When synchronizing on-prem users to Azure AD, there is a chance that Exchange attributes like msexchHideFromAddressLists are missing in Active Directory because the Exchange schema has never been updated, since there has never been a local installation of Microsoft Exchange. In that case, you could either extend the AD schema to include Exchange attributes or you could work with Azure AD synchronization rules, which is safer in my opinion.

On the Azure AD server, open Synchronization Rules Editor

Edit the rule "in from AD - User join". This will disable the rule itself and create a new one. Give the rule a descriptive name and a precedence of 50.

Under Transformations, add a new rule:

Expression msexchHideFromAddressLists IIF(IsPresent([msExchAssistantName]),IIF([msExchAssistantName]="HideFromGAL",True,False),NULL) Update

Now, you can set the attribute msExchAssistantName to HideFromGAL on the AD user. This will tell Azure AD Connect to set msexchHideFromAddressLists to true on the cloud side.

Obviously, you could use another attribute to achieve the same goal. Just change the if statement slightly.

IIF(IsPresent([msExchAssistantName]),IIF([msExchAssistantName]="HideFromGAL",True,False),NULL)

References:

https://jackstromberg.com/2018/08/how-to-hide-users-from-the-gal-in-office-365-synchronized-from-on-premises/

When using User/Device licensing in Citrix, licenses are occupied for up to 90 days, which is a long time if you have a limited amount of licenses. If you need to release them, here is how you can do it:

• Stop the service Citrix Licensing Service, Citrix License Config Service and Citrix Support Service
• Delete the following folder (or rename it, just to be sure): "C:\Program Files(x86)\Citrix\Licensing\LS\resource\cache"
• Start the service Citrix Licensing Service, Citrix License Config Service and Citrix Support Service
• Enjoy

References:

https://ulrikchristensen.com/how-to-release-unused-citrix-user-or-device-licenses/

On a Windows Server with RDS feature enabled, you might encounter an issue with Windows Update Coordinator being stuck at "Please wait while the application is preparing for the first use" during a program installation. This problem is very easy to resolve with Group Policy Editor (either locally through gpedit.msc or Domain Group Policy).

Navigate to Computer configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Application Compatibility and enable the setting "Turn off Windows Installer RDS Compatibility".

After installing the program, I would recommend re-enabling Windows Update Coordinator by disabling the GPO setting or leaving it at "Not configured".

If you have users complaining about incomplete search results on RDS Server 2019, especially in Outlook, this registry key might fix the problem. It did fix mine.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search

DWORD EnablePerUserCatalog 0

This will create the index database under C:\ProgramData\Microsoft\Search\Data\Applications\Windows rather than in the user's AppData folder. It should look something like this:

On old Windows Active Directory environments, you might need to upgrade the Sysvol share from File Replication Service to Distributed File System Replication. This is very easy to do and it should be done asap in your environment.

Unfortunately I do not have screenshots to share with you, but here are the steps:

With dfsrmig /getmigrationstate you can see the status of the migration. Dfsrmig has 4 states starting from 0:

• State 0 - started
• State 1 - prepared
• State 2 - redirected
• State 3 - eliminated

Step 1:

dfsrmig /setglobalstate 0

Wait untill all Domain Controllers have the state "started". You can check the state with dfsrmig /getmigrationstate. Be very patient as it might take some time to replicate changes particularly if you have Domain Controllers on remote offices.

Step 2:

dfsrmig /setglobalstate 1

Wait until all Domain Controller have the state "prepared". You can check the state with dfsrmig /getmigrationstate. Once again, be very patient and double check the output.

Step 3:

dfsrmig /setglobalstate 2

Wait until all Domain Controller have the state "redirected". You can check the state with dfsrmig /getmigrationstate. Be very patient and double-check the output.

Step 3:

dfsrmig /setglobalstate 3

Wait until all Domain Controller have the state "eliminated". You can check the state with dfsrmig /getmigrationstate. Be very patient and double-check the output.

In addition to the last migration state, make sure the File Replication Service service is disabled on every Domain Controller.

References:

https://www.rebeladmin.com/2015/04/step-by-step-guide-for-upgrading-sysvol-replication-to-dfsr-distributed-file-system-replication/