Welcome to Dirteam.com/ActiveDir.org Blogs Sign in | Join | Help

Browse by Tags

All Tags » Windows Server » Active Directory   (RSS)

Notifying users by e-mail their password is going to expire

Windows by default has a mechanism to notify a user when the password is going to expire. By default Windows will start notifying the user 14 days before the password really expires and must be changed. The default value is affective when no other value Read More...
Posted Sunday, July 20, 2008 5:44 PM by Jorge | 7 Comments
Attachment(s): ADPwdExpNotify.zip

AutoEnrollment Control Access Right is missing in AD

A few days ago I was chatting with a colleague of mine in the UK about automated permissions assignment in AD through DSACLS. His reason to do this was because of CLM deployments where you had to use different kinds of Extended Rights that are defined Read More...
Posted Thursday, July 17, 2008 9:13 PM by Jorge | 0 Comments

Migration Support in ADMTv3.1 for Windows Server 2008

In this post I explain what you can do with ADMTv3 and what you cannot do. Additionally I also define common migration steps and provide links to other information sources. ADMTv3.1 has been released a few days ago and it now supports Windows Server 2008 Read More...
Posted Tuesday, July 15, 2008 11:29 PM by Jorge | 0 Comments

Wanna read something cool about RODCs, Hyper-V and PowerShell?

Nathan Muggli, a PM at Microsoft in the AD product group blogged about a cool way to deploy RODC using Hyper-V and PowerShell in an automated way. Read it here . Cheers, Jorge -------------------------------------------------------------------------------------------------- Read More...
Posted Tuesday, June 10, 2008 12:25 AM by Jorge | 0 Comments

RODC Compatility Pack for Legacy OSes

Microsoft released a KB article that describes issues/symptoms with legacy OSes and the Windows Server 2008 RODC including possible workarounds. You can find that KB article here (Description of the Windows Server 2008 read-only domain controller compatibility Read More...
Posted Wednesday, June 04, 2008 2:16 PM by Jorge | 0 Comments

Auditing in Windows Server 2008

To audit stuff in Windows Server you first need to configure a main event category to be enabled for "Successes" and/or "Failures". This must be done through a local GPO on the server or through a GPO in AD which then is linked to an OU containing the Read More...
Posted Tuesday, April 29, 2008 11:19 AM by Jorge | 1 Comments

Auditing when members of specific groups logon to a Vista or 2008 computer

Have you ever had the need to audit when members of specific groups logon to a computer? If yes, unfortunately this is only possible out-of-the-box in both Windows Vista and Windows Server 2008. The feature is called "Auditing Special Groups" and you Read More...
Posted Friday, March 21, 2008 5:23 PM by Jorge | 0 Comments

Windows Server 2008 – Reanimating Objects and Restoring additional Information

This post is an updated version of the following post and now contains RTM information: Windows Server Longhorn – Reanimating Objects and Restoring Additional Information Reanimating Objects and Restoring Additional Information Basically when restoring Read More...
Posted Thursday, March 20, 2008 1:29 PM by Jorge | 3 Comments

Windows Time Service

In addition to a previous post a did, I would like to point you to a Microsoft blog about the Windows Time Service (W32TIME) . That blog contains interesting information. My favorite posts on that blog are: Keeping the Domain On Time (Explaining how Windows Read More...
Posted Wednesday, March 19, 2008 4:57 PM by Jorge | 0 Comments

Are you using at least 1 W2K3 SP1 DC in your AD domains?

During one of the AD Q&A sessions at TechED IT Forum I was kind of surprised that people did not know about a simple "save you're a$$ method" when recovery of objects was needed and especially those objects that contain back-links. The recovery of Read More...
Posted Tuesday, November 20, 2007 11:39 PM by Jorge | 0 Comments

Read-Only Domain Controller presentatie bij LogicaCMG

Sorry for all the others, but this one is of interest for dutch speaking people in the Netherlands interested in the topic. Hallo, Met dit bericht wil ik je graag benaderen voor het volgende. Op woensdag 21 november in Amsterdam en op donderdag 29 november Read More...
Posted Wednesday, October 31, 2007 5:46 PM by Jorge | 0 Comments

Determining the Effective PSO for a User

In " Windows Server 2008 - Fine-Grained Password Policies " I explain the new password and account lockout feature/concept in Windows Server 2008. When using ADUC it is interesting to know what PSO is effective from some user, and better yet, what the Read More...
Posted Tuesday, September 11, 2007 11:43 PM by Jorge | 2 Comments

Is your Authoritative Restore being undone?

Some time ago you create a System State backup and now you are using that same backup to restore one or more objects that got deleted. You perform the non-authoritative restore by restoring the System State in DSRM and perform the authoritative restore Read More...
Posted Sunday, September 09, 2007 6:27 PM by Jorge | 2 Comments

Windows Server 2008 - Fine-Grained Password Policies

In previous OSes if you wanted to create multiple password or account lockout policies you basically has two choices. Create a new domain for the accounts that need some other password or account lockout policy. This was not really a good choice, because Read More...
Posted Thursday, August 09, 2007 11:20 PM by Jorge | 8 Comments

DC Locator Process in W2K, W2K3(R2) and W2K8 - PART 3

This is the 3 rd and last part of "DC Locator Process in W2K, W2K3(R2) and W2K8" Until now I talked about locating a DC for authentication. What I did not talk about yet is locating the SYSVOL to apply GPOs and to use the legacy NETLOGON share. Let's Read More...
Posted Monday, July 02, 2007 2:36 PM by Jorge | 4 Comments
More Posts Next page »