- Over 7+ years of IT experience, specializing in Server administration in various environments - Windows 2000/ with Active Directory Services (WINS, DNS, DHCP)
- Experience Azure Active Directory, Active Directory, Windows Admin and VM Ware Administration
- Developed a migration approach to move workloads from On-Premises to Windows Azure or develop new cloud-ready application solutions.
- Manage Identity Access management of Azure Subscriptions, Azure AD, Azure AD Application Proxy, Azure AD Connect, Azure AD Pass through Authentication.
- Having Experience Configuring and managing AzureAD Connect, AzureAD Connect health, Microsoft Azure Active Directory.
- Incessant idea generator, Optimising Specialized B2B Solutions.
- Resolved Azure AD issues relating to Office 365, Active Directory to AzureAD and CAIDM to Active Directory.
- Resolving the Sync issue Microsoft Managed Services Service Provisioning Provider (MMSSPP).
- Provided guidance in the planning, gathering requirements, recommendations, and implementation of data migration to Office 365, and configuration best practices
- Having Experience on creating and updating the Various PowerShell Scripts for windows, Active Directory, AzureAD and o365.
- Designing, Configuring and maintaining Active Directory Services on Windows Server 2003, 2008, 2012 and 2016(Test, Development) Domain controller.
- Install and Manage security reporting tools to monitor any Active Directory changes. Plan and manage all the migrations and upgrades related to Active Directory and Domain controllers.
- Expertise in Active Directory Setup and troubleshooting for any deleted objects and AD Recycle Bin.
- An Windows System Administrator Designing, implementing changes, troubleshooting, supporting Enterprise Wide Windows Active Directory environment composed of Multi-Forest environment with different Trusts, Multi-Forest migration and creation, multiple Domain environment, multiple domain consolidations and retirements, Sites and Services, Site replications, domain controllers holding different FSMO roles, DNS troubleshooting, User base accounts of 15,000 and Windows server count of 2,000 running different flavors of Windows Operating Systems such as Windows 2012 R2, Windows 2008 R2 and Windows 2003. Involved in Designing domain solutions such as domain consolidation and trust creations both Forest level and Domain level.
- Manged, supported and implemented Active Directory in relation to PCI DSS (Payment Card Industry Data Security Standard) best practices and guidelines to protect credit card information through the use of audit policies, control access via security groups and network segmentations. Exposures with Azure Active Directory compatibility.
- Microsoft Active Directory Administration
- Experience in Design and improvements of Azure B2B implementation and administration
- Payment Card Industry Data Security Standards (PCI-DSS)
- Experience designing, implementing and evaluating applications, systems and utilities relevant to Active Directory Domain services.
- Design and deployment of secondary sites for data replication and disaster recovery operations.
- Develop documentation and training for newly deployed and or upgraded Windows server environments.
- Profound experience in administration of user Accounts, Groups, Resources, Security, Backup strategies in window Servers
- Expertise in Migration Using Quest Migration Manager Tool for Active Directory.
- Extensive experience in deployment, migration, patching and troubleshooting of windows 2008 and 2012 R2 Domain Controllers in Active Directory.
- Monitoring the Active Directory Replication status of the Domain Controllers.
- Active Directory Services, DNS, Lync Administration, Power Shell in a very large network.
- Expertise in Active Directory design and support (Group Policy Object (GPO), Active Directory (AD) Schema, Organization Unit (OU), LDAP, Sites, Replication, etc.)
- Creating and Linking Group policies for Windows Server in AD domain.
- Experience in Performing the Domain functional level from windows server .
- Expertise in creating Group policy for User Drive Mappings.
- Helpful in providing support to third tier regarding client/server infrastructure and applications.
- Expertise in Migrating Users, Groups, Workstations and Window Servers from Source Domain to Target Domain.
- Responsible for core Global AD Infrastructure design, integrations, migrations of regional domain and resources, design and implementations of GPO security policies on Active Directory member servers, as well and auditing the group membership design (utilizing AGDLP) as it relates to member servers.
- Responsible for Public Key Infrastructure (PKI) issuance
- Microsoft AD PKI Administration support
- Provided Enterprise level Active Directory Architecture, engineering, Design and Documentation of the proposal approaches
- Design, build and maintain PKI Architecture in Active Directory Certificate Services
- Deploy and manage Public CA certificates
- Consulting and deployment of PKI solutions to application teams
- Design, recommend and deploy Active Directory Auditing and data management products such as; native AD auditing, StealthBits Stealth Audit and Dell/Quest Change Auditor
- Implemented, supported Office 365 rollout within the enterprise as well as managed HP servers, Cisco switches and Fortinet Firewalls integrated with SolarWinds monitoring application.
Active Directory Skills: Active Directory Design, Active Directory Replication, Active Directory Maintenance and Troubleshooting, Azure Active Directory, Group Policy Management, Group Policy Design and Structuring, Group Policy, Troubleshooting, DNS Server Management Zone, Design DNS Server Troubleshooting, DHCP Server Design and Maintenance, PKI and Certificate Server Design and Maintenance, IP Address Management, Access Control, Design PowerShell Scripting, ITIL Foundations and MOF Guidelines
VMware: VSphere, VMware ESXI 3.5 and 4.1/4.0/5.0/5.1/5.5/6.0 , VMware converter, VMware Update Manager, Horizon View 6.x, HA, DRS, DPM, vCenter Orchester (VCO) vCloud Automation, Hyper-V, Center 6.0 (VCAC), VMware API, vMotion and VMotion, PlateSpin power converter.
Operating System: Windows Server NT 4.0/ 2000/2003/2008 / R2, WINTEL servers, Windows XP/Vista/7
Server Hardware: Dell PowerEdge, HP, VNX, IBM Servers, HPE 8000 3PAR Storage, HP P6500 EVA, EVA 6500
Networking Protocols: /others TCP/IP, WINS, DHCP, DNS, DDNS, SNMP, SMTP, Ethernet 10/100/1000, WAN/LAN Routing, Routers, Switches Microsoft Active Directory, Group Policy Objects, DNS, SNMP, LDAP, DHCP
Backup Software s: Symantec backup exec and vRanger Pro. Veeam backup and replicator
Applications: MS Office 2000,2003, 2007 and MS Visio, Microsoft Exchange Server 2003,2007,2010, Altiris, SaaS, Office 365, Symantec Ghost
Confidential, Manhattan, NY
Sr. Windows Active Directory /Azure Admin
- Manage Identity Access management of Azure Subscriptions, Azure AD, Azure AD Application Proxy, Azure AD Connect, Azure AD Pass Through Authentication.
- Creating and managing application integrations for identify and access management. Having Experience of Creating conditional Access policies Multifactor authentication (MFA), Resetting MFA and Resolving the MFA issues.
- Experience in Syncing the Objects Users, Groups, Workstation from active directory to azure active directory.
- Active Directory Federation Services (ADFS), SAML, web Single Sign-on (SSO), OAuth and related authentication technologies.
- Assist in the scripting of AD user and contact object updates using PowerShell to facilitate synchronization to Azure AD.
- Having Experience of troubleshooting of user account provisioning between legacy Client directories and CSC active directory and LDAP directories.
- Experience Configuring and managing AzureAD Connect, AzureAD Connect health, Microsoft Azure Active Directory.
- Resolved Azure AD issues relating to Office 365(MMSSPP), Active Directory to AzureAD identity and user permissions.
- Configured and resolved Azure AD Connect sync issues.
- Having Experience of Creating and Managing the users and groups in Azure AD.
- Developed automated Active Directory process to deprovision Active Directory user accounts using PowerShell.
- Developed 5 Active Directory user account provisioning processes using Service Now Orchestration and PowerShell.
- Experience with NetIQ Directory Resource Administrator (DRA) product requires regular read and write access into the Active Directory Domains, and any Office 365 tenants managed by each DRA Server.
- Ensure this process occurs in a timely manner each DRA Server will cache a limited number of properties about all AD object types supported by DRA.
- Handled operation performed by a DRA Server requires information about a specific AD or cloud object, that DRA server will look to its local off line cached.
- Support AD object attributes not stored within our cache, the DRA Server will issue a call directly to a specific Windows Domain Controller or Online Office 365 portal to obtain these properties.
- Sync FROM AD or the Office 365 Tenant TO DRA.
- Used Windows 2000 and later uses Kerberos as its default authentication method.
- Used Kerberos preferred authentication method: In general, joining a client to a Windows domain means enabling Kerberos as default protocol for authentications from that client to services in the Windows domain and all domains with trust relationships to that domain.
- Upgraded environment to System Center Configuration Manager (SCCM) from R2.
- Did design and architecture work for up grading enterprise from Active Directory .
- Did Domain Controller promotions on 2012 member servers?
- Did Domain Controller Demotions to eliminate 2003 DCs.
- Did 2008 DC Health checks.
- Econciled user account information between Active Directory and other enterprise directories.
- Created automated processes to cleanup and modify Active Directory in preparation for migrating email to Exchange Online.
- Developed automated process to force an enterprise wide one-time password change.
- Designed and deployed a virtual Active Directory lab to emulate the 65,000+ user production environment.
- Developed 35+ PowerShell scripts to inventory and modify Active Directory.
- Trained and mentored support staff in the management of Active Directory infrastructures.
Confidential, Forth worth TX
Windows Active Directory /Azure Admin
- Manage & support a large client base Windows 2000/2003/2008 R2/2012 and 2016 in a multi domain/forest Active Directory of more than 3500 windows server on 24x7x365 basis in an enterprise infrastructure.
- Experience with deployments, maintenance and troubleshooting applications on Microsoft Azure Cloud infrastructure. Working knowledge on Azure Cloud IaaS and PaaS Services.
- Technical authoring, including infrastructure design and architecture (Server, DMZ, Virtualization, Storage, Network, Database, Security and Governance. Azure Storage development and design utilizing Blobs, Pages, Queues, Tables and VM's.
- Established connection from Azure to On-premise datacenter using Azure Express Route for Single and Multi-subscription connectivity.
- Utilized NSGs for layer 4 Access Control List (ACLs) for incoming and outgoing packets. Leveraged VNET system routes and underlying route table that holds Local VNet Rules, On-premise Rules, Internet Rules and IP Forwarding as design basis.
- Experienced on creating Azure VM, Cloud Services and Storages by using Azure Power-Shell Script. Convert multiple onsite Data Centers to Virtual Infrastructure using Microsoft Hyper-V reducing physical server footprint, while improving management, efficiency and performance.
- Azure Cloud Infrastructure design and implementation utilizing ARM templates Created users and groups using IAM and assigned individual policies to each group. Creating Azure Backup vault and protecting required VMs to take the VM level backups.
- Configure an ILB listener for Always on Availability Groups in Azure Creating and managing Azure Web-Apps and providing the access permission to Azure AD users.
- Primary responsibility for the Active Directory Administration to provide strategic and tactical direction for the Active Directory Services, Identity and Access Management, Roles Based Access Control and Segregation of Duties.
- Installation, Administration & Troubleshooting of Windows 2003/2008/2012 Active Directory domain controllers, sites, AD replication, DNS, on physical & or on VM's in a multi - Domain / Forest environment.
- Performed daily monitoring tasks to assure the proper health of multiple Active Directory Environments Supported multi-domain DNS environments and configured DHCP scope for those environments.
- Reviewed the Windows 2008 R2 Active Directory Design encompassing a single forest, multi domain environment. Analyzed the design including branch based RODC's placement, aligned necessary DNS Domain and OU based group policies.
- Expertise in Active Directory Design and support (GPOs, AD Schema, OUs, LDAP, Sites, Replication, etc.).
- Creating, Testing and implementing GPO's in QA, Dev and Production Environment.
- Reviewed the necessary implementation\migration runbook and recommended optimizing the FSMO roles, configuring time services, configuring GC's, setting up Quest Recovery Manager, optimizing event logs.
- Used SCCD and Project Pair Tools for Incident Reports and Tickets, Change and Request Management in SCCD by meeting the SLA requirements.
- Expertise in deployment and troubleshooting of windows 2008 and 2012 R2Domain Controllers in AD.
- Experience in Migrating Group and Exception Policies from one domain to other domain in AD forest. Planning, designing and implementing the various solutions on windows server platform technologies and its components like Active directory, DFS shares, RDS Service and high availability cluster environment.
- Managing, installing and troubleshooting Microsoft windows active directory, DNS, DHCP services on windows server 2003/2008 and 2012 platforms.
- Involved in designing and deploying multitude applications AWS stack (Including EC2, Route53, S3, RDS, SNS, SQS, IAM) focusing on high-availability, fault tolerance, and auto-scaling in AWS Cloud formation.
- Created AWS Route53 to route traffic between different regions. Configure IAM and Security Group in Public and Private Subnets in VPC.
- Provide highly durable and available data by using S3 data store, versioning, lifecycle policies, and create AMIs for mission critical production servers for backup
- Planning, creating and managing AD group policy templates and policies administration, operating system security patches upgrade procedure for secure computing and network environment.
- Resolving hardware/Operating Systems and application software issues within SLA
- Installing, configuring and managing ESX servers, Virtual infrastructure and virtual center.
- Configured and managed vCenter, ESX Hosts, VM's alarms. Configured Host Profiles and verified Cluster and ESX Hosts Compliance. Installed and configured Update Manager. Imported patches and created the base lines for ESX Upgrading.
- Installing and Upgrading VMware Tools for Virtual machine. Creating Clusters for High Availability (HA) and Distributed Resource Schedule.
- Proactive planning and managing server hardware, OS upgrades, software drivers and hardware firmware upgrades.
- Defining, implementing Backup-recovery methods and disaster recovery procedures, tests and plans.
- Preparing and maintaining process, procedures and work instructions documents (PPWI) on various technologies and server platforms.
- Develop design and implement solutions for small to large environment as per client requirement.
- Install, configure, upgrade and manage VMware VsphereVCenter, Esxi hypervisor version 5.x/6.x technologies
- Planning implementing VCenter upgrades and database components.
- Creating baseline and remediating VsphereVCenter and ESXi patching/upgrades through VMware Update Manage.
- Performance tuning of VMware servers, Virtual sessions and management of server resources between virtual machines. Troubleshooting virtual machine issues.
- Moving physical machine to virtual machine using p2v converter.
- Root Cause & System Log Analysis and reporting. Troubleshooting problems with the help of Event Logs.
- Distributed power management, Fault tolerance, Data Recovery. Manage Users, Groups, Permissions and roles.
- Data Protection and maintenance of healthy network using different backup and recovery strategies and Automated System Recovery Disk and virtual machine.
- Having Experience on Resolving the Snapshot issues and Clone issues.
- Having Experience on Cloud Technology solutions (IBM Softlayer)
Confidential, Mahwah, NJ
ACTIVE DIRECTORY ENGINEER
- Migration of Active Directory Users and Computers objects from a Windows 2008 Domain to Windows 2016 Domain using Quest Migration Software tools (NDS Migrator, Recovery Manager for Active Directory, Reporter, Quest Migration Manager, Change Auditor)
- Strong technical knowledge and experience with both Microsoft Windows 2012 and 2016 Servers.
- Excellent knowledge of Microsoft Active Directory 2012/2016, including DHCP, Client, DNS, DHCP.
- Managing Schema, FSMO Roles, Domain Trust, Sites and Services, Security, DNS, DHCP, Replication, Group Policy, ADFS & SSO.
- Responsible for building ADDS servers and AD related services
- Knowledge of Microsoft Active Directory Integration with Microsoft O365 Cloud/Microsoft Azure Active Directory.
- Assisted and provided guidance in application integration into Directory service including LDAP(S), and service account management.
- Worked with the migration team for migrating Exchange users to Office 365.
- Successfully established and tested Azure AD Tenant for production.
- Supported customers on various implementation of Windows Azure AD, MS office 365, Azure Single Sign On, On-premise, Single Sign On, Windows Azure Saas, Iaas, and Paas.
- Good understanding of the ITIL frameworks along with incident, problem and change management processes and procedures.
- Maintain, install and configure third party applications on Linux and windows environment (Cloud and in private data centers).
- Creating and modifying scripts written in PowerShell and VBScript.
- Upgraded 100+ ESX hosts from ESX 5.0 to ESX 6.x using VMware Update Manager tool.
- Security configuration and hardening of VMWare & Windows systems.
- Supporting Active Directory Lightweight Directory Services and ADFS.
- Provides guidance related to Platform as a Service (PaaS), and Software as a Service (SaaS) initiatives, projects, plans, and reviews.
- Hand on experience of Microsoft Deployment Toolkit (MDT) and Windows Assessment and Deployment Kit (ADK).
- Setup and configured SCCM Operating System Deployment (OSD) for Windows 7 and Windows 10.
- Detailed knowledge of system security vulnerabilities, remediation techniques & Data center.
- Architect, design and implement solutions for AD infrastructure for efficiency and continuous improvement opportunities.
- Created PowerShell scripts to complete Active Directory related tasks such as checking AD health (services, uptime, replication, storage), stale objects clean and day to day provisions of security accounts.
- Develop and maintain short, medium and long-term plans to support Identity and access management strategy (IAM).
- Provide operational support for the Identity and access management (IAM) solution.
- Monitoring and performance tuning for both AD and Windows operating systems including connectivity, synchronization, replication, net logon, time services, FSMO roles, schema, NTDS database partitions, AD Backup and Recovery, ADFS, certificate authorities and trust relationships.
- Infrastructure using ADMT and Quest, Binary migration tools.
- Experience in deploying PKI Infrastructure.
- Configure constrained delegation in Active Directory for Kerberos enabled applications.
- Provide operational guidance and serve as a central escalation point for all Microsoft server related technologies such as, but not limited to: Active Directory, Group Policies, AD Trusts, AD Sites and Services, Microsoft Identity Manager.
- Deploy and managed RadiatOne FID.
- Setting up SAML applications in OKTA.
- Managing the governance part using Sailpoint
- Strong technical knowledge and experience with both Microsoft Windows 2012 and 2016 Servers.
- Vulnerability management and mitigation by applying required patches using SCCM 2012. Manual configuration changes for Vulnerability Mitigation.
- Build, test & validate the hardened image on multiple platforms including VM (VMWare) & Physical servers
- Understanding of SAN, NAS storage architecture.
- Experience in deploying and maintaining an Altiris/Symantec ITMS Management suite.
Environment: Windows 2008R2, GPO, Kerberos, VMware ESX, ESXI, Vsphere, vCenter, LDAP, ADDS, ADFS, Exchange, Azure, VB Script, SAN, NAS.
Confidential, Frisco, TX
- Deployed and configured 2008 and 2012 R2 on virtual and physical platform with automation tool Chef
- Built VMWare ESXi hosts from version 5.5,6.0 on Dell & Cisco UCS blade and rackmount servers.
- Experience in installing Dell PowerEdge M620, M630, M830 Blade Servers into the Chassis Dell PowerEdge M1000e and configuring Chassis, PowerEdge M I/O Aggregator and managed the chassis using Chassis Management Controller (CMC).
- Administering processing and maintaining data in Kronos Time & Attendance
- Used iDRAC to access Dell Servers, specifically M620, M630 and R630 and R730 model hardware.
- Involved in P2V and V2V conversion of Windows 2008 and 2012 servers by using Platespin Migrate & VMware vConverter.
- Hands-on ability in SharePoint - a large part of this role is day-to-day creation and modification of standard sites
- Executed VRO VM-build-workflows to create Virtual Machines.
- Created VM images through VMware vSphere Client for enterprise environments and support virtualization process.
- Installation, configuration and up-gradation of Windows servers 2008R2, 2012 and 2012R2 VMs'.
- Created & Implemented Host profiles for Multiple Hosts & added FC LUNs as Datastores to multiple ESXi hosts.
- Experience with vSphere6.0 features like HA, DRS, vMotion, Storage vMotion, Resource pools, permissions, Patches, Snapshots, Tools Upgrade, disk expansions and templates.
- Creating and managing the VMware cluster with HA and DRS.
- Experience in administering Windows servers 2003/2008/2012 and building new windows physical/virtual servers as per the requirement of the project.
- Experience on creating host profiles and deploy to hosts in a VMware clusters.
- Designed and successfully implemented VMware ESXi 5.0/4.1 servers for server consolidation and Worked on vCenter Server to manage all the ESXi hosts in the datacenter.
- Performed disk consolidations to multiple VM's that failed snapshots which released virtual disk space from data stores.
- Responsible for implementing SRM for DR solutions in Dev & Prod Environment and used vSphere replication for live replication of the VM's.
- Deployed, administered, configured and troubleshot various components of Horizon view 6.x and desktop pools.
- Co-ordinating with the windows team in the server upgrades for 2008, 2008R2 & 2012 using SCCM tool for the Client machines for the updates across the globe.
- Patched the master image and recomposed the pools on monthly basis. Followed proper sequence for patching the VDI components on a monthly basis using Windows Server Update Services (WSUS).
- Creating and managing Virtual Machines and Templates, worked with clones and snapshots of Virtual Machines.
- Responsible for troubleshooting tickets created by users and application support team from various locations and worked with Citrix support in case of complex issues, working closely with business units inside the organization to deploy applications on Citrix servers.