Changing "Sessions" information on user account in Active Directory with Powershell

Doing some digging with a teammate today it was incredibly difficult to find information on how to automate the settings change of the Sessions tab on a user object.  Different paths indicate we need to edit the userParameters attribute but you’ve probably found that it’s a binary blob and not easily manageable.  Perhaps you went down…

3

NTDS performance counters missing

Thought I’d doc this for any others who run into this issue.  I had to demote/promote a machine this morning and when it finished promoting I found it was missing all the NTDS\* counters in perfmon.  I ran LODCTR /Q and saw that it looked wrong:   C:\Windows\system32>lodctr /q:NTDS Performance Counter ID Queries [PERFLIB]:    …

3

Interacting with Data Collector Sets via Powershell

Background: In an earlier post I talked about some new features for Windows 2008 and Vista.  One of those new features that is often overlooked are the data collector sets (DCS).  One particular role that leverages data collector sets is active directory.  Active directory has put “hooks” into tracing that can really take a lot…

6

Domain doesn't know about my computer account? I vouch for my computer, you can trust me...

Had an issue where a server would not allow logon via termian services each time you attempted to logon it would return this:     Soooooooooo, what to do here?  First, we made sure the account existed in the directory since that’s why it appeared to be complaining.  So I opened LDP and verified it…

5

Supported upgrades for domain controllers to Windows 2008 (Melting Pot in CorpNet)

Currently we are running Win2k3 SP1, R2, SP2, Win2k8 Beta3, RC0, RC1, and RTM Escrow idomain controllers in production…  Since we’re running some downlevel servers in the environment and I was interested in what is supported to be upgraded to Windows 2008 when we sign off and the the DVDs start getting pressed.  Luckily a…

9

What do you say you DO here?

Just noticed the AD jigsaw poster has been updated for 2k8.  So next time your boss asks you “What do say you do here?”, don’t reply with I’m a people person!  Do the following: 1) Download one of the jigsaw posters from http://www.microsoft.com/downloads/details.aspx?FamilyID=c2b9e44e-0bbd-47cb-bc09-b3d48be7f867&DisplayLang=en 2) Print out on plotter 3) Give to boss 4) Ask for…

2

Booting into DSRM in Windows 2008

Since the boot.ini file no longer exists in Windows 2008, the way to boot into directory service repair mode has changed.  You can setup the OS to boot to DSRM a couple of ways as shown below.  I’d also mention that to due offline defrags and other NTDSUTIL commands against the database you can now…

1

Webcast coming up: Looking cool in front of your AD peers in Win2k8

Just got back from vacation and will start getting the posts going again.  Just wanted to mention a webcast coming up from AD administration in Windows 2008 that is going to play next Thursday the 27th.  If you got some time to kill, I’d make this session for sure. TechNet Webcast: Extending Windows Server 2008…

0

Republish printers easily on a print server to Active Directory.

Printers can get pruned from the directory for many reasons.  The way it is supposed to work is if the printer is stale then a DC will remove the print queue object from the directory after trying to contact it 3 times at 8 hour intervals (default).  This also means that if a DC can’t…

1

Windows Server 2008 Beta3: Can and RODC be a GC?

Answer: Yes. If you’re looking to deploy some RODCs during the B3 timeframe then it would be a good idea to read through this first: Step-by-Step Guide for Read-Only Domain Controller in Windows Server 2008 Beta 3 One of the gotchas before an RODC will advertise as a GC in your domain is that domainprep…

0