Active Directory Manager
Resume:
P.G. Nandan
Active Directory Engineer
aczgwk@r.postjobfree.com
SUMMARY: -
IT Professional with around 6+years of experience in Systems and Network administration with a primary focus on installation and administration of Windows Servers, Active Directory Services (WINS, DNS, DHCP), HP, UCS blades.
Excellent experience in configuration of Data Domain Storage units in Symantec Net backup.
Expertise in Migration Using Quest Migration Manager Tool for Active Directory.
Expertise in active directory design and support (GPO’s, AD Schema, OU’s, LDAP, Sites, Replication, etc.).
Assisted in designing, implementing and evaluating applications, systems and utilities relevant to Active Directory services.
Experience in Migrating Users, Groups, Workstations and Application window Servers from Source Domain to Target Administration of user Accounts, Groups, Resources, Security, Backup strategies in window Servers 2003/2008R2/2012.
Experience with DCPROMO process and configuring AD Site, OU structure, Site Link, DNS, DHCP, WINS, Global Catalog server, directory services, subnet mask, DNS forwarders, Reverse Lookup.
Expertise in managing the users and objects using Identity Manager.
Expertise in creating new Technically Minimum Base Standards Group Policy’s in PROD/QA/DEV/DR Environments.
Experience in managing Active Directory Domain Controllers, DNS and DHCP Servers.
Monitoring connectivity, synchronization, replication, net logon, time services, FSMO roles, AD schema, NTDS database.
Expertise in deploying applications software on user workstations through SCCM console.
Experience in installing, maintaining and managing various rack mounted and Blade servers from CISCO UCS, Dell, HP, and IBM.
Having good knowledge on CITRIX 4.5 and 6.5.
Extensive experience with Active Directory, GPO’s, DHCP, DNS, IP, Sub Nets, VPNs, VLAN, Network routing, firewalls, LAN/WAN switching and Backup & Recovery, File & Print Server, IIS (Web Server), FTP, Terminal Server.
Expertise in Migrating Group and Exception Policies from one domain to other domain in AD forest.
Documentation of all problem tickets and updating knowledge base.
Used VMware for testing various applications on different operating system.
Experience in Migration Using Quest Migration Manager Tool for Active Directory.
TECHNICAL EXPERTISE:
Systems
Windows Server 2000/2003/2008R2/2012R2,
Backup
Replication manager, Recovery point
LDAP Directories
Active Directory
Tools
Quest Migration Manager V8.8 & V8.10, VMware (ESX, GSX, Server and Workstation),
Exchange 2010/2013
Workstations
Windows XP, Windows 7
Scripting Languages
Power Shell
Databases
SQL server 2000/2005, DB2 and MS Access
Networking
DNS, WINS, DHCP, TCP/IP
Virtualization
Hyper-V, VMware
Ticketing
CA Service Desk, Lotus notes, Tracer
Education Details: -
Masters in Computer Science Engineering from University of NH Manchester USA.
Bachelors in Computer Science Engineering from Manipal University Bangalore India.
WORK HISTORY:
Dakota Health System, Bismarck ND Mar’16 to till date
Active Directory Engineer
Responsibilities:
Successfully Migrated to Windows 2008 R2 x64 Active Directory Single Forest and Domain Architecture.
Implemented successful migration for 1000s of User, Computer and Group accounts with SID History.
Created AD Group policies to Enforce Domain and OU Level Security of Users and Computer objects.
Migrating Users, Groups, Workstations and Application windows servers from source domain to Target domain using QMM and AD Domain.
Designed process for DNS zone migration from legacy storage to application partition storage
Security threat detection and countermeasures, protect from enumeration and scanning
Penetration testing methodology as defined by the EC Council
Security in depth
Designed and deployed Virtual lab environment based on leading tier 1 hypervisor
Cross platform authentication (Unix to Windows)
Server/OS hardening methods
Privileged Access Management system deployment, Password vaulting, Privileged session recording.
Developed power-shell scripts to rename and resuming the windows after reboot.
Developed power-shell scripts to automate the setting of user credentials and activation of windows.
Install office 365 for the users and add respective users into their own domain.
Performed Windows servers patching using SCCM console.
Provide custom certificate template for VPN to allow access to different network segment.
Configure constrained delegation in Active Directory for Kerberos enabled applications.
Worked on Public Key Infrastructure (PKI) certificates.
Troubleshoot Kerberos authentication and constrained delegation.
Network trace analysis, Netmon and Wireshark for packet analysis.
Operating System security hardening of Domain Controllers across the enterprise
Part of a team that takes care of Exchange Server 2010, Outlook and Messaging (Lync 2010) issues.
Developed custom Identity Management component to synchronize Active Directory, LDAP, and legacy systems.
Performed cross platform audits of Active Directory objects and user permissions using Identity Manager.
Install office 365 for the users and add respective users into their own domain.
Environment: Windows 2008, NetApp 8K series, ONTAP, Outlook 2010/2013, Created AD Group policies, Windows Azure AD, IPv4 configurations, SCCM Console, VMware servers, Identity Management, ADFS, LDAP, Office 365, QMM, DHCP, DNS and WINS, VPN
Hughes, German Town, MD Feb’14 – Jan’15
Active Directory Engineer
Responsibilities:
Support multiple AD forests, including multiple domains forest with over 10 domains, 60 domain controllers and 40 AD sites, running on Windows 2003, Windows 2008, 2008 R2 and Windows 2012
Planning intra forest migration to consolidate multiple child domains. Provide procedures, documents, customize accounts migration with pre/post task to minimize user’s impact after migration.
Planning and implement data synchronization between external data to AD.
Customize update certain data fields from HR data to multiple attributes in AD user object.
Deploy, Manage and troubleshooting of windows 2008R2 Domain Controllers in Active Directory.
Implemented Power-shell scripts to generating automated reports.
Implemented Power-shell scripts to automate creation of contacts from Active directory users.
Creation of Identity Management process, strategy, best practice and architecture documentation including Access Management, Password Management, DAP Management, Provisioning, Delegated Administration.
Worked with developer to troubleshoot LDAP connection to query multiple AD domains
Experience in installation and configuration of Microsoft SQL Server 2000 and 2005.
Automated user accounts to force password change for every 30 days with Group policy.
Hyper-V installation and configuration in Windows.
Provide expert technical knowledge and support for Microsoft Active Directory 2003/2008R2.
Active Directory administration, infrastructure, process, procedures, monitoring, and projects – Active Directory Win2008R2.
Third level support for DNS, DHCP, DFS, group policy.
Implement ADFS and Dir-sync for deployment of Office 365.
Environment: Windows 2008, 2008 R2 and Windows 2012, DNS, DHCP, DFS, ADFS, LDAP, Office 365, Group Policy, Identity Management, VMware
Excel Soft Technologies Pvt. Ltd, India June’13 –Jan’14
Windows Admin
Responsibilities:
Design, Deploy and migrate Windows 2000 domains to join new Windows 2003 forest.
Migrating users and groups from windows 2000 domains to windows 2003 domains using Aelitas tool
Windows 2003 Servers deployment and Configuration
Managing Active directory, DNS, WINS and DHCP Servers
Active Directory Services -- Managing Users & Other AD objects
Developed custom web based self-service identity management website
Planning and configuring new internal & external websites
Developed power-shell scripts for backup and restore for windows.
Created tenant account in Office 365 for domain
Installation and configuration of VMware Esx 5.1/6.0 servers.
Creating, deploying, renewing and Import & export of the SSL certificates
Manage Check Point VPN-1 & Firewall-1 security policy
Coordination with application development teams for issue troubleshooting
Work on Accounts Delegation, Drive Mappings and Widows Servers Decommission Process
Create and Link AD policies to windows Servers 2003 in PROD & QA Environments.
Monitoring/Analyzing/Troubleshooting Active Directory Replication in Multi Domain Environment.
Tracking and documenting Active Directory production support issues
Environment: Active Directory, DNS, WINS, DHCP, Identity Management, Windows Servers, Drive Mappings, VMware, Office365.
EBay, San Jose, CA Feb’12 – May’13
Active Directory Engineer
Responsibilities: -
Active Directory Engineer/Enterprise Administrator for large multi-national corporation
Responsible for third level engineering of Windows Active Directory Domain Services based on Server 2012 R2
Migrated the corporate Active Directory from Server 2008 to Server 2012 R2
Server 2012 Active Directory development testing
Server 2012 Active Directory deployment to production
Manage Active Directory integrated DNS zones
Designed process for DNS zone migration from legacy storage to application partition storage
Security threat detection and countermeasures, protect from enumeration and scanning
Penetration testing methodology as defined by the EC Council
Security in depth
Designed and deployed Virtual lab environment based on leading tier 1 hypervisor
Cross platform authentication (Unix to Windows)
Server/OS hardening methods.
Privileged Access Management system deployment, Password vaulting, Privileged session recording.
Configure constrained delegation in Active Directory for Kerberos enabled applications.
Troubleshoot Kerberos authentication and constrained delegation.
Network trace analysis, Netmon and Wireshark for packet analysis.
Operating System security hardening of Domain Controllers across the enterprise.
GPO development and implementation.
OU structure design and implementation.
Cross forest/domain migration of users for acquisition and removal from the enterprise
Designed and deployed VM host environment for pre-production and development testing
Extensive knowledge on VSphere /V Center /V Motion operations in VMware environment.
Linux administration on Ubuntu 12.04 LTS and Red Hat Enterprise Linux
Designed process Sysvol migration from FRS to DFSR completed in production environments.
Implemented Microsoft System Center Virtual Machine Manager to manage and provision Virtual Machines in both production and integration.
Environment: Active Directory, Ubuntu 12.04 LTS and Red Hat Enterprise Linux, VMware, FRS to DFSR, Netmon and Wire shark for packet analysis, EC Council, DNS zones.
HDS, Santa Clara, CA Jan’10-Feb’12
Active Directory Engineer
Responsibilities: -
Support multiple AD forests, including multiple domains forest with over 10 domains, 60 domain controllers and 40 AD sites, running on Windows 2003, Windows 2008, 2008 R2 and Windows 2012.
Planning intra forest migration to consolidate multiple child domains. Provide procedures, documents, customize accounts migration with pre/post task to minimize user’s impact after migration.
Planning and implement data synchronization between external data to AD.
Customize update certain data fields from HR data to multiple attributes in AD user object.
Automation stale user and computer accounts clean up to compliance with company policy.
Research and deploy companywide private enterprise public key infrastructure using MS CA servers for encryption file system, two factor authentications, code signing, server SSL.
Automation certificate revocation for account management.
Provide custom certificate template for VPN to allow access to different network segment.
Provide solution for wireless access by custom certificate template base user account.
Complete Active Directory AD health check with MS Engineer to fix more than 100 issues in companywide forest, modify Active Directory topology to enhance replication and authentication operations.
Provide solution for various applications connect direct/indirect to AD database for user authentication.
Work with developer to troubleshoot LDAP connection to query multiple AD domains.
Third level support for DNS, DHCP, DFS, group policy.
Implement ADFS and Dir-sync for deployment of Office 365.
Environment: Windows 2008, 2008 R2 and Windows 2012, DNS, DHCP, DFS, ADFS, LDAP, Office 365, Group Policy.
Contact this candidate