The Most Popular Posts of 2014

Hey y’all, Mark back again to help close out another successful year of blogging. We’ve been at this for three years, which feels insanely long as well as feeling like this just started up a few weeks ago, which is weird. Trust me. We want to thank you the reader again for sticking with us… Read more

Securing DC to DC communication with IPsec using Windows Firewall with Advanced Security (WFAS) Connection Security Rules

Hi folks, Lakshman Hariharan and Martin Solis here with a post on how to secure domain controller to domain controller communications using Windows Firewall with Advanced Security (WFAS) Connection Security Rules. Be forewarned that this is a long post, much of it taken up by screenshots. A common example of an implementation is the securing… Read more

Mailbag: Tech the Halls (Issue #4)

Hey y’all, Mark, Tom and the AskPFEPlat crew back for our last mailbag of 2014. It’s getting around the holidays, lots of people start to take vacation including myself. But don’t worry we’re really starting to get into a good rhythm with these posts and it’s looking like we’ll stick with this experiment for 2015…. Read more

How to (correctly) check file versions with PowerShell

Howdy folks Matthew Reynolds (@MatthewMWR) here. I focus on enterprise Windows optimization and security for Microsoft Services. You might remember me from How Many Coffees Can You Drink While Your PC Starts ( ) from TechEd or PowerShell Deep Dives ( ) from Manning Press. The following should be simple questions, but I… Read more

PSA: Incorrect MTU size causes connectivity issues with Windows Server 2012 and Windows Server 2012 R2

Greg Jaworski here to make readers aware of a support issue where network interface drivers may set an overly large MTU value of 1514 bytes.Problems arise when such large packets cannot be passed by the underlying network infrastructure. As this blog post will illustrate, connectivity failures caused by this condition can cause an array of… Read more

Mailbag: Black Friday (Issue #3)

Mark and Tom here again with Mailbag Issue #3. Keep a copy of these first issues in the walls somewhere, they’ll be worth a fortune one day. We hope all of our friends in the US had a great Thanksgiving and that all of our friends around the rest of the world had a great… Read more

ADFS Deep Dive: Planning and Design Considerations

  In the previous blog post on comparing sign-in protocols, the goal was to give you a primer on the terminology so when we start talking about WS-FED or SAML, you have an idea of what we’re talking about. If you haven’t read it yet, it’s available here: In this blog, we’re going to… Read more

When Creating a New Resource or Role in Windows Server 2012 R2 Failover Cluster, the Network Name Fails to Come Online or Failed to Create Associated Computer Object in Domain

There is an issue I have seen repeatedly in the field since Windows Server 2012 and Windows Server 2012 R2 released. It typically surfaces when attempting to add roles to Windows Failover Cluster. Since my customers are large SQL shops, this issue typically surfaces when the server team hands off the Windows Server 2012 R2… Read more

Mailbag: So Far Off To a Good Start (Issue #2)

Hey y’all, Mark and Tom back with our second Friday mailbag. So far so good on trying to keep our regularly scheduled mailbags. We even got a few other PFEs to join in for this one so let’s get right to it. This post will cover the following. Hosting DNS in something other than Active… Read more

Troubleshooting Basics for the Netlogon Parser (v1.0.1) for Message Analyzer

Hi all, Brandon Wilson here again to talk to you a bit more in depth about the Netlogon parser for Message Analyzer. Last time, I gave you a basic introduction on the anatomy of the parser, how to open log files, and the basics on navigation with the parser and what can be seen. In… Read more