Read-Only Domain Controller (RODC) Branch Office Guide Released

If you are involved in a project to plan or upgrade Active Directory in your branch offices, you may have questions such as: What type of domain controller should I use for a given branch office? Does a given branch office even need a Domain Controller? What topology should I use? How do I monitor…


Having a bad day?

You know… the kind of day where all of the hard drives fail on one of your domain controllers, and then the new sysadmin runs a script on your production AD environment that deletes all user accounts, and then a hurricane hits your backup datacenter and floods your server room, submerging the last few backup…


Active Directory in the DMZ

I’ve been waiting for this guide for a while (‘cause that’s how I roll), but if you are interested in guidance on when/how to use Active Directory in your perimeter network, the AD team has released a guide for that: Active Directory Domain Services in the Perimeter Network (Windows Server 2008) The guide covers the…


Masters of the (Reading) Universe.

Unless you are Uber-l33t, you are probably not working on your Microsoft Certified Master certification.  This is  where the best-of-the-best come visit the better-of-the-best on the Redmond Campus to learn everything there is to know about Active Directory Services, SharePoint, OCS, SQL Server, or Exchange. Seriously… take a look at the instructors. Anyhoo, just because…


Project Sundance – Managing Your Baseline

If you are in charge of maintaining the security baseline at your company, you know that there are two key problems you face.  First of all, there are a LOT of security settings to tweak within Windows.  The services you harden and lock down on a Domain Controller are very different from those that you…


May TechNet magazine is out

…and awesome as always!  Check it out here. Windows Administration: Active Directory Backup and Restore in Windows Server 2008 Windows Server 2008 and the new Windows Server Backup utility bring many changes and welcome enhancements to backing up. Here is an in-depth guide to backing up and restoring Active Directory in the new server OS….


The limits of Active Directory

A few years ago, at my first IT job, my manager told me that there was a server at Microsoft, and all day long it created objects in a test Active Directory Domain.  "This server has been running since Windows Server 2000 was released" he said, "and it still has not hit a limit on…


Active Directory Security Best Practices

Because why wouldn’t you?    Best Practice Guide for Securing Windows Server Active Directory Installations Best Practice Guide for Securing Active Directory Installations and Day-to-Day Operations: Part 1 Best Practice Guide for Securing Active Directory Installations and Day-to-Day Operations: Part 2 Windows Server 2003 Deployment Kit: Designing and Deploying Directory and Security Services Windows Server…


Whence Shalt I Screencast?

Alright… back from a MUCH needed vacation, some crazy weather (hail in Seattle?), and I have started to recover from the black lung that my kids were nice enough to share with me. My new Samson microphone showed up as well, so I am ready to start recording some screencasts to share will all of…


Active Directory How-Tos

How do I back up AD? Seize an Operations Manager role? Recover a Domain Controller? Manage SYSVOL? There’s a guide for that… Active Directory Product Operations Guide Process: Back up Active Directory Process: Non-authoritative Restore of Active Directory Process: Authoritative Restore for Active Directory Objects Process: Recovering a Domain Controller Through Reinstallation Process: Installing a…