- Over 7+ Years of Experience in Azure Active Directory, Active Directory, Windows Admin and O365 Licensing.
- Resolved Azure AD issues relating to Office 365, Active Directory to AzureAD and CAIDM to Active Directory.
- Manage Identity Access management of Azure Subscriptions, Azure AD, Azure AD Application Proxy, Azure AD Connect, Azure AD Pass through Authentication.
- Having Experience Configuring and managing Azure AD Connect, Azure AD Connect health, Microsoft Azure Active Directory.
- Good experience in Configuring the Microsoft SCCM to facilitate Remote control, patch management, software distribution and operating system deployment.
- Experience in managing Active Directory Domain Controllers, DNS and DHCP Servers.
- Strong experience on Administration and troubleshooting of Azure IAAS Components - VM’s, Storage, VNET, NSG, Availability sets, Site to site VPN.
- Monitoring connectivity, synchronization, replication, net logon, time services, FSMO roles, AD schema, and NTDS database.
- Good experience in deploying AD solution on AWS, AD on enterprise, and AD on hybrid cloud.
- Having good knowledge and experience with ADFS & Certificate based SSH authentication.
- Experienced in Azure Infrastructure as a Service (IAAS).
- Experience in dealing with windows Azure services - Virtual Networks, Virtual Machines, Resource Groups, VPN, Load Balancing, Auto Scaling, Azure monitoring, Traffic Manager.
- Expert knowledge of 3-tier and N-tier layered architecture.
- Experience in designing and implementing AD sites Topology, Domain Controller strategy, Branch office infrastructure and services.
- Good experience in designing DHCP solutions, IP Address management solutions, VPN, Web application Proxy solution, Monitoring strategy and Direct Access Solution.
- Proven Experience in Planning and implementing the High Available Network, Storage Solutions, failover Clustering, Business continuity and disaster solutions.
- Expert Knowledge in migration using Dell QMM for AD, Exchange and MSFT ADMT 3.0.
- Planning, creating and managing AD group policy Templates and Policies Administration, Operating System security Patches Upgrade Procedure for secure computing and network environment.
- Enforce smartcard multi-factor authentication and MFA for all cloud admin accounts.
- Provided guidance in the planning, gathering requirements, recommendations, and implementation of data migration to Office 365, and configuration best practices.
- Experienced in Deploying Web Apps and Creating Web-Jobs Sync on premises Active Directory users to office 365 with ADCONNECT and ADFS to make easy to user moving.
- Responsible for Security Patch Management and Deployment to all clients using Microsoft WSUS.
- Manage deployment and administration of Microsoft 365 product components (Intune, Exchange online, OneDrive, Skype for Business, SharePoint, Microsoft Teams, Groups, etc.)
- Fix sync, mailbox, and licenses related issues for O365.
Operating Systems: Windows server 2008, 2012, 2016. Windows XP, Vista & Windows 7/8/10Windows XP Pro, Citrix Presentation Server & UNIX, DOS .
Software: MS Office, XP, Remotely Anywhere, MSOutlook, Project Pier, Lan Messenger Internet Explorer, PDQ Deploy, Confidential Maximo, Lotus Notes, Visual Studio 2012, TFS, FTP, ILO Confidential Director, Tivoli Backup Manager.
Special Skills: Azure Active Directory, AAD Connect Server, O365, PowerShell Scripting, Ansible Scripting.
Application Servers: Windows NT, 2000 and 2003, 2008, 2012, Remote Access Server, DNS, DHCP, WSUS Terminal Servers Hyper V ADDS Antivirus System for server and Workstations, oracle directory.
PowerShell: Windows PS, AD PS, Azure AD PS, MS Exchange online.
Tools: & Technologies: Service Now, Cyber Ark, Azure Active Directory Connect, Azure DevOps, GIT, GitHub, Jenkins, Dell Migration Manager for AD/Exchange, Secure copy, Recovery Manager, Change Auditor, Dell Active Roles Identity Manager, ADMT, Office 365, Azure, Azure Active Directory, ADFS, V8.8 & V8.10, Exchange 2010/2013, AWS Cloud.
Active Directory Engineer
- Designing, Configuring and maintaining Active Directory Services on Windows Server 2008, 2012 and 2016(Test, Development) Domain controller.
- Installing, configuring, managing, and troubleshooting multiple Windows 2008/2012/2016 Active Directory and server system environment.
- Prepare the runbook to support the operational activities that are executed at the level of Tier-2 support, participate in project meetings and coordinate with other technical teams.
- Ability to troubleshoot logon/authentication, Licensing and sync related issues for AD, AAD objects and mailboxes.
- Responsible to analyze & review AD security and reduce excessive admin privileges by segmenting the user’s credentials in to privileged tiers.
- Responsible to support implementation of AD Hardening to enforce security controls based on Microsoft ESAE administrative forest model.
- The job requires supporting of multiple Active Directory forests\domains with various implementations across the enterprise. The candidate should be proficient in securing, hardening and implementing tiered based model for Active Directory.
- Working knowledge in cloud capabilities and concepts including federation, RBAC and cloud security, Directory Synchronization, MSFT O365 and Azure AD.
- Understanding authentication services especially Kerberos and LDAP authentication protocols.
- Ability to automate Software Installation, reports generation and cloud connectivity using PowerShell scripting.
- Provide 3rd level or escalated support for LDAP authentication, O365 Licensing, Trust relationship and other implementation and operational related issues.
- Understanding of various tools and technologies that is not limited to DNS, WINS, PKI, GPO’s, Sites and Services, trusts, Azure AD, Azure IAAS, Azure AD Connect, PowerShell and VB Scripting, GPO, MSFT Windows AD, Virtualization, DNS, DHCP, IPAM, VPN, Splunk, Load Balancer Services, PKI and Certificates, PingFederate, SSO, SCCM/SCCM, QMM for AD, Quest Recovery Manager and Commvault.
- Understanding the role based and control restrictions by implementing custom app specific GPO’s to enforce access to servers using restricted groups.
- Responsible for vulnerability scanning and Remediation, Technical Standard Assessment of Domain Controllers and audit of privilege group members.
- Identify and Investigate the hardware and software related issues by performing root cause analysis and finally implement an action plan for the resolution and dissemination of conclusions.
- Responsible to provide the support for planning, managing and troubleshooting of High Available Systems, Network, Storage Solutions, Failover Clustering, Business Continuity and Disaster Recovery Solution.
- Deep level understanding of GPO modeling, Privileged groups, OU, Virtualization, all aspects of AD, AAD Connect, Azure AD & O365 services.
- Migrated close to 1180 objects in to the new domain.
- Migrating OU’s, groups, users, GPO’s to target domain using Dell Migration Manager.
- Migration of Computer A/c’s along with the respective user profile from source to the target domain.
- Migrated DFS file shares from source to target domain using Robocopy & replicated the permissions of DFS in target domain using the Dell Resource Update Manager (RUM).
- Good understanding on AD replication and how to troubleshoot replication problems.
- DNS as well as the DHCP Scope Migration.
- Printer, File Server Migration and application configuration.
- Need to gather data for User and computer migration and prepare for the file to be upload in (QMM) Quest Migration Manager.
- Integration Active Directory on premises with Azure AD.
- Synchronization of AD with Azure AD and assigned O-365 licenses such as right to Exchange online, SharePoint Online and installed Office 2016 on computers and devices.
- Migrated Active user Mailboxes and updated the Exchange settings also addressed unused mailboxes.
- Migrated the public folders, PST files into exchange online.
- Configured the IP-Helper option and flip the switch of VLAN to use target DNS server meanwhile, disabled the source domain DHCP server and enabled the target domain DHCP server.
Environment: Active Directory, Azure Active Directory, Azure Active Directory Connect, O365 Licenses, IAM, Service Now, Cyber Ark, Windows 2012 R2, windows 7 Professional, windows 10 professional, Quest MM for AD, User Profile, DNS, DHCP and ADLDS.
AD & Azure AD Consultant
- Implemented the PowerShell scripts for the bulk modification for the Active Directory user and computer object attributes to facilitate synchronization to Azure AD
- Creating and updating the sync rules in the AD Connect Sync Rule Editor for User, Contact, Groups, Devices and Distribution Groups.
- Maintaining and managing the Active Directory User and Computer Objects by using the PowerShell and Dell Active Roles.
- Migrating and Syncing the Active Directory objects from on premises AD to Azure AD (Cloud) using the AAD Connect Server.
- Providing the access and updating the user/computer object attributes and container (OU) movements while troubleshooting the sync issues.
- Troubleshooting with the authentication issues to the user while accessing the applications and the computers using Splunk logs and VDI logs.
- Responsible for identifying tasks and establishing milestones as a team to ensure consistency and promote an active proactive nature.
- Key player in the company split that included key responsibilities in designing and implementing a new company forest and establishing a forest trust.
- In addition, the DFS, Group Policy, DNS, AD groups, OUs, etc. were implemented ensuring the overall change from users moving from one environment to a newly created environment minimizing downtime to the end user.
- PowerShell scripts were utilized via a catalog of scripts that were tested and have passed peer review to automate large changes in the environment.
- Monitoring and checking the replications status, backup status and health of all the Domain Controllers which are both physical and Virtual machines.
- Migrating, implementing and troubleshooting the Group Policies (GPOs) to various OUs/Containers in AD across the Development, Test and Production environments.
- Manual registering/setting the SPN (Service Principal Name) for the SQL services to authenticate with the Active Directory Domain Services.
- Tasked with building an Active Directory 2008 R2 lab that mirrors the production environment by utilizing VMware cloning that gathers the full configurations and settings that closely match the end user experience.
- Lead engineer for planning the rollout and migration plan for upgrading the Active Directory environment from 2008 R2 to AD 2012 R2. This also included identifying communication plans to notify key individuals from specific teams that will need to be involved to ensure no outages happen in those respective areas.
- Create GPO polices, and templates as requested for workstations, servers, VDIs, OUs and as required by the Active Directory Hardening project.
- Troubleshoot AAD connect delta and full cycle sync issues as they arise and validate data integrity.
- Building, maintaining and monitoring the various Windows Servers with Operating Systems of windows 2008/ 2012/21016.
- Monthly installing the patches on the servers using the Microsoft WSUS patch distribution services.
- Working on various issues and troubleshooting the Operating system level problems related to network, Remote Desktop, Local security policies, services, firewall issues etc.
- Slipstream, Test and deploy windows updates to Domain Controllers and Windows Severs.
- Primary responsibility for the Active Directory Administration to provide strategic and tactical direction for the Active Directory Services, Identity and Access Management, Roles Based Access Control and Segregation of Duties
- Worked on Active Directory (AD) Domain Consolidation. Service delivery of the Azure Active Directory and the Identity Management team within Microsoft cloud platform (O365 Identity, Azure etc.) Designed and implemented a new ROLE BASED admin mode l with deployment of Quest Roles.
Environment: Service Now, Cyber Ark, O365 Licensing, Azure Active Directory, Azure Active Directory Connect, Active Directory, AWS: - EC2, S3, EBS, VPC, ELB, AMI, SNS, RDS, IAM, Route 53 VMware ESX and vCenter Server 5.5, 5.1 5.0 Windows Server 2016(testing) 2003.
Active Directory Migration SME
- Creating and managing Active Directory (AD) Organizational Units (OU), Group Policy Objects (GPO), and creating the users providing the Users Permissions, Configuring GPO'S.
- Successfully implemented AD based windows activation using KMS server.
- Install and Manage security reporting tools to monitor any Active Directory changes. Plan and manage all the migrations and upgrades related to Active Directory and Domain Controllers.
- Troubleshooting login and access related issues. Create new directories, shares and security groups, new old accounts, disabling/deleting accounts, managing account policies.
- Review and resolve alerts; patches and upgrade of windows servers.
- Wrote custom PowerShell and Visual Basic scripts for querying specific Active Directory attributes.
- Managed user accounts, groups, print queues and controlling access rights using Active Directory.
- Manage & support a large client base Windows 2000/2003/2008 R2/2012 and 2016 in a multi domain/forest Active Directory of more than 3500 windows servers on 24x7x365 basis in an enterprise infrastructure.
- Configure Tunneling for transmitting over IPv4 network. Creating Organizational Units (OU's) and setting up Group Policy Objects (GPO), and Group Policy Containers (GPC).
- Created Forests and Domains and raised functional levels. Created trust relationships. Managed, created, deleted Local groups, Global groups, and Universal groups. Verified and resolved Group Policy problems; Imported and exported GPO settings.
- Servers Health Check and performance monitoring for all the Wintel servers (1500 windows servers).
- Creating and maintaining User accounts, Profiles, Security, rights, disk space and process monitoring using Active Directory.
- Strong hands-on administration experience on Windows 2012 server - Forest, Domain trust, AD, DFS, DNS, WINS, DHCP, Group Policy, Distribution list, Windows folder security, and IP filter.
- Reviewed the Windows 2008 R2 Active Directory Design encompassing a single forest, multi domain environment. Analyzed the design including branch based RODC's placement, aligned necessary DNS Domain and OU based group policies.
- Expertise in Active Directory Design and support (GPOs, AD Schema, OUs, LDAP, Sites, Replication, etc.)
- Creating, Testing and implementing GPO's in QA, Dev and Production Environment.
- Reviewed the necessary implementation\migration runbook and recommended optimizing the FSMO roles, configuring time services, configuring GC's, setting up Quest Recovery Manager, optimizing event logs.
- Used SCCD and Project Pair Tools for Incident Reports and Tickets, Change and Request Management in SCCD by meeting the SLA requirements.
- Expertise in deployment and troubleshooting of windows 2008 and 2012 R2Domain Controllers in AD.
- Managing, installing and troubleshooting Microsoft windows active directory, DNS, DHCP services on windows server 2003/2008 and 2012 platforms.
- Involved in designing and deploying multitude applications AWS stack (Including EC2, Route53, S3, RDS, SNS, SQS, IAM) focusing on high-availability, fault tolerance, and auto-scaling in AWS Cloud formation.
- Created AWS Route53 to route traffic between different regions. Configure IAM and Security Group in Public and Private Subnets in VPC.
- Provide highly durable and available data by using S3 data store, versioning, lifecycle policies, and create AMIs for mission critical production servers for backup
- Planning, creating and managing AD group policy templates and policies administration, operating system security patches upgrade procedure for secure computing and network environment.
- Experience with deployments, maintenance and troubleshooting applications on Microsoft Azure Cloud infrastructure. Working knowledge on Azure cloud IaaS and PaaS Services.
- Established connection from Azure to On-premise datacenter using Azure Express Route for Single and Multi-subscription connectivity.
- Configure an ILB listener for Always on Availability Groups in Azure Creating and managing Azure Web-Apps and providing the access permission to Azure AD users
- Proactive planning and managing server hardware, OS upgrades, software drivers and hardware firmware upgrades.
- Data Protection and maintenance of healthy network using different backup and recovery strategies and Automated System Recovery Disk and virtual machine.
- Having Experience on Resolving the Snapshot issues and Clone issues.
Environment: AWS: - EC2, S3, EBS, VPC, ELB, AMI, SNS, RDS, IAM, Route 53 VMware ESX and vCenter Server 5.5, 5.1 5.0 Windows Server 2016(testing) 2003, HP and Confidential Hard Ware Confidential Cloud Environment (SoftLayer).
Windows System Administrator
- Maintained VMware VDI environment of over 8 hosts and 700+ VMware guest OS Provisioning and re-provisioning the VM's as per the request from different application teams.
- Managing VDI environment and VMView Administration.
- Knowledge on Maximo work order tracking, asset management and inventory management.
- Migrated around 150 VM's from old Windows XP environment to new Windows7 environment.
- Worked on Planning, Designing and implementing all the process related to migration.
- Maintained User accounts, Licenses and perform other administration on Remedy.
- Worked with smart Viewer to monitor ports and fixing port related issues.
- Build servers on Vsphere environment according to the client request.
- Maintained VMware Vsphere4 environment for over 8 Hosts
- Proposed OS patch schedule for the year after conducting meetings with the application owners and co-coordinating with the Microsoft monthly patch releases.
- Periodically assisted in execution of large-scale migrations and consolidations of legacy technology and Datacenter facilities using physical to virtualization (P2V) and other technical data centralization best practices where needed.
- Worked with Altiris for pushing certain software's.
- Experience with Windows2012/2008 clustering services.
- Working with Virtualization technologies like Installing, Configuring and administering VMware ESX/ESXi and created, managed VMs (virtual server) and also involved in the maintenance of the virtual server.
- Strong understanding of VMware Networking concepts like creation of vSwitches, different types of port groups, NIC Teaming and VLAN Problem management on VMware ESX 4.X and Virtual Center and vMotion.
- Build and troubleshooting experience with ESX and ESXi Servers, vSphere and vCenter manager.
- Expert in Remedy 7.5 - Managed and improved operational procedures, processes, and documentations related to change management, problem, incident, and release management.
- Installation/configuration of Red Hat Linux 7/6, VMs, Physical servers, Solaris 10 & 11 servers.
- Hands-on experience in Project Management, Deployment, Installation, Administration, Maintenance and troubleshooting of various Microsoft Operating Systems and Application, Networks and Computers.
- Experience in Active Directory, GPOs, DNS, DHCP.
- Experience in Managing Groups, Users, Service and Computer Accounts.
- Experience in Managing Active Directory Certificate Services.
- Responsible for production support of Active directory (AD), GPO, GPP, Domain users, Users and groups and given appropriate permissions, shares and privilege to access LAN and Domain environment.
Environment: VMware ESX 4.0 ESXi 5.5/6.0 vSphere 5.0/5.5/56.0 , vCenter 5.5/56.0, MS Windows Server 2012 R2/2008 R2, Clusters, SAN, NIC, EMC, Wintel Win 2008, 2012, Virtual Switches.
- Migrated with team 100+ servers from Windows 2003 and Windows 2008 environment, including File and Application Servers, restored File permissions and Shares.
- Configured VMware on clustered environment, implemented Migration of Virtual Machines using vMotion, Storage vMotion.
- Implemented Microsoft DHCP, DNS, WINS, Domain trust relationship, fault tolerance, file and print services, user and group management.
- Consolidation of the Datacenters using Vcenter5.0 and installation, configuration and managing the ESXi5.0 and 5.5 Update to Servers and vCenter.
- Creating and managing the VMware clusters in the Vcenter5.0.
- Enabling the HA and DRS features in a VMware Clusters.
- Monitoring the VM'S & ESXi5.5 Update 2 Servers using the vCenter.
- Creating the Virtual Clusters, Resource pools, Templates & Clones in the Vcenter5.0.
- Creating the Virtual Switches & Port groups in the Virtual Environment.
- Patch Management done in the ESXi5.5 Servers through the update manger.
- Upgrading the ESXi5.0 to ESXi5.5 using host update availability.
- Worked on Migration Projects Involving IIS 4.0, 5.0 and 6.0-based applications.
- Installed, and supported 100+ Desktops, Laptops, Network Devices, and Computer Peripherals with the IT team.
- Was Responsible for Active directory, GPO, Domain users, Administrating users and groups and given appropriate permissions and privilege to access our LAN and Domain environment.
- Installed, configured, administered Windows 2003 servers, Active Directory Services, FTP, WSUS, IIS Web Server and SQL Database Server.
- Was Responsible for Security Patch Management and Deployment to all clients using Microsoft WSUS.
- Weekly Backups on NAS storage.
- User Support - Monitored and troubleshooting system performance, server & user related issues. Provided support to users to resolve their day-to-day issues related to OS, E-mail, Account issues, hardware etc.
- Was Responsible for Backup/recovery strategy of all windows-based servers. Planned and implemented fault tolerance and strategies for backup and restoring files on the network using different media devices like tape drives, compact disk and additional hard disk etc.
- Implemented cross-functional IT skills training so our team was well prepared and resilient when faced with challenging issues, which greatly improved IT incident response times & work quality.
- Asset Management - Helped infrastructure team to Manage Leased Assets.
- Vendor Management - Build strong relationship with new / existing vendors to get good support and pricing. Selected and recommended the right product and the source at the appropriate price range for the business user.
Environment: VMware ESX 4.0, ESXI 5.0,5.5, vSphere 5.0 vCenter 5.0. Windows Server, Exchange Server 2003, 2008 R2/2003, Windows 7/XP, MSFT Windows Active Directory, HP ProLiant DL and HP Blade Servers.