Sign in

Active Directory Manager

September 17, 2018

Contact this candidate



(Active Directory Engineer)


EMPLOYER: Frederik

Professional Summary

Professional Experience on Windows, Active Domain Services and VMware administration.

Renovate, design and implement Microsoft Active Directory (Access Controls, Group Policy, Kerberos Authentication, naming standards, trust relationships, best practices, security policies and standards). Ensure all Directory Services solutions and Operating System designs are secured and HIPAA/FERPA compliant. Assist with security incidents and provide digital forensic analysis as required by ISO.

Experience with Virtualization technologies like Installing, Configuring and administering VMware ESX/ESXi and created, managed VMs (virtual server) and also involved in the maintenance of the virtual server.

Windows and VMware with Core Experience with Active Directory Administration and VMware virtualization technologies and Sr Operations Support.

Experience with NetIQ Directory Resource Administrator (DRA) product requires regular read and write access into the Active Directory Domains, and any Office 365 tenants managed by each DRA Server.

ensure this process occurs in a timely manner each DRA Server will cache a limited number of properties about all AD object types supported by DRA

Implementing, Maintaining AD Infrastructure as a service in Microsoft Azure cloud platform

Ability to install, configure and administration of VMware ESX, ESXi within vSphere 4.x and vSphere 5.x & 6.x environments

Consolidated Backup, DRS, DPM, vMotion, VMware Data Recovery, VMware Site Recovery Manager (SRM), vCenter Operations Manager, and VMware View desktop virtualization infrastructure (VDI)

Implementing, Maintaining AD Infrastructure.

Providing security for servers using iptables, ssh, Kerberos

Install, configure and maintain VMWARE ESX virtual environment

Installed, configured, and maintained multiple production and development servers

Designed and maintained both Solaris and Red Hat Linux infrastructures

Provided system and log analysis, performance tuning, and monitoring.

Maintained and support eTrust Access Control and KERBOS for all UNIX user accounts

Troubleshooting Web Logic, Tibco, and java related problems in production, staging and QA environment

Installed, configured and provide support for the LDAP in the development, testing, staging and production environment

Design and configuring AD Forests, Domains, Trusts, Group Policy, OU's, promotion & demotion of domain controllers.

Worked on Vcenter Server 5.0 4.0, 4.1 and Virtual center server 3.0 for managing multiple ESX servers.

An Active Directory Engineer Designing, implementing changes, troubleshooting, supporting Enterprise Wide Windows Active Directory environment composed of Multi-Forest environment with different Trusts, Multi-Forest migration and creation, multiple Domain environment, multiple domain consolidations and retirements, Sites and Services, Site replications, domain controllers holding different FSMO roles, DNS troubleshooting,

User base accounts of 15,000 and Windows server count of 2,000 running different flavors of Windows Operating Systems such as Windows 2012 R2, Windows 2008 R2 and Windows 2003.

Involved in Designing domain Solutions such as Domain consolidation and trust creations both Forest level and Domain level.

Supported and implemented Active Directory in relation to PCI DSS (Payment Card Industry Data Security Standard) best practices and guidelines to protect credit card information through the use of audit policies, control access via security groups and network segmentations.

Exposures with Azure Active Directory compatibility. Extensive experience in deployment, migration, patching and troubleshooting of windows 2008 and 2012 R2 Domain Controllers in Active Directory.

Monitoring the Active Directory Replication status of the Domain Controllers.

Active Directory Services, DNS, Lync Administration, Power Shell in a very large network.

Expertise in Active Directory design and support (Group Policy Object (GPO), Active Directory (AD) Schema, Organization Unit (OU), LDAP, Sites, Replication, etc.)

Creating and Linking Group policies for Windows Server in AD domain.


VMware VMware vSphere 4.0/4.1/5.0, vCenter Server 4.0/4.1/5.0, ESX 3.5/4.0/4.1/5.0, VMware Update Manager, HA, DRS, FT, vMotion, Storage vMotion, VMware Capacity Planner, VMware Workstation,

Active Directory Skills Active Directory Design, Active Directory Replication, Active Directory Maintenance and Troubleshooting, Azure Active Directory, Group Policy Management, Group Policy Design and Structuring, Group Policy, Troubleshooting, DNS Server Management Zone, Design DNS Server Troubleshooting, DHCP Server Design and Maintenance, PKI and Certificate Server Design and Maintenance, IP Address Management, Access Control, Design PowerShell Scripting, ITIL Foundations and MOF Guidelines

Windows Administration Configuration of DHCP and DNS, installation and configuration of VPN client, Windows Server 2003/2008/2012R/2016 - installation and configuration, installation and configuration of Active Directory creating users and groups, setting user access controls, domains creation and setup.

Networking OSI Reference Model, IPv4 and IPv6 addressing and subnetting, Ethernet LAN, TCP/IP, UDP, switches, routing concepts, virtual network concepts including vSwitches, VLANs, dvSwitch, TCP/IP stack for virtualization, configuration of printers and, scanners.

Hardware HP ProLiant DL380 G5/G6 Intel Xeon, HP ProLiant DL385 G6/G7 AMD Opteron, Dell PowerEdge 2850, 2950, R710, HP BL 460c G5/G6 blade servers, C7000 HP Chassis. NetApp V6000 Series.

Operating Systems: Windows servers [2000, 2003, 2008, 2008 R2, 2012, Windows client OS XP/Vista/Windows 7.

Work Experience

Hughes Network System, Germantown, MD May2017 – Present

Active Directory Engineer/SME

Key Roles

Reviewed Active Directory and exchange structure and made recommendations for changes to follow Microsoft best practices

Extensive professional experience in Windows R2/2012 R2 Servers, Active Directory.

Experience in troubleshooting AD issues (DNS, Replication, Server related issues & User related issues)

Expertise in Migration Using Quest Migration Manager Tool for Active Directory

Active Directory Recovery (Quest Recovery Manager, ADrestore, LDAP and Authoritative Restores).

Experience in installing, configuring SiteMinder policy server, Web agents, Netegrity Transaction Minder, Active Directory server (LDAP) and various Web & Application servers.

Expertise in managing the users and objects using Identity Manager

Managing Backups and restore of domain controllers using Dell Recovery Backup Manager Tool.

Experience in PowerShell scripting.

Created custom network scanner in PowerShell to populate asset database.

Maintained custom PowerShell scripts that interact with Office 365, Active Directory, SQL, and VMware.

Developed PowerShell script for VM Machines & VM Host reporting

Developed PowerShell script for SQL Reporting

Experience with NetIQ Directory Resource Administrator (DRA) product requires regular read and write access into the Active Directory Domains, and any Office 365 tenants managed by each DRA Server.

Ensure this process occurs in a timely manner each DRA Server will cache a limited number of properties about all AD object types supported by DRA.

Handled operation performed by a DRA Server requires information about a specific AD or cloud object, that DRA server will look to its local off line cached.

Support AD object attributes not stored within our cache, the DRA Server will issue a call directly to a specific Windows Domain Controller or Online Office 365 portal to obtain these properties.

Sync FROM AD or the Office 365 Tenant TO DRA.

Used Windows 2000 and later uses Kerberos as its default authentication method.

Used Kerberos preferred authentication method: In general, joining a client to a Windows domain means enabling Kerberos as default protocol for authentications from that client to services in the Windows domain and all domains with trust relationships to that domain.

Used Intranet web applications can enforce Kerberos as an authentication method for domain joined clients by using APIs provided under SSPI.

Handling refresh updates will pick up any changes made to an AD or Cloud object since the last cache refresh.

Monitoring the Domino mail servers across the country for mail routing, Database quotas and access, web-mail access, Cluster replication, database replication, server tasks, server health etc.

Register, rename, recertify, and delete users, move users to new certifier, move users’ mail files to Different server, modify person docs, database access issues, out of office agents, modify location Docs, creating mail-in databases, distribution lists, ACL only, Mail only, and Multi- Purpose Notes Groups etc.

Determining causes of delivery failures through message tracking, tracert, and examination of server Log file and configuration etc.

Providing daily monitoring, analysis, troubleshooting & management of around 13000 Lotus mail users. Troubleshoot mail routing problems (Trace mail)

Installing and configuring Lotus notes R-6/6.5. Replication & archiving of mail & other databases

Assisting and training help desk technicians.

Involved in Virtualization / Decommission of SiteMinder policy servers and Sun One Ldap servers across multiple data centers.

Involved in detailed setup for troubleshooting and implementation of support procedure.

Experience in configuring multiple LDAP instances and defined LDAP Schemas.

Defined and maintained Sun and Active Directory (LDAP) security models

Administered policy and user stores using the Sun ONE Directory servers while also providing redundancy and availability.

Managed Group Polices, Security groups, and file shares for Trinity enterprise

Used Operating System Deployment (OSD) module of the Microsoft Deployment Toolkit (MDT) to create automated server builds for both physical and in VMware ESX 5.5 environments

Also used PowerShell scripts to automated server builds for both physical and in VMware ESX 5.5 environments.

Experience in installing, configuring and managing infrastructure using VMware technologies viz. ESX/ESXi 4.x/5.x/6.x, vSphere 5.0, vCenter, VMware View 5.0/5.5, 6.0VMware vCenter Converter etc.

Expertise provisioning, building, installing and configuring and support of Windows 2012/R2/2008/R2/2005/2003 Servers, upgrading Windows Server 2003 to Windows 2008 and 2012 on both physical and virtual machines to ensure server compliancy as part of the upgrade/build process.

Strong knowledge and experience on VMware and VMware vSphere 5 features including Virtual SMP, Storage DRS, profile driven storage, auto deploy and vSwitches design.

Converted many (P2V) physical servers to Virtual Machines using VMware vCenter Converter part of decommission legacy server’s effort.

Experience in Network configuration on ESX servers which include NIC teaming / Bonding for Failover and Load Balancing purpose, VLAN's etc.

Experience with Microsoft Network Load Balancing and Microsoft Clustering technologies.

Troubleshoot System Center Configuration Manager (SCCM) Client issues so that Patch deployment had a higher success rate.

Did design and architecture work for up grading enterprise from Active Directory 2008 to 2012

Did Domain Controller promotions on 2012 member servers

Did Domain Controller Demotions to eliminate 2003 DCs

Served as Active Directory Federation Services (ADFS) Subject Matter Expert

Configured VMware Templets to be deployed into the enterprise environment

Created Windows Management Instrumentation (WMI) queries in System Center Configuration Manager (SCCM) R2

Created SCCM server baselines to secure all enterprise servers to remedy finding in a security audit

Experience in Rack and Stack HP ProLiant DL servers (DL580s), Cisco UCS blade B200 M3 including power and network cabling, managing multiple hardware configurations & ensuring power, network redundancy of all servers.

Experience writing both Power Shell and PowerCLI scripts to automate Virtual Machine builds and DNS entry configurations.

Excellent interpersonal, communication and organizational skills with the ability to interact effectively with employees at all levels within the organization

Client Focus, Atlanta, GA Jan 2016 – Dec 2016

Systems Engineer

Key Roles

Install, configure and maintain VMWARE ESX virtual environment

Installed, configured, and maintained multiple production and development servers

Performed VMware storage migration of around 700+ VMs from one datacenter to another.

Provided system and log analysis, performance tuning, and monitoring.

Maintained and support eTrust Access Control and KERBOS for all UNIX user accounts Implemented Proof of Concept for Oracle Identity Manager.

Installed VMware ESX server6.0/5.5 and created virtual machines on ESX Servers. Created standard templates and deployed virtual machines from these templates.

Implemented Proof of Concept for Active Directory Lightweight Directory Service. (AD LDS)

Design and Deploy AD LDS as authentication store.

Design new solution to integrate all applications through one authentication store using AD LDS.

Design Single Sign On (SSO) through Claims-Bases authentication using Active Directory Federated Service (ADFS)

Upgrading of ESXi from version 5.5 to version 6.0 while keeping the VMs in maintenance mode.

Configuring HA, DRS in cluster and perform VMotion, S VMotion of the servers on demand.

Monitoring and reporting the health status of VMware Horizon View VDI environments and vSphere environments using vCOPS/vROPS.

Design and Deploy AD LDS as authentication store.

Managing and maintaining CA (Certificate Authority Server).

Managing and maintaining group policy (Citrix, terminal server, adrms, CA enrollment.

Installation/Configuration/Troubleshooting of Windows Server 2003/2008 and Active Directory.

Windows 2003 and 2008 troubleshooting.

Involved in AD migration, Aware Quest and AD Migration tool.

Helping to team to rectify the issue.

Used Kerberos preferred authentication method:

Used Intranet web applications can enforce Kerberos as an authentication method for domain joined clients by using APIs provided under SSPI.

From physical server racking, SAN fiber connections to installation and Setup of ESXi 5.1 hosts as well as the corresponding Virtual Machines guests for production and test environments.

Setup for new production servers involving RAID configuration, VMware Tools installation, Service Packs, Security Updates, Domain join, WSUS, NBU installation, ePO management, iLO setup and other.

Monthly Windows Updates deployment using WSUS in a two days schedule to serve East and West divisions.

Regular Administration of an environment comprising of 90 ESXi Servers 5.1 in vSphere 5.1 with 1490VM's across 2 Datacenters.

Experience in Configuration and Installation of ESXi Servers 5.1 using normal GUI Installation with ILO.

Knowledge of VMware Update Manager and manual Upgrade to ESX servers, creating baselines and pushing the patches for the ESX servers. Updated 24 ESXi servers from 5.0 to 5.1 manually.

Used Power CLI on ESXi server administration to fix descriptor file for delta disks, relocating VMDKs and restoring VMs to vSphere.

Experience on ESXi, vSphere Troubleshooting, Host Profiles, vDistributed Switches, HA, DRS, vMotion, Storage vMotion, FT, Resource pools, vCenter Permissions, Snapshots, Disk expansions, Templates.

Mentored three coworkers to reduce deployment times by creating templates with Quickprep and cloning, P2V, migrating between ESXi servers in the cluster, fixing ESXi issues, CPU, BSODs.

Knowledge in using SQL Server 2008 Cluster for vCenter server.

Experience in P2V and V2V process for Windows Environments using VMware vCenter Converter.

Configuring vSwitches for Port groups, NIC Teaming, Traffic shaping, Load Balancing VLAN tagging, Failover and Security Policies on the vNetworks and Basic Knowledge of Network I/O Control.

Experience in storage provisioning process with NetApp, zoning, and volume and LUN creation.

Knowledge in provisioning in Windows 2003/2008/2012.

High observance of specific time resolutions for Critical, High and Standard incidents using Remedy for Tickets, Incidents, Change Call management and Work Requests. Provided root cause analysis for any single production stop issue.

Migrated from Windows Server 2003 to Windows Server 2008 R2 by either an in-place upgrade or creating a brand-new server to replace the old one.

Administration, management, troubleshooting on the Microsoft Activation Status, clustering, and consolidated control by deploying SCCM 2007 solution for Update Management and OS Deployment for Windows Server 2008.

Fortune Data Product, India May 2014 -Aug2015 Office 365 /Exchange Engineer

Key Roles

Provide L1/L2 level Support for Exchange, Office365 and LYNC related issue.

Experience administering and Planning, Deploying and Configuring Exchange 2010 and 2013.

Migration Experience from Lotus to Exchange 2010/13 servers and Migration from Exchange2010/2013 to Office365.

Pre- Migration Activity, Bulk mailbox migration, migrated from lotus notes and Exchange to Office365 and Post Migration Management Experience.

Office 365 Deployment, Implementation and administration support experience.

Migration Experience from Google apps to Office365.

Migration of SharePoint sites to office365 sites using Share Gate.

Setup New servers for production environments for SharePoint Server 2013 and 2010

Google drive to One Drive migration experience.

Binary Tree and Quest Migration Manager Tool experience in office 365 migrations.

Migration Experience from POP/SMTP to Exchange 2010 servers.

Managed Active Directory site; replication schedules, site links and boundaries, used ADUC to create and manage computer, user and group accounts in an Active Directory environment.

Managing entire AD replication, trust relationship, and lingering object related issue. Cross Forest Migration Experience.

Managing mailbox server’s and databases by clearing white space, restricting users with mailbox limit, mail recipient limit.

Mailbox Creation and Shared Mailbox Creation and rename & delete Mailbox. Configuring and managing mail routing and connectors.

Configure Outlook Client, OCS, LiveMeeting and LYNC.

Resolving Outlook free busy, calendar and LM issue.

Used Shell Scripting for windows and server patching. Administration tools using PowerCLI.

Installing, configuring, administration of Windows 2003/2008/2012 Servers, Active Directory Services, DNS DHCP, FTP, LADP, WSUS, IIS Web Server and SQL Database Server, System Management Servers (SMS) Servers.

Installation, configuration, and deployment of SCCM 2007 and SCCM 2012 for imaging and deployment of applications and Operating Systems.

Configured automatic updates for network clients by using Group Policy.

AD user creation & group creation, hardening the server with appropriate credentials. File and Folder share permissions

Group Policy update and configuration needed for WSUS patching & User level permissions

Managed multiple Domain Active Directory forest with 4,000+ users.

Creating and updated network shares, adding permissions software and groups for users through Active Directory

Webcure Infotech, India April2013 -April2014

Desktop Support Engineering

Excellent troubleshooting skills in complex software and hardware problems.

Troubleshooting of personal computers on line support to customers connecting their computer problems.

Provided customers with updates and status of their request, issues or project accordingly.

Set up, and configured networks, desktops, laptops and printers.

Desktop Imaging Installing & repairing Windows OS and Maintaining the LAN printers and print server.

Installing supportive software’s & drivers coordinating with Windows & Network team for touch support on Data Center Coordinating with vendor on Data center support Collecting & maintaining PC.

Provided exceptional service for multiple end users daily through assigned ticketing system.

Diagnosed, installed, configured and repaired computer systems and software.

Diagnosed network problems involving a combination of hardware, software, power and communications issues.

completed online training in Windows Server 2012 Administration, Introduction to Databases and SQL Querying, Microsoft Excel 2013 and now I am working on my CompTIA A+ Certification.

Performed on-site/remote IT support to 300+ employees and customers.

Experience in answering helpdesk calls and troubleshooting over the phone or using remote tools

Responsibilities include phone support, handling minor triage issues with basic troubleshooting and escalating all other issues to Level 2 and 3 supports.

They will also be maintaining, developing and supporting personal computers, servers, local and wide area network, software, and data communications technologies throughout the Firm, to maximize Firm-wide productivity and minimize system downtime.

Contact this candidate