IMPORTANT ANNOUNCEMENT FOR OUR READERS!
AskPFEPlat is in the process of a transformation to the new Core Infrastructure and Security TechCommunity, and will be moving by the end of March 2019 to our new home at https://aka.ms/CISTechComm (hosted at https://techcommunity.microsoft.com). Please bear with us while we are still under construction!
We will continue bringing you the same great content, from the same great contributors, on our new platform. Until then, you can access our new content on either https://aka.ms/askpfeplat as you do today, or at our new site https://aka.ms/CISTechComm. Please feel free to update your bookmarks accordingly!
Why are we doing this? Simple really; we are looking to expand our team internally in order to provide you even more great content, as well as take on a more proactive role in the future with our readers (more to come on that later)! Since our team encompasses many more roles than Premier Field Engineers these days, we felt it was also time we reflected that initial expansion.
If you have never visited the TechCommunity site, it can be found at https://techcommunity.microsoft.com. On the TechCommunity site, you will find numerous technical communities across many topics, which include discussion areas, along with blog content.
NOTE: In addition to the AskPFEPlat-to-Core Infrastructure and Security transformation, Premier Field Engineers from all technology areas will be working together to expand the TechCommunity site even further, joining together in the technology agnostic Premier Field Engineering TechCommunity (along with Core Infrastructure and Security), which can be found at https://aka.ms/PFETechComm!
As always, thank you for continuing to read the Core Infrastructure and Security (AskPFEPlat) blog, and we look forward to providing you more great content well into the future!
Hey y’all, Mark and Tom back here with the return of the mailbag returns. Give yourself 5 internet points if you get that Simpsons reference. Before today our mailbag posts were very random and we are trying to get on a more regular mailbag posting schedule. The key word in that sentence would be trying but that’s the goal. So send us your questions and comments and we will see what we can do. Today’s post will cover the following.
We set up multiple NTP servers for our root PDC, one of them stop responding and our root pdc didn’t switch over to one of the other ones. It then marked itself as unreliable and things got really ugly. Why would this happen?
If you want to really mess up AD, mess with DNS or mess with the time. One very likely reason was that the NTP servers they were pointing at were a different stratum level. Meaning for example NTP1 was stratum 2 and NTP2 was stratum level 3. You want to make sure all NTP servers you are pointing at for your root PDC are at the same stratum level. If it changes stratum level you would need to restart the w32time service on the root PDC.
Do I need to extend the schema take advantage of the Central Store/ADMX files in Group Policy?
I know what you are thinking, you just made this up so you’d have something to write about. I can see how you’d think that. I actually had this question posed 3 different times in 2 weeks so I figured it would be worth bringing up. No you do not need to extend the AD Schema generally. I say generally because some of the specific extensions, like for example Wireless policy, may require a specific level. Wireless policy needed Vista SP1 or greater. If you aren’t using those extensions you don’t have anything to worry about. For more info on this you can read it at the Group Policy team blog. Once you get your central store up, don’t forget to delete those old ADM files. One of our very first posts has a script to help you with that here.
I’m interested in becoming a PFE. How do I do that and I need to ramp up my skills?
Resident blog grey beard Greg Jaworski already gave you a road map on how he became PFE. In terms of ramping up there are lots of resources, if you are new to the blog Dan Cuomo and Scott Simkins laid out some great training you can get yourself into. I also would be remised if I didn’t link to the probably now famous “Post-Graduate AD Studies” from Ned Pyle which has lots of good info in one spot. I know it helped myself and Tom a ton.
-If you missed it a bunch of MS certification exams can now be taken online. So you are really running out of excuses to not get certified. Read more here.
-A couple of guys play a bunch of batman songs on a piano and a dark knight black cello which is pretty awesome. Check out the piano guys.
-They are saying Iron Man should be in Captain America 3 for the Civil War but more importantly Marvel will be doing another comic version of the civil war. If you can’t wait just hold your breath and a new movie will be out.
-Dust off those joysticks, X-Wing and TIE Fighter are coming back!
-It’s Halloween today in the US which gives me an excuse to play my favorite Halloween song and great 30 rock joke.
Mark “Nobody gets my costume” Morowczynski and Tom “Sorry no Halloween party this year” Moser