, Laptops, Printers & Peripherals
• Experience in deploying and managing Key Management server.
• Knowledge on System center configuration manager (SCCM) tool.
• Experience in implementing and updating AD schema changes.
• Experience managing Servers, PCs, Laptops, and Printers & Peripherals.
• Experience in Power Shell Scripting for Creating, deleting & Managing Users and to automate AD health checks and Exchange daily tasks.

Environment: AD, MS Exchange 5.5 servers, LDAP, Windows 2008R2/ 2012R2/ 2016, DNS, DHCP, WINS, SSO, Power Shell, QMM, Change auditor, InTrust, VMware, Hyper V, FIM, DNS, DHCP, ADFS, IIS, SSL, FTP, ADMT, PKI, WSUS, Azure, Okta.

Confidential, Northbrook, IL

Sr. Active Directory Administrator

Responsibilities:

• Reviewed Active Directory and exchange structure and made recommendations for changes to follow Microsoft best practices
• Extensive professional experience in Windows R2/2012 R2 Servers, Active Directory.
• Servers Check and performance monitoring for all the Wintel servers (1500 windows servers).
• Experience in troubleshooting AD issues (DNS, Replication, Server related issues & User related issues)
• Expertise in Migration Using Quest Migration Manager Tool for Active Directory
• Active Directory Recovery (Quest Recovery Manager, ADrestore, LDAP and Authoritative Restores).
• Experience in installing, configuring SiteMinder policy server, Web agents, Netegrity Transaction Minder, Active Directory server (LDAP) and various Web & Application servers.
• Expertise in managing the users and objects using Identity Manager
• Managing Backups and restore of domain controllers using Dell Recovery Backup Manager Tool.
• Experience in PowerShell scripting.
• Created custom network scanner in PowerShell to populate asset database.
• Maintained custom PowerShell scripts that interact with Office 365, Active Directory, SQL, and VMware.
• Developed PowerShell script for VM Machines & VM Host reporting
• Developed PowerShell script for SQL Reporting
• Experience with NetIQ Directory Resource Administrator (DRA) product requires regular read and write access into the Active Directory Domains, and any Office 365 tenants managed by each DRA Server. ensure this process occurs in a timely manner each DRA Server will cache a limited number of properties about all AD object types supported by DRA.
• Handled operation performed by a DRA Server requires information about a specific AD or cloud object, that DRA server will look to its local off line cached.
• Support AD object attributes not stored within our cache, the DRA Server will issue a call directly to a specific Windows Domain Controller or Online Office 365 portal to obtain these properties. sync FROM AD or the Office 365 Tenant TO DRA.
• Used Windows 2000 and later uses Kerberos as its default authentication method.
• Used Kerberos preferred authentication method: In general, joining a client to a Windows domain means enabling Kerberos as default protocol for authentications from that client to services in the Windows domain and all domains with trust relationships to that domain.
• Used Intranet web applications can enforce Kerberos as an authentication method for domain joined clients by using APIs provided under SSPI.
• Handling refresh updates will pick up any changes made to an AD or Cloud object since the last cache refresh.
• Monitoring the Domino mail servers across the country for mail routing, Database quotas and access, web-mail access, Cluster replication, database replication, server tasks, server health etc.
• Implemented best practices for the enterprise backup and disaster recovery architecture with VEEAM and Commvault.
• Register, rename, recertify, and delete users, move users to new certifier, move users mail files to Different server, modify person docs, database access issues, out of office agents, modify location Docs, creating mail-in databases, distribution lists, ACL only, Mail only, and Multi- Purpose Notes Groups etc.
• Determining causes of delivery failures through message tracking, tracert, and examination of server Log file and configuration etc.
• Providing daily monitoring, analysis, troubleshooting & management of around 13000 Lotus mail users. Troubleshoot mail routing problems (Trace mail)
• Installing and configuring Lotus notes R-6/6.5. Replication & archiving of mail & other databases
• Assisting and help desk technicians.
• Involved in Virtualization / Decommission of Siteminder policy servers and SunOne Ldap servers across multiple data centers.
• Involved in detailed setup for troubleshooting and implementation of support procedure.
• Experience in configuring multiple LDAP instances and defined LDAP Schemas.
• Defined and maintained Sun and Active Directory (LDAP) security models
• Administered policy and user stores using the Sun ONE Directory servers while also providing redundancy and availability.
• Managed Group Polices, Security groups, and file shares for Trinity enterprise
• Used Operating System Deployment (OSD) module of the Microsoft Deployment Toolkit (MDT) to create automated server builds for both physical and in VMware ESX 5.5 environments.
• Also used Powershell scripts to automated server builds for both physical and in VMware ESX 5.5 environments.
• Experience in installing, configuring and managing infrastructure using VMware technologies viz. ESX/ESXi 4.x/5.x/6.x, vSphere 5.0, vCenter, VMware View 5.0/5.5, 6.0VMware vCenter Converter etc.
• Expertise provisioning, building, installing and configuring and support of Windows 2012/R2/2008/R2/2005/2003 Servers, upgrading Windows Server 2003 to Windows 2008 and 2012 on both physical and virtual machines to ensure server compliancy as part of the upgrade/build process.
• Strong knowledge and experience on VMware and VMware vSphere 5 features including Virtual SMP, Storage DRS, profile driven storage, auto deploy and vSwitches design.
• Converted many (P2V) physical servers to Virtual Machines using VMware vCenter Converter part of decommission legacy server’s effort.
• Experience in Network configuration on ESX servers which include NIC teaming / Bonding for Failover and Load Balancing purpose, VLAN's etc.
• Experience with Microsoft Network Load Balancing and Microsoft Clustering technologies.
• Troubleshoot System Center Configuration Manager (SCCM) Client issues so that Patch deployment had a higher success rate.
• Configured Azure Active Directory to be used as Identity Management for Business to Customer Applications (AAD-B2C)
• Upgraded environment to System Center Configuration Manager (SCCM) from R2.
• Did design and architecture work for up grading enterprise from Active Directory
• Did Domain Controller promotions on 2012 member servers
• Did Domain Controller Demotions to eliminate 2003 DCs
• Did 2008 DC Health checks
• Did design and architecture work up grading enterprise from Exchange 2007 to Exchange 2013
• Served as Active Directory Federation Services (ADFS) Subject Matter Expert
• Implemented Active Directory 2012 into the enterprise
• Configured Windows 2012 R2 Direct access to Windows 7 Domain resources
• Configured VMware Templets to be deployed into the enterprise environment
• Created Windows Management Instrumentation (WMI) queries in System Center Configuration Manager (SCCM) R2
• Created SCCM server baselines to secure all enterprise servers to remedy finding in a security audit
• Experience in Rack and Stack HP ProLiant DL servers (DL580s), Cisco UCS blade B200 M3 including power and network cabling, managing multiple hardware configurations & ensuring power, network redundancy of all servers.
• Experience writing both Power Shell and PowerCLI scripts to automate Virtual Machine builds and DNS entry configurations.
• Excellent interpersonal, communication and organizational skills with the ability to interact effectively with employees at all levels within the organization

Confidential, Houston, TX

Active Directory Enterprise Engineer

Responsibilities:

• Install, configure and maintain VMWARE ESX virtual environment
• Installed, configured, and maintained multiple production and development servers
• Designed and maintained both Solaris and Red Hat Linux infrastructures
• Provided system and log analysis, performance tuning, and monitoring.
• Maintained and support eTrust Access Control and KERBOS for all UNIX user accounts Implemented Proof of Concept for Oracle Identity Manager.
• Implemented Pilot for IBM Tivoli Identity Manager.
• Implemented Proof of Concept for Active Directory Lightweight Directory Service. (AD LDS)
• Design and Deploy AD LDS as authentication store.
• Design new solution to integrate all applications through one authentication store using AD LDS.
• Design Single Sign On (SSO) through Claims-Bases authentication using Active Directory Federated
• Service (ADFS)
• Design and Deploy AD LDS as authentication store.
• Installation and configuration of ADFS 2.0 and ADFS 1.1 as Federated Secure Token Server (STS)
• Migrated users from multiple Active Domains and open LDAP to AD LDS.
• Design and Implementation of FIM Service and Portal.
• Integration of SAP with FIM.
• Implemented Forefront Identity Manager (FIM) Sync Server Manager.
• Designed solution to implement multi-authentication for web facing and cloud applications.
• Implemented self service component for account management by users.
• Implemented Authority and created s for SSO implementation.
• Managing and maintaining DHCP, DNS and AD Services.
• Managing and maintaining Active Directory, DNS, DHCP servers and Event Logs.
• Managing and marinating ADRMS server.
• Managing and maintaining CA ( Authority Server).
• Managing and maintaining group policy (Citrix, terminal server, adrms, CA enrollment.
• Installation/Configuration/Troubleshooting of Windows Server 2003/2008 and Active Directory.
• Windows 2003 and 2008 troubleshooting.
• Involved in AD migration., Aware Quest and AD Migration tool.
• Helping to team to rectify the issue.
• Used Windows 2000 and later uses Kerberos as its default authentication method.
• Used Kerberos preferred authentication method: In general, joining a client to a Windows domain means enabling Kerberos as default protocol for authentications from that client to services in the Windows domain and all domains with trust relationships to that domain.
• Used Intranet web applications can enforce Kerberos as an authentication method for domain joined clients by using APIs provided under SSPI.
• From physical server racking, SAN fiber connections to installation and Setup of ESXi 5.1 hosts as well as the corresponding Virtual Machines guests for production and test environments.
• Setup for new production servers involving RAID configuration, VMware Tools installation, Service Packs, Security Updates, Domain join, WSUS, NBU installation, ePO management, iLO setup and other.
• Monthly Windows Updates deployment using WSUS in a two days schedule to serve East and West divisions.
• Regular Administration of an environment comprising of 90 ESXi Servers 5.1 in vSphere 5.1 with 1490VM's across 2 Datacenters.
• Experience in Configuration and Installation of ESXi Servers 5.1 using normal GUI Installation with ILO.
• Knowledge of VMware Update Manager and manual Upgrade to ESX servers, creating baselines and pushing the patches for the ESX servers. Updated 24 ESXi servers from 5.0 to 5.1 manually.
• Used Power CLI on ESXi server administration to fix descriptor file for delta disks, relocating VMDKs and restoring VMs to vSphere.
• Experience on ESXi, vSphere Troubleshooting, Host Profiles, vDistributed Switches, HA, DRS, vMotion, Storage vMotion, FT, Resource pools, vCenter Permissions, Snapshots, Disk expansions, Templates.
• Mentored three coworkers to reduce deployment times by creating templates with Quickprep and cloning, P2V, migrating between ESXi servers in the cluster, fixing ESXi issues, CPU, BSODs.
• Knowledge in using SQL Server 2008 Cluster for vCenter server.
• Experience in P2V and V2V process for Windows Environments using VMware vCenter Converter.
• Configuring vSwitches for Port groups, NIC Teaming, Traffic shaping, Load Balancing VLAN tagging, Failover and Security Policies on the vNetworks and Basic Knowledge of Network I/O Control.
• Experience in storage provisioning process with NetApp, zoning, and volume and LUN creation.
• Knowledge in provisioning in Windows 2003/2008/2012 .
• High observance of specific time resolutions for Critical, High and Standard incidents using Remedy for Tickets, Incidents, Change Call management and Work Requests. Provided root cause analysis for any single production stop issue.
• Migrated from Windows Server 2003 to Windows Server 2008 R2 by either an in-place upgrade or creating a brand-new server to replace the old one.
• Administration, management, troubleshooting on the Microsoft Activation Status, clustering, and consolidated control by deploying SCCM 2007 solution for Update Management and OS Deployment for Windows Server 2008.