Author: rzomerman

  • New Active Directory 2008 Forest Recovery Documentation

    So you have implemented Active Directory 2008 .. I hope you did some investigation in backup/restore and offcourse you must update your disaster recovery documentation now.. to help you on your way Microsoft has released a new whitepaper on Forest Recovery for Windows 2008… read before and while fixing your AD.. (preferably before ) http://www.microsoft.com/downloads/details.aspx?familyid=326C8A7A-DCAD-4333-9050-A6303FF3155C&displaylang=en

  • "Windows Installer does not permit installation from a Remote Desktop Connection"

    When you try to install an MSI through an RDP connection you could get the “Windows Installer does not permit installation from a Remote Desktop Connection” dialog. Everyone seems to think that the \tsclient<drive> is a regular network share.. but it is not!.. it’s a software feature of Terminal Services service. However, if you find…

  • Poor man's iSCSI

    If you want to implement iSCSI it’s best to keep the normal network traffic and the iSCSI traffic apart from each other. And that usually means buying a 2nd switch capable of reaching high speeds and jumbo frames. Off course for production systems I recommend spending a few bucks.. however if you only want iSCSI…

  • Administrator Lock-out?

    As many may have seen, the Administrator account has some special privileges. It can logon to a workstation/server when no Global Catalog is available and it can always logon. Well seems that always is not entirely true. Just as a regular account the Administrator account gets locked when the password attempts reach the limit as…

  • Group Policy Preferences ready?

    When introducing the Group Policy Preferences in your organization, you need to make sure all your systems have the Client Side Extensions software installed. This CSE package can be distributed by WSUS but can also be deployed separately. But for GPP to work you must also have XMLLite installed if your IE version is below 7.

  • How to hack Vista without bitlocker

    While browsing I stumbled upon a nice video explaining the trick the get a command prompt during the loginscreen of a user.. and that command prompt is in the system security context. They say physical access is full access and without bitlocker they are right.. take a look at the short video below.. http://www.offensive-security.com/movies/vistahack/vistahack.html

  • Windows 2008 SystemStateBackup

    With the release of Windows 2008, the backup mechanism of Windows has also changed. No more NTBackup, but Windows backup, available to your 2008 system as a feature. Also part of that feature is the systemstate backup, you know the one that is utterly Important to restore Domain Controllers. Now the GUI will not let…

  • Did you install Exchange?

    Lots of us install Exchange (what ever version) in our infrastructure.. do you know what Exchange does to your Active Directory.. make a statement order the shirt 😉 Link

  • Windows 2008R2 features part V: DHCP Split-scope

    DHCP is the mechanism that gives most client these days the tools (ip address) for connectivity. Most companies however do not realize the importance of the DHCP service and do not cluster nor have another server as standby when the DHCP server fails. If the DHCP server fails, most clients will not receive a new…

  • Visio Stencils

    <update> The links are now actually working.. you can download them again </update> My previous studiographic.nl website was not too great.. so I moved everything over to the blog.. if you are looking for the Visio Stencils for Virtualization.. check Visio Stencils….. _R

  • Safari 4.0 beta is out

    I am one of the few people using Safari next to IE(7/8) as their standard browser during day to day internet surfing. Many try to get me into Firefox with all the new applets and plugins like password and URL sync between hosts.. but nothing beats the new Safari 4.0 is my humble opinon… finally…

  • Tunnel DMZ to Internal

    When you have servers in the DMZ that are members of your internal AD (not best practice ok.. ) .. you find yourself shooting holes in the firewall to allow RPC, SMB and other protocols. In that case perhaps an IPSEC tunnel can help you out.. when you use a tunnel between your internal and…