NTFSSecurity Tutorial 1 – Getting, adding and removing permissions

Summary Managing file and folder permissions in Windows PowerShell is not that easy, and there are numerous articles and blog posts describing how it works by using the .NET classes. This is far from being comfortable, and there is one major and one minor restriction: Path length Generic rights This post introduces the NTFSSecurity module,…


Resetting passwords honoring password history (or what’s happening under the hood when changing / resetting passwords)

Todays topic: Resetting passwords honoring password history (or what’s happening under the hood when changing / resetting passwords) You may have already came across the task to programmatically change or reset passwords on user accounts in Active Directory. Thanks to the the ChangePassword() and SetPassword() macros of the Active Directory Service Interface (ADSI) implementation this…


NTFSSecurity Tutorial 2 – Managing NTFS Inheritance and Using Privileges

Summary In my previous post, NTFSSecurity Tutorial 1 – Getting, adding and removing permissions, I talked about NTFS inheritance. Inheritance is a fundamental feature of NTFS to keep permissions consistent and easy to manage. However, there are some scenarios where you want to disable inheritance on folders or find out where it has been disabled….


Using SQL Server 2016 for a DSC Pull Server

This article describes how to use a SQL Server 2016 as the backend database for a Desired State Pull Server. The default database engine is EDB and lacks a couple of feature required. This article guides you through the setup process.


Privileged Access Management – demystified

  Today’s topic: Privileged Access Management (PAM) Just in Time Administration demystified Coming with Microsoft Server 2016, we offered a new optional feature for Active Directory: the ‘Privileged Access Management Feature’. The new feature is only available with Domain Controllers OS >= Windows Server 2016. Privileged Access Management Feature consists of two parts: Privileged Access…


AutomatedLab Introduction – Part 2

Summary This blog article explains how to create a small lab environment using AutomatedLab. After going through this article, you will have AutomatedLab installed on you Hyper-V host and have a lab setup with two machines.   Installation The installation of AutomatedLab itself, is very easy. You can download AutomatedLab from http://automatedlab.codeplex.com/. The download will…

8

Active Directory Service Interface (ADSI) and the Read Only Domain Controller (RODC) – Avoiding performance issues

Hi there, this is the first blog entry for the new info series ‘Coding from the field’. The intention of this blog is to help you avoiding the reinvention of the wheel as well as to communicate known tripping hazards. Todays topic: Active Directory Service Interface (ADSI) and the Read Only Domain Controller (RODC) Avoiding…


Broken DSC Reporting, RequestEntityTooLarge and some LCM internals

Abtract After migrating a complex DSC configuration using partial configurations to composite resources, DSC reporting using SQL Server as described in Using SQL Server 2016 for a DSC Pull Server did not work any longer or was no longer reliable. This article is about troubleshooting this and learning something about Event ID 4260 and how…


The ADSI Schema Cache revealed Part II

Today’s topic: The ADSI Schema Cache revealed Part II We have been talking about the ADSI Schema Cache implementation, it’s benefits and several buts in the first part covering this topic <The ADSI Schema Cache revealed>. The conclusion was – utilize the sample code attached to the blog entry and ‘really, finally it’s cool now…


Resetting WMI repository – dos and dont’s

Today’s topic: Resetting WMI Repository dos and dont’s Some people like Windows Management Instrumentation (WMI) because of its power – some just hate it. The ones who hate it often claim that the WMI repository is not really reliable and often gets corrupt / unusable. Even though this may happen – it’s not a usual scenario. Anyhow -…