Mohammed Waqar

Sr Active Directory Admin

US Citizen
Total IT Experience 8+ years
Summmry:

 Experience in deploying virtual networks and upgrading systems, including hardware, software, networks,
databases, servers and peripheral equipment.
 Worked as a Microsoft Active Directory Consultant, Role consists of Design and architecture of Identity &
access Management tools and products Like Microsoft Active Directory, AD Federation Services, Azure and
AWS cloud virtual domain controllers.
 Extensive experience in Windows 2012/2012R2/2008R2/2008/2003/2000/NT4.0 Servers at single or multi
domain platforms.
 Worked on VRealize Creating single tenant or multi- tenant and modifying the default tenant according to
client requirement in VRAC
 Experience with setting up connection servers, security servers in Horizon clusters , integration with active
directory , multi-factor authentication
 Successfully configured ESX servers for HA and DRS capabilities.
 Design / troubleshoot / support of windows 2000, Windows 2003/NT, Linux based systems. Application
support for Intel based Architectures
 Managing Azure Active Directory and AAD Reporting.
 Registering computers to Azure AD and Hybrid Azure AD.
 Troubleshooting Device Registration issues.
 Experience with RedHat 7.x, Server Administration and Management.
 Working for Microsoft Azure technologies into Identity platform.
 User authentication to application and portals
 Hybrid cloud infrastructure configuration
 AD migration from local to cloud using dirsync/AAD connect
 Worked as a Sr Microsoft Active Directory Consultant Experience in Active Directory, GPOs, DNS, DHCP,
File & Print Server, IIS (Web Server), FTP, Terminal Server, NAT, Microsoft Clustering.
 Motivated, enthusiastic, and pro-active System/Network Administrator with an excellent 'can-do' attitude.
Expert in Windows Server System Administration skills.
 Experience in with Virtualization technologies like installing, configuring, VMware vSphere. Creation,
management, administration and maintenance of virtual servers and clients.
 Experience in Networking configuration & Security Configuration on ESX Host.
 Extensive knowledge in advance features of ESX VMOTION, SVMOTION, HA and DRS.
 Experience in P2V, V2V MIGRATION using VMware Converter. Creating host and client VM templates and
cloning.
 Experience in iSCSI SAN, NAS, and NFSstorage and RAID concept.
 Extensive understanding of networking concepts, (IE. Configuration of networks, router configuration and
wireless security, TCP/IP, VPN, Content Filtering, VLANs, and routing in LAN/WAN, Ethernet Port, Patch
Panel and wireless networks.)
 Experience in Microsoft Office Suite, Open Office, Visio, Outlook, Printing, and Windows networking.
 Experience with x86 / x64Intel, HP, IBM & Dell hardware like rack-mounted servers, tower servers,
desktop, laptop and other peripherals.
 Familiar with Data Center/Server Farm environment like Servers deployment, Cabling & labeling
maintaining AC cooling, Environmental Sensing Devices, power and UPS monitoring.
 Strong communication and people skills, both written and verbal. Able to assess and resolve client issues
quickly. A proven record of reliability, the ability to perform under time constraints, and good judgment
under pressure.
 Ability to maintain a reliable and methodical approach to support and Documentation. Quick learner,
highly motivated team player with excellent organizational and analytical skills.
 Experience installing desktop images using Windows Deployment Services.
 Knowledge of Cisco Routers/Switches, firewall, load balancers and TCP/IP protocols.
 Work experience on Hyper-V and private cloud.
 Active Directory administration (administration of SCCM collections via group policy).
 Analyzed SCCM OS deployment issues.
 Strong knowledge of AWS services.
 Strong working knowledge of ADFS.
 Strong working knowledge of LDAP.

TECHNICAL SKILLS

Virtualization Products: vSphere3.x/4.0/4.1/5.0, Workstation 6 and 7, ESX Server 3.x/4.x/5.x, vCenter

Server 3.x/4.x/5.x, DRS, HA and FT, VMWare Capacity Planner, VMWare Stand-
alone Converter 3.0/4.x/5.0, VMware Update Manager, VMware Virtual Desktop
Infrastructure (VDI), VMware View, View Connection Server, View Composer,
ThinApp, App Volume, VmSight, VMware NSX, vCloud Suite, vCloud Director,
vRealize Operations Manager , vRealize Orchestrator Platespin, , vRealize
Automation, VMWare Site Recovery Manager ,Microsoft Hyper-V, Citrix Xen
Server.
Operating System: Windows Server NT 4.0/2000/2003/2008/2008R2/2012/2012R2, Windows
XP/Vista/7,8,10, Wintel.
Application Servers: Microsoft Active Directory 2000/2003/2008/2008R2/2012/2012R2, Microsoft
Exchange 2003, 2007,2010. DHCP, DNS, WINS, Spring Frame Work, IIS
6.0/7.0,LDAP, Apache.
Database Servers: SQL Server 2005/2008/2008 R2 Standard/Enterprise.
Backup Solutions: VMware VCB, Symantec NetBackup 6, HPDP, Arcserve
Hardware: HP Proliant Servers, HP Rackmount Servers, Dell PowerEdge Servers T series,
Network Interface Card, Multi Serial Port Adapter, Printers, CD/DVD Drives,
iSCSI/SATA Hard drives and Floppy drive, Routers, Switches, Hubs, SDSL/ADSL
Modems, Audio/Video cards.
Programming Skills: C, C++, Powershell, VB script, Batch scripting, PowerCLl.
Union Bank, Glendale CA Aug 2016 – Present
Title: Azure/Active Directory Administrator

 Active Directory Installation & Configuration, Group policy management, DHCP, DNS, NPS administration
on Windows Server 2012/R2
 Configuration of Azure AAD Connect Synchronization Tool.
 Power Shell scripting and automation of routine tasks
 Deployment of software packages, Operating System and windows patches through SCCM server.
 Upgradation of SCCM 2012 to SCCM Current Branch
 Troubleshooting experience on Windows Client OS like Windows7 and Windows8
 Basic knowledge on VMware
 Used exchange 2016 for better performance
 Managed VMware ESXi 5.5 and 6.0, 6.5 VSphere Infrastructure
 Installed and configured VMware NSX manager in vCenter at 5 customer sites
 Troubleshoot issues on VMs, ESXi hosts, vCenter Servers, NSX agent failure installation on ESXi hosts
 Use Group Policy Administrator (GPA) tool to edit and implement GPOs in PROD and DEV domains
 Audit GPOs in PROD and DEV domains to point out inconsistency in GPO settings.
 Create Service Principal Names (SPNs) for SQL and SAN Keytabs in PROD and DEV domains.
 Import and link member servers’ baseline GPOs and WMI filters from PROD domains to PRE PROD
domains.
 Audit OUs in PROD and PRE PROD domains to have same OU structure by creating/deleting OUs in PRE
PROD domains.
 Managed and supported exchange servers. 
 Utilized AWS to set up Virtual Private Clouds (VPCs) for Management, Production and Testing
environments with customer operational requirements and parameters.
 Administration on Symantec Endpoint protection Manager (SEPM)
 Managing Office 365.
 Experienced in assessment, design, pilot and upgrades/implementations of enterprise directory services
technologies.
 Active Directory, LDAP and Kerberos
 Group Policies (GPO)
 Developed Exchange Migration Script to automate the migration of users, groups and shared accounts
from Exchange 2010 to Exchange 2013. Building new Golden images for Persistence and Non-Persistence
desktops for VDI Environment. 
 Azure Active Directory
 Microsoft/Quest/Dell Migration Tools
 Office 365 Migration participated as part of a team responsible for migrating Exchange 2013 to Office 365
Online. Setup rules for SPAM filtering & Blacklist and Whitelist Email Address/Domain in the cloud and TLS
connectors. 
 Active Directory Federation Services (ADFS), AD Connect, SAML, web Single Sign-on (SSO), OAuth and
related authentication technologies
 Microsoft Public Key Infrastructures
 Deployed in the cloud and on-premises using Amazon Web Services (AWS) and Single- Server support
 Federated identity systems (Microsoft ADFS,).
 Troubleshoot, optimize Exchange performance.
 Perform Exchange database maintenance, exchange database backups and restore.
 Understands application integrations for identify and access management
 Multi factor authentication (MFA) both token and cloud.
 Design a large enterprise-level solution upon technical, application and business requirements
 Strong information technology, disaster recovery, performance tuning and testing, logical and physical
architecture design
 Microsoft Office 365 administration - adding/modifying users, groups, and shared mailboxes.
 Created a task scheduler that runs daily to update Office 365 user profile picture and user profile
properties.
 AD Federation Services Migration from ADFS 2.0 to ADFS 3.o
 Active Directory Disaster recovery design and implementation
 Design & implemented Multiple Domain hardware refresh with minimum downtime
 Kerberos password reset planning & implementation
 In Amazon Web Services Cloud Virtual Active Directory forest Design & implementation
 Trust & authentication Management between Domains & Forests.
 Full disaster recovery plan and practice of DCs and core Directory objects
 Move the domain controllers to the appropriate OU in the Pre Prod domains.
 Setup delegation for OUs in Prod and Pre Prod domains.
 The configuration of Backup and Restore of NSX Manager and Data
 Resolve large delta value for Pre Prod Domain Controllers.
 Delete domain controller from after demotion from OU and Active Directory sites and services.
 Delete conflicting Active Directory users /groups from ADSI and Active Directory Users & Computers.
 Create Remedy change and incident tickets to implement changes in Prod domain and troubleshooting.
 Reboot pending Domain Controllers after monthly patching cycle.
 Monitor SCOM for any Active Directory health alerts and troubleshoot.
 Upgrade production Domain Controllers BIOS.
 Recover deleted Active Directory objects using the backup from Recovery Manager for Active Directory
(RMAD)
 Verify the availability of the URLs for ADFS, GPAA, SI Reporting, Stealth Audit and PKI.
 Citrix Presentation Server, Redhat 5 Linux 9, Mozilla, Apache IIS7, Vista for business, Microsoft Server
2008.
 Check for current RMAD backup session for every domain and delete backup files older than 60 days.
 Renew expiring certificates for SCOM, SI and ADFS using the Venafi tool.
 Implement LDAP server signing requirement GPO for domain controllers in the Dev domain.
 Verify the settings (URL, Port no, Base DN) for LDAP.
 Assist to setup and troubleshoot LDAP with application teams.
 Move Active Directory PDCe FSMO role before the monthly patching cycle.
 Perform monitoring of services owned by the AD team on a weekly basis.
 Perform the checklist that verifies the URLs for ADFS, GPAA, SI Reporting and PKI are available.
 Check for SI and SCOM alerts, replication errors, duplicate SPNs, any open Remedy Incident tickets
assigned to the AD operations team.
 Use Powershell scripts to get information about the server up time, disk partitions, current hardware
specifications, put servers in maintenance mode in SCOM and get list of DC's in a particular site.
 Monitor SCOM alerts for active directory replication errors, DNS errors and pending domain controllers
reboot.

Environment:
Windows 2008/2008R2/2012/2012R2, SCOM 2012, Stealth Intercept 4.1.0.631 (SI), Stealth Audit, Group
Policy Administrator (GPA), LDAP, Venafi, PKI, NSX, Quest Recovery Manager for Active Directory (RMAD),
Remedy,Beyond Trust, TPAM.

Bank of America, Iselin, NJ. July 2014 – Jul 2016

Active Directory Engineer

 Provide ADFS administration support focusing on the ADFS & SSO maintenance of all ADFS services.
 Produce enterprise-level designs for Active Directory Federation Services for global initiatives following
those through to implementation via collaboration with project and support teams
 Configuration of relying party trusts with O365 and third-party applications.
 Configuring Extranet lockouts and Smart lockouts on ADFS to prevent AD account user lockouts.
 SSO configuration in Azure portal
 Install, configure, and maintain Active Directory and third-party software utilities for hardware systems
within company operational guidelines.
 Supporting an Exchange 2013/Office 365 hybrid environment.
 Managing Azure Active Directory and AAD Reporting.
 Registering computers to Azure AD and Hybrid Azure AD.
 Troubleshooting Device Registration issues.
 Working for Microsoft Azure technologies into Identity platform.
 User authentication to application and portals
 Hybrid cloud infrastructure configuration
 AD migration from local to cloud using dirsync/AAD connect
 AAD connect server configuration and troubleshooting
 Third party applications hosted in Azure troubleshooting
 Authentication protocols and troubleshooting and break fixing of authentications scenarios.
 Configuring the conditional access in Azure AD
 Deployed and Integrated NSX with vCenter Server.
 Configuring and managing Azure Multi-factor authentication.
 Install, configure and setup UAT/PROD auditing software TeamMate 11.2 on Windows 2012 R2.
 Document the procedure to install, configure and setup TeamMate 11.2 in UAT and production.
 Document TeamMate 11.2 client installation steps.
 Performed cross platform audits of Active Directory (AD) objects and user permissions.
 Managed User Accounts on Windows (Creation, Deletion, Permissions, and VPN Access).
 Developed organizational units in Active Directory (AD) and managed user security with group policies.
 Promote Windows 2012 server as a Domain Controller.
 Trouble shoot Active Directory replication issues.
 Implemented DNS for external name resolution.
 Setup Managed service accounts for the domain.
 Administer Active Directory commands using Powershell scripting.
 Gather hardware specifications and submit server build request for applications.
 Develop and maintain short, medium and long term plans to support Identity and access management
strategy (IAM).
 Provide operational support for the IAM solution.
 Install Hyperion Smart View and Financial Management on Windows 10 machine to test compatibility.
Environment:
Windows 2003/2008/2012 R2, Windows 10, VMware ESXi 5.X, NSX,TeamMate 11.2, Auth0, IIS7/8, Rapid7,
Serena Business Manager, SFI, Rightfax, Hyperion SmartView, Hyperion Financial Management, FWI Digital
Signage, HPExtrme. HPE Security Fortify, Team Foundation Server 2013/2015, SharePoint 2013, Linux 6.5,
Quest One Management Console, Red Hat Linux console, SCCM 2012.

State Farm – Chicago, IL Jan 2012 - June2014

Associate Active Directory Administrator
 Install and configure Pyxis Pharmogistics Pharmacy Inventory Management application on Windows
2008R2 server for test (development).
 Created failover test scenarios for testing the Pharmogistics application and database server in the
VMWare environment.
 Involved in setting up and testing database server backup and restore.
 Assisted in the upgrade of Pharmogistics application and client from 1.4.4 to 1.4.5 and creating
documentation for the same. 
 Deployment of Pharmogistics client on the pharmacy workstations before and after upgrade.
 VMotion the application and database server VMs to test the failover functionality.
 Supporting Active Directory Lightweight Directory Services and ADFS.
 Experience in Troubleshooting and vCenter Site Recovery Manager and patching ESX Servers and VMs with
VMware Update Manager. Experience in ESX and ESXi and vSphere.
 Worked on vCenter server for managing multiple ESX servers.
 Build and troubleshooting experience with ESX servers and ESXi servers.
 Patch management and upgrades using VMware update manager.
 Application readiness/OS checkpoint. Install &config oracle 10g and coordinating with the oracle team.
 Strong knowledge on Server, Desktop and Application virtualization.
 Maintaining the VMware ESX Servers through VMware Infrastructure Client (vSphere client).
 Configure users, groups, group policy objects, service accounts, application layer services and other
objects, often coordinating with software developers.
 Managed Group Policy Objects (GPOs) throughout the Active Directory (AD) enterprise.
 Revoking and creating PKI certificates 
 Created PowerShell scripts to complete Active Directory related tasks.
 Created/modified user account, security groups, and distribution list to protect company proprietary
information.
 Installed and configured the anti-virus software for VDI desktops and provided security and monitoring the
traffic using vmware NSX & distributed switches.
 Utilized WMI, ADSI and LDAP.
 Administered DNS, DHCP and WINS.
 Cluster disk storage using HP Left-hand P400 SAN.
 Perform system administrator tasks of establishing individual and corporate accounts, monitoring account
utilization, and developing account in AWS.
 Configure web access management of enterprise resources using empowerID.
 Manage empowerID polices to provide suitable access to resources.

Environment:
Windows 2008R2, SQL Server 2008 R2 STD, VMWare ESXi, vCenter, CareFusion Pharmogistics server 1.4.5,
CareFusion Inventory Manager Client 1.4.5, Symantec Netbackup Client 7.5.0.6, Symantec Endpoint Protection
12.1.3001.165,HP Lefthand P4000 SAN, LDAP, GPO, ADFS,PKI, DNS, DHCP, WINS.