Workaround for the ADU&C search bug with advanced tabs missing

With a bit of luck you learn something every day in this business, and today a customer showed me a new workaround for a long standing problem in Active Directory Users and Computers (ADUC). Like most serious admins, you probably always have the advanced view enabled, like this: If you search for a user in…

1

Foreign Security Principals and Well-Known SIDS, a.k.a. the curly red arrow problem

So I was at a customer today, and for some reason or another we ended up looking at the members of the group called “Pre-Windows 2000 Compatible Access”. Members of this group basically have read-only rights in all of Active Directory. The member set depends on the forest history, but since Windows 2003 the only…


Search for Preferred Bridgehead servers

Just a quickie for today. I was talking to a friend about Preferred Bridgehead servers. This is an old-fashioned feature from the bad old days where hardware was expensive and firewalls were everywhere. A preferred bridgehead is the preferential replication partner for DCs in other sites, and is used to exclude the other DCs in the…

2

Force replication throughout the Forest

So there are a million posts already on how to force Active Directory replication, I know that. Mine has a little twist though, so keep reading. Forcing AD replication is not something you need to do often. If you find yourself doing it daily, there is probably room for improvement in your replication topology. However, in a test…

3

Azure VM Backup: beware of Windows Server 2008 R2

Since March 2015 we have the possibility to backup and restore entire VMs running in Azure. If you were not aware of this before, have a look at the documentation here: https://azure.microsoft.com/en-us/documentation/services/backup/. Using the Backup Vault you can automatically backup full VMs on a flexible schedule. For Active Directory, you could set this to daily, with…

1