Congrats Sean and Mark, the Newest Masters!

Hey all, Ned here again. You probably know our pals Sean Ivey and Mark Renoden from their AskDS blog contributions. Both of them were once Directory Services Support Engineers and are now Premier Field Engineers, traveling the globe to help solve your problems. Much like the A-Team. Or not. Anyway, what you probably don’t know is that yesterday they… Read more

Friday Mail Sack: Dang, This Year Went Fast Edition

Hi folks, Ned here again with your questions and comments. This week we talk: AD Garbage Collection behavior Applying Group Policy based on installed roles and features Apple hates .local domains More on auto site coverage from Lurch Fixing the mysteriously bad CPU performance of brand new servers DFSN and NetApp Hyper-V and AD/DFSR/FRS/etc. disk… Read more

Sites Sites Everywhere…

…Without a DC to spare! Hey all, this is Sean. You may remember me from a few old ADFS posts. I’m no longer on the Directory Services team but I still do a lot of DS stuff in Premier Field Engineering (PFE). Anyway, I recently ran into a few “interesting” site topologies while in the… Read more

The Certificate Template Manager Hangs Indefinitely

Hey ladies and gents, Sean here again. Recently I ran into an issue with Windows Server 2003 that caused the Certificate Template Manager to hang. I’ll discuss the problem and provide solutions so you don’t get stuck wondering what’s going on if this happens to you. First, let’s talk about the symptoms. If you try… Read more

ADFS: SAML Tokens and Validation Issues when Federated with TFIM

Hi all. This is Sean again and it’s ADFS blog time! Today I’m going to touch on Security Assertion Markup Language (SAML) tokens, and an issue we’ve run into when federating with Tivoli Federated Identity Manager (TFIM). I’ll discuss what a SAML token is, why it’s important, and what happens when TFIM tries to validate… Read more

ADFS Components missing after upgrading to Windows Server 2003 Enterprise Edition

Hey everyone, I’m Sean from the Directory Services team here at Microsoft. We support an up and coming technology called Active Directory Federation Services (ADFS). ADFS is a component first introduced in Windows Server 2003 R2 that includes web single-sign-on (SSO) that authenticate a user to numerous web applications during a single online session. Recently,… Read more