Fun with the AD Administrative Center

Hi folks, Ned here again. We introduced the AD Administrative Center in Windows Server 2008 R2 to much fanfare. Wait, I mean we told no one and for good measure, we left the old AD Users and Computers tool in-place. Then we continued referencing it in all our documentation. And people say we’re a marketing… Read more

Friday Mail Sack: LeBron is not Jordan Edition

Hi folks, Ned here again. Today we discuss trusts rules around domain names, attribute uniqueness, the fattest domains we’ve ever seen, USMT data-only migrations, kicking FRS while it’s down, and a few amusing side topics. Scottie, don’t be that way. Go Mavs. Creating trusts between forests with duplicate names Enforcing sAMAccountName uniqueness The biggest domain… Read more

Sites Sites Everywhere…

…Without a DC to spare! Hey all, this is Sean. You may remember me from a few old ADFS posts. I’m no longer on the Directory Services team but I still do a lot of DS stuff in Premier Field Engineering (PFE). Anyway, I recently ran into a few “interesting” site topologies while in the… Read more

Restrictions for Unauthenticated RPC Clients: The group policy that punches your domain in the face

Hi folks, Ned here again. Around six years ago we released Service Pack 1 for Windows Server 2003. Like Windows XP SP2, it was a security-focused update. It was the first major server update since the Trustworthy Computing initiative began so there were things like a bootstrapping firewall, Data Execution Protection, and the Security Configuration… Read more

What does DCDIAG actually… do?

Hi folks, Ned here again. I recently wrote a KB article about some expected DCDIAG.EXE behaviors. This required reviewing DCDIAG.EXE as I wasn’t finding anything deep in TechNet about the “Services” test that had my interest. By the time I was done, I had found a dozen other test behaviors I had never known existed…. Read more

The future is here. It’s just not widely distributed yet.

Hi folks, Ned here again. Despite the reputation for cutting edge technology, a lot of IT departments can get stuck in the now or worse, the past. Since it’s a new year, a new economy, and winter is coming to a close, here are some articles you should find interesting if you are looking to… Read more

The Windows Server division wants your feedback

Ned here. The Windows Server division is looking for your feedback. A snippet from their post: From our research we have identified 5 areas where our customers have expressed increased concerns: Enabling an increasingly mobile workforce Working within the constraints of tightening IT budgets Disaster recovery and data backup planning Providing secure and highly available… Read more

Friday Mail Sack: The Gang’s All Here Edition

Hi folks, Ned here again with your questions and our answers. This is a pretty long one; looks like everyone is back from vacation, winter storms, and hiding from the boss. Today we talk Kerberos, KCC, SPNs, PKI, USN journaling, DFSR, auditing, NDES, PowerShell, SIDs, RIDs, DFSN, and other random goo. Rawk! DC NIC teaming… Read more

Common DFSR Configuration Mistakes and Oversights

Greetings everyone. Warren here again with a blog post that is a collection of common DFSR issues that I have encountered over the past few years. The goal of this blog post is to list these common DFSR configuration mistakes that have caused problems to prevent you making the same mistake. Knowing what not to… Read more