Azure Infra – a technical blog.
-
Windows 2008R2 features part II: Recycle Bin
Windows 2008 R2 Active Directory introduces the Recycle Bin option. If you deployed Windows 2008 R2 or upgraded your domain to the Windows 2008 R2 schema and you think…
-
Windows 2008R2 features part I: Offline domain join
Since Windows NT4, clients who wanted to join a domain always needed a direct connection to the domain, either via VPN, dial-in or direct connection. New in Windows 2008R2…
-
Delegate the right to start/stop replication
Let’s say you want to isolate a domain controller for a certain time, you would issue the command: repadmin /options +DISABLE_INBOUND_REPL or/and +DISABLE_OUTBOUND_REPL normally this command requires Domain Admin/Enterprise…
-
Repadmin /expert
Repadmin is the tool used to troubleshoot replication in an Active Directory forest.. commands like repadmin /replsum (to view replication summary) or repadmin /showutdvec (to view USN per domain…
-
Deleted DN's in attribute fields
Let’s say an object in AD has an attribute that is a reference to another object based on DN The targeted object is deleted.. and the attribute field changes to the…
-
Microsoft Certified Master: Windows 2008 – Directory
!PASSED! As one of the first (now 27 worldwide), I can now call myself an MCM:Windows 2008-Directory!.. Congrats to all others!The Microsoft Certified Master: Windows Server 2008, Active Directory…
-
Next RID number
So let’s say you want to know how many objects are created on a domain controller, you want to see shen it’s receiving a new RID pool? checkout the…
-
Kerberos multiple hops
You all remember the maximum 2 hops for Kerberos right.. well in Microsoft land it works a little different and it is possible to create a multiple tier Kerberos…
-
Cross forest authentication
Anyone installed a forest trust before.. probably else you would not be reading this post.. how does authentication work in a forest trust? Well there are two authentication mechanisms…
-
Kerberos PAC validation
http://support.microsoft.com/kb/906736 basically, all Kerberos tickets in windows have a PAC (that holds all the groups of the identity). If the resource that is accessed is NOT running under…
-
Cross-forest Authenticate in VBS
So the problem: All mailboxes of the users are migrated to a central Exchange server, comming from various Exchange 5.5/2003/2003 mailservers (contact me if you want to know how…
-
Improve Wireless security with Windows Home Server
Wireless networks are always less protected than wired LANs since they do not require physical access to a cable inside the building. Enterprises use 802.1x security to strengthen the…