So you wanted to deploy Domain Controllers faster…Now you can!

A Domain Controller must have a unique name, invocation ID, and security identifier (SID) in the entire forest.Up to Windows Server 2008 R2 promoting “syspreped” standalone images multiple times, was the fastest you could go in order to deploy a large number of Domain Controllers.Sysprep was needed for ensuring that the deployed images were unique….


USN Rollback, Virtualized DCs and improvements on Windows Server 2012.

The USN rollback issue has been causing hundreds of support calls and AD replication halts throughout the world since the introduction of AD in Windows 2000 Server and up to Windows Server 2008 R2. Every DC maintains a table – ReplUpToDateVector – (or Up-to-Dateness Vector) per Naming Context (NC or AD partition).These tables record data from…


Secure Channel Broken – continuation of "The trust relationship between this workstation and the primary domain failed."

While there can be several reasons for AD replication to fail due to an “access denied” error (you may find more information in KB article 2002013 – Troubleshooting AD Replication error 5: Access is denied, in here we will be focusing on broken secure channel issues on Domain Controllers and how to reset them….