- Over 7 years of IT experience, specializing in Server administration in various environments - Windows 2000/ with Active Directory Services (WINS, DNS, DHCP)
- Experience Azure Active Directory, Active Directory, Windows Admin and VM Ware Administration
- Developed a migration approach to move workloads from On-Premises to Windows Azure or develop new cloud-ready application solutions.
- Manage Identity Access management of Azure Subscriptions, Azure AD, Azure AD Application Proxy, Azure AD Connect, Azure AD Pass through Authentication.
- Having Experience Configuring and managing AzureAD Connect, AzureAD Connect health, Microsoft Azure Active Directory.
- Resolved Azure AD issues relating to Office 365, Active Directory to AzureAD and CAIDM to Active Directory.
- Resolving the Sync issue Microsoft Managed Services Service Provisioning Provider (MMSSPP).
- Provided guidance in the planning, gathering requirements, recommendations, and implementation of data migration to Office 365, and configuration best practices
- Having Experience on creating and updating the Various PowerShell Scripts for windows, Active Directory, AzureAD and o365.
- Designing, Configuring and maintaining Active Directory Services on Windows Server 2003, 2008, 2012 and 2016(Test, Development) Domain controller.
- Install and Manage security reporting tools to monitor any Active Directory changes. Plan and manage all the migrations and upgrades related to Active Directory and Domain controllers.
- Expertise in Active Directory Setup and troubleshooting for any deleted objects and AD Recycle Bin.
- An Windows System Administrator Designing, implementing changes, troubleshooting, supporting Enterprise Wide Windows Active Directory environment composed of Multi-Forest environment with different Trusts, Multi-Forest migration and creation, multiple Domain environment, multiple domain consolidations and retirements, Sites and Services, Site replications, domain controllers holding different FSMO roles, DNS troubleshooting, User base accounts of 15,000 and Windows server count of 2,000 running different flavors of Windows Operating Systems such as Windows 2012 R2, Windows 2008 R2 and Windows 2003. Involved in Designing domain solutions such as domain consolidation and trust creations both Forest level and Domain level.
- Manged, supported and implemented Active Directory in relation to PCI DSS (Payment Card Industry Data Security Standard) best practices and guidelines to protect credit card information through the use of audit policies, control access via security groups and network segmentations. Exposures with Azure Active Directory compatibility.
- Microsoft Active Directory Administration
- Payment Card Industry Data Security Standards (PCI-DSS)
- Experience designing, implementing and evaluating applications, systems and utilities relevant to Active Directory Domain services.
- Design and deployment of secondary sites for data replication and disaster recovery operations.
- Develop documentation and training for newly deployed and or upgraded Windows server environments.
- Profound experience in administration of user Accounts, Groups, Resources, Security, Backup strategies in window Servers
- Expertise in Migration Using Quest Migration Manager Tool for Active Directory.
- Extensive experience in deployment, migration, patching and troubleshooting of windows 2008 and 2012 R2 Domain Controllers in Active Directory.
- Monitoring the Active Directory Replication status of the Domain Controllers.
- Active Directory Services, DNS, Lync Administration, Power Shell in a very large network.
- Expertise in Active Directory design and support (Group Policy Object (GPO), Active Directory (AD) Schema, Organization Unit (OU), LDAP, Sites, Replication, etc.)
- Creating and Linking Group policies for Windows Server in AD domain.
- Experience in Performing the Domain functional level from windows server 2003 to 2008.
- Expertise in creating Group policy for User Drive Mappings.
- Helpful in providing support to third tier regarding client/server infrastructure and applications.
- Expertise in Migrating Users, Groups, Workstations and Window Servers from Source Domain to Target Domain.
- Responsible for core Global AD Infrastructure design, integrations, migrations of regional domain and resources, design and implementations of GPO security policies on Active Directory member servers, as well and auditing the group membership design (utilizing AGDLP) as it relates to member servers.
- Responsible for Public Key Infrastructure (PKI) issuance
- Microsoft AD PKI Administration support
- Provided Enterprise level Active Directory Architecture, engineering, Design and Documentation of the proposal approaches
- Design, build and maintain PKI Architecture in Active Directory Certificate Services
- Deploy and manage Public CA certificates
- Consulting and deployment of PKI solutions to application teams
- Design, recommend and deploy Active Directory Auditing and data management products such as; native AD auditing, StealthBits Stealth Audit and Dell/Quest Change Auditor
- Implemented, supported Office 365 rollout within the enterprise as well as managed HP servers, Cisco switches and Fortinet Firewalls integrated with SolarWinds monitoring application.
Active Directory Skills: Active Directory Design, Active Directory Replication, Active Directory Maintenance and Troubleshooting, Azure Active Directory, Group Policy Management, Group Policy Design and Structuring, Group Policy, Troubleshooting, DNS Server Management Zone, Design DNS Server Troubleshooting, DHCP Server Design and Maintenance, PKI and Certificate Server Design and Maintenance, IP Address Management, Access Control, Design PowerShell Scripting, ITIL Foundations and MOF Guidelines
VMware: VSphere, VMware ESXI 3.5 and 4.1/4.0/5.0/5.1/5.5/6.0 ,VMware converter, VMware Update Manager, Horizon View 6.x, HA, DRS, DPM, vCenter Orchester (VCO) vCloud Automation, Hyper-V, Center 6.0 (VCAC), VMware API, vMotion and VMotion, PlateSpin power converter
Operating System: Windows Server NT 4.0/ 2000/2003/2008 / R2, WINTEL servers, Windows XP/Vista/7
Server Hardware: Dell PowerEdge, HP, VNX, IBM Servers, HPE 8000 3PAR Storage, HP P6500 EVA, EVA 6500
Backup Software’s: Symantec backup exec and vRanger Pro. Veeam backup and replicator
Applications: MS Office 2000,2003, 2007 and MS Visio, Microsoft Exchange Server 2003,2007,2010, Altiris, SaaS, Office 365, Symantec Ghost
Sr. Windows Active Directory /Azure Admin
- Manage Identity Access management of Azure Subscriptions, Azure AD, Azure AD Application Proxy, Azure AD Connect, Azure AD Pass Through Authentication
- Creating and managing application integrations for identify and access management. Having Experience of Creating conditional Access policies Multifactor authentication (MFA), Resetting MFA and Resolving the MFA issues.
- Experience in Syncing the Objects Users, Groups, Workstation from active directory to azure active directory.
- Active Directory Federation Services (ADFS), SAML, web Single Sign-on (SSO), OAuth and related authentication technologies
- Assist in the scripting of AD user and contact object updates using PowerShell to facilitate synchronization to Azure AD
- Having Experience of troubleshooting of user account provisioning between legacy Client directories and CSC active directory and LDAP directories
- Experience Configuring and managing AzureAD Connect, AzureAD Connect health, Microsoft Azure Active Directory.
- Resolved Azure AD issues relating to Office 365(MMSSPP), Active Directory to AzureAD identity and user permissions.
- Configured and resolved Azure AD Connect sync issues
- Having Experience of Creating and Managing the users and groups in Azure AD.
- Developed automated Active Directory process to deprovision Active Directory user accounts using PowerShell
- Developed 5 Active Directory user account provisioning processes using Service Now Orchestration and PowerShell
- Experience with NetIQ Directory Resource Administrator (DRA) product requires regular read and write access into the Active Directory Domains, and any Office 365 tenants managed by each DRA Server. ensure this process occurs in a timely manner each DRA Server will cache a limited number of properties about all AD object types supported by DRA.
- Handled operation performed by a DRA Server requires information about a specific AD or cloud object, that DRA server will look to its local off line cached.
- Support AD object attributes not stored within our cache, the DRA Server will issue a call directly to a specific Windows Domain Controller or Online Office 365 portal to obtain these properties. sync FROM AD or the Office 365 Tenant TO DRA.
- Used Windows 2000 and later uses Kerberos as its default authentication method.
- Used Kerberos preferred authentication method: In general, joining a client to a Windows domain means enabling Kerberos as default protocol for authentications from that client to services in the Windows domain and all domains with trust relationships to that domain.
- Upgraded environment to System Center Configuration Manager (SCCM) from 2012 to 2012 R2.
- Did design and architecture work for up grading enterprise from Active Directory 2008 to 2012
- Did Domain Controller promotions on 2012 member servers
- Did Domain Controller Demotions to eliminate 2003 DCs
- Did 2008 DC Health checks econciled user account information between Active Directory and other enterprise directories
- Created automated processes to cleanup and modify Active Directory in preparation for migrating email to Exchange Online
- Developed automated process to force an enterprise wide one-time password change
- Designed and deployed a virtual Active Directory lab to emulate the 65,000+ user production environment
- Developed 35+ PowerShell scripts to inventory and modify Active Directory
- Trained and mentored support staff in the management of Active Directory infrastructures.
Windows Active Directory /Azure Admin
- Manage & support a large client base Windows 2008R2/2012 and in a multi domain/forest Active Directory of more than 3500 windows server on 24x7x365 basis in an enterprise infrastructure.
- Experience with deployments, maintenance and troubleshooting applications on Microsoft Azure Cloud infrastructure. Working knowledge on Azure cloud IaaS and PaaS Services.
- Technical authoring, including infrastructure design and architecture (Server, DMZ, Virtualization, Storage, Network, Database, Security and Governance. Azure Storage development and design utilizing Blobs, Pages, Queues, Tables and VM's.
- Established connection from Azure to On-premise datacenter using Azure Express Route for Single and Multi-subscription connectivity.
- Utilized NSGs for layer 4 Access Control List (ACLs) for incoming and outgoing packets. Leveraged VNET system routes and underlying route table that holds Local VNet Rules, On-premise Rules, Internet Rules and IP Forwarding as design basis.
- Experienced on creating Azure VM, Cloud Services and Storages by using Azure Power-Shell Script. Convert multiple onsite Data Centers to Virtual Infrastructure using Microsoft Hyper-V reducing physical server footprint, while improving management, efficiency and performance.
- Azure Cloud Infrastructure design and implementation utilizing ARM templates Created users and groups using IAM and assigned individual policies to each group. Creating Azure Backup vault and protecting required VMs to take the VM level backups.
- Configure an ILB listener for Always on Availability Groups in Azure Creating and managing Azure Web-Apps and providing the access permission to Azure AD users
- Primary responsibility for the Active Directory Administration to provide strategic and tactical direction for the Active Directory Services, Identity and Access Management, Roles Based Access Control and Segregation of Duties
- Installation, Administration & Troubleshooting of Windows 2008/2012 Active Directory domain controllers, sites, AD replication, DNS, on physical & or on VM's in a multi - Domain / Forest environment.
- Performed daily monitoring tasks to assure the proper health of multiple Active Directory environments Supported multi-domain DNS environments and configured DHCP scope for those environments
- Reviewed the Windows 2008 R2 Active Directory Design encompassing a single forest, multi domain environment. Analyzed the design including branch based RODC's placement, aligned necessary DNS Domain and OU based group policies.
- Expertise in Active Directory Design and support (GPOs, AD Schema, OUs, LDAP, Sites, Replication, etc.)
- Creating, Testing and implementing GPO's in QA, Dev and Production Environment.
- Reviewed the necessary implementation\migration runbook and recommended optimizing the FSMO roles, configuring time services, configuring GC's, setting up Quest Recovery Manager, optimizing event logs.
- Used SCCD and Project Pair Tools for Incident Reports and Tickets, Change and Request Management in SCCD by meeting the SLA requirements.
- Expertise in deployment and troubleshooting of windows 2008 and 2012 R2Domain Controllers in AD.
- Experience in Migrating Group and Exception Policies from one domain to other domain in AD forest. Planning, designing and implementing the various solutions on windows server platform technologies and its components like Active directory, DFS shares, RDS Service and high availability cluster environment.
- Managing, installing and troubleshooting Microsoft windows active directory, DNS, DHCP services on windows server and 2012 platforms.
- Involved in designing and deploying multitude applications AWS stack (Including EC2, Route53, S3, RDS, SNS, SQS, IAM) focusing on high-availability, fault tolerance, and auto-scaling in AWS Cloud formation.
- Created AWS Route53 to route traffic between different regions. Configure IAM and Security Group in Public and Private Subnets in VPC.
- Provide highly durable and available data by using S3 data store, versioning, lifecycle policies, and create AMIs for mission critical production servers for backup
- Planning, creating and managing AD group policy templates and policies administration, operating system security patches upgrade procedure for secure computing and network environment.
- Resolving hardware/Operating Systems and application software issues within SLA
- Installing, configuring and managing ESX servers, Virtual infrastructure and virtual center.
- Configured and managed vCenter, ESX Hosts, VM's alarms. Configured Host Profiles and verified Cluster and ESX Hosts Compliance. Installed and configured Update Manager. Imported patches and created the base lines for ESX Upgrading.
- Installing and Upgrading VMware Tools for Virtual machine. Creating Clusters for High Availability (HA) and Distributed Resource Schedule.
- Proactive planning and managing server hardware, OS upgrades, software drivers and hardware firmware upgrades.
- Defining, implementing Backup-recovery methods and disaster recovery procedures, tests and plans.
- Preparing and maintaining process, procedures and work instructions documents (PPWI) on various technologies and server platforms.
- Develop design and implement solutions for small to large environment as per client requirement.
- Install, configure, upgrade and manage VMware VsphereVCenter, Esxi hypervisor version 5.x/6.x technologies
- Planning implementing VCenter upgrades and database components.
- Creating baseline and remediating VsphereVCenter and ESXi patching/upgrades through VMware Update Manage.
- Performance tuning of VMware servers, Virtual sessions and management of server resources between virtual machines. Troubleshooting virtual machine issues.
- Moving physical machine to virtual machine using p2v converter.
- Root Cause & System Log Analysis and reporting. Troubleshooting problems with the help of Event Logs.
- Distributed power management, Fault tolerance, Data Recovery. Manage Users, Groups, Permissions and roles.
- Data Protection and maintenance of healthy network using different backup and recovery strategies and Automated System Recovery Disk and virtual machine.
- Having Experience on Resolving the Snapshot issues and Clone issues.
- Having Experience on Cloud Technology solutions (IBM Softlayer)
Environment: AWS:- EC2, S3, EBS, VPC, ELB, AMI, SNS, RDS, IAM, Route 53 VMware ESX and Vcenter Server 5.5, 5.1 5.0 Windows Server 2016(testing), 2012 2008 2003 , HP and IBM Hard Ware IBM Cloud Environment (Softlayer),sqlserve
Sr Active Directory Engineer
- Support multiple AD forests, including multiple domains forest with over 2 domains, 50 domain controllers and 20 AD sites, running on Windows Servers 2003, 2008 R2 and 2012 R2
- Deploy Manage and troubleshooting of Windows 2008R2 Domain Controllers in Active Directory.
- Create and Link exception policies to windows 2003, 2008R2 servers in PROD & QA Environments.
- Back up 150 Domain Controllers Using Dell Recovery Back up Manager Tool.
- Migrating Users, Groups, Workstations and Application window Servers from Source domain to Target domain Using Quest migration manager AD Domain.
- Performed Windows servers patching using SCCM Console.
- Copy the Existing Group policies form one domain to another domain within the Active Directory forest.
- Provided custom certificate template for VPN to allow access to different network segment.
- Decommission of Application windows 2003 server.
- Review Domain Controller Event and Security logs and take corrective actions.
- Planned and managed all migrations and upgrades related to the Active Directory.
- Create and Manage Application Groups in AD domain.
- Performed and Raise the Domain functional level from windows server 2003 to 2008 R2.
- Administration of exchange and collaboration services.
- Perform pre-and post health check for the patches installed on Exchange servers.
- Working on UNIX and LINUX integration with Active Directory using Centrify Tool.
- Perform regular Domain Controllers Health checks through DCDIAG.
- Basic knowledge on Active Directory Federation services.
- Federating with Vendors using ADFS to implement Single Sign on and Writing Customize Claims Rules to achieve multifactor authorization.
- Closely interacting with internal and external clients to translate the technical and user requirements in to application designs.
- Managing Production changes through release process on different environments like PROD/DEV/DR/QA.
- Updated Active Directory Schema from Windows server 2003 to 2008R2 in Production Environment.
- Work on Accounts Delegation, Drive Mappings and Windows Server Decommission Process
- Extensive knowledge on VSphere /VCenter /VMotion operations in VMware environment.
- Migrated legacy applications to Windows using Azure.
- Create and Apply Technical Minimum Base Standard Policies to various versions (Windows servers 2000/2003/2008 R2/2012R2) in PROD/DEV/DR/QA Environments.
- Worked with SCCM team to install and uninstall application package on users Workstations Using SCCM Console.
- Extensive experience in installation & administration of Windows NT, Windows 200X Domain.
- Part of a team that takes care of Exchange Server 2010, Outlook and Messaging (Lync 2010) issues.
- Developed custom Identity Management component to synchronize Active Directory, LDAP, and legacy systems.
- Patch management review via Power Shell script to discovered current patch status and deploy patches to effected systems, implemented Windows Update Services (WSUS) to schedule updates.
- Managing Active Directory components including Domain controller's installation, Global catalog servers, Trusts and Sites.
- Configured DNS for use with Active Directory across windows Servers 2003/2008R2
Environment: Windows 2000/2003/2008 , P2V Exchange Server 2003/2007/2010 , Windows XP/Vista/Win 7, Mac OS, VMware ESXI server, Cisco ASA 5500-x, cisco firepower 4100, HP Blade Server, iSCSI SAN/NAS, TCP/IP, Windows Powershell, Active Directory, Linux Cisco, Citrix, Cisco Nexux 3000, SCOM, UNIX, SCCM, Stratus FT series, P2V, V2V migrations, VM Convertor