Day: July 29, 2008

  • Next RID number

    So let’s say you want to know how many objects are created on a domain controller, you want to see shen it’s receiving a new RID pool? checkout the RID-SET Set ObjRid= GetObject (“LDAP://CN=RID Set,CN=DC01,OU=Domain Controllers,DC=fabrikam,DC=com”) it lists all the properties that the LOCAL! DC uses to handout RID numbers.. if the rIDPreviousAllocationPool and rIDAllocationPool…

  • Kerberos multiple hops

    You all remember the maximum 2 hops for Kerberos right.. well in Microsoft land it works a little different and it is possible to create a multiple tier Kerberos delegation structure.   Basically we want the following to happen:   Client->IIS1->IIS2->IIS3->IIS4 where all hops require Kerberos authentication   In this case, IIS1, IIS2 and IIS3…