Welcome to Dirteam.com/ActiveDir.org Blogs Sign in | Join | Help

The things that are better left unspoken

a blog by Sander Berkouwer

Related

AD Manager Plus
 

Blog roll

News



Archives

Browse by Tags

All Tags » Microsoft Windo... » Microsoft Windows Server 2008   (RSS)
MS13-079 Vulnerability in Active Directory could allow denial of service (Important)
Earlier this week, during the September 2013 Patch Tuesday, Microsoft has released a new Active Directory-related security bulletin: MS13-079 . With the third Active Directory-related Security bulletin this year, (after MS13-066 and MS13-032 ) Microsoft Read More...
MS13-066 Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (Important)
On Tuesday, August 13, 2013 Microsoft, in its monthly Patch Tuesday, released MS13-066 , a Security Bulletin addressing an issue with Active Directory Federation Services. This security update resolves a privately reported vulnerability in Active Directory Read More...
Active Directory Services and their System Center Management Packs
As you might be aware, every Microsoft technology has the requirement to be manageable through PowerShell and System Center. Manageability through System Center is done through Management Packs. (MPs). While I discussed the PowerShell manageability stories Read More...
Active Directory Services on Server Core installations
Windows Server 2012 is a major leap forward for Server Core installations of Windows Server. Not only are Full installations of Windows Server convertible back and forth to Server Core installations without reinstallation, a whole slew of new Server Roles Read More...
MS13-032 Vulnerability in Active Directory Could Allow Remote Code Execution (Important)
It’s not often, that Active Directory Domain Controllers get security updates. The Active Directory Domain Services Server Role is one of the most robustly written code, as I pointed out in an earlier blogpost on Statistics on Active Directory-related Read More...
PowerShell, LDIFDE, CSVDE and Protection from Accidental Deletion
When you build test environments regularly, at some point you’ll want to fill your Active Directory quickly. If, for instance, you have a data set with Organizational Units (OUs), user accounts and groups, you’ll want to quickly import this data. If, Read More...
Active Directory in Hyper-V environments, Part 7
For a while, Microsoft’s KnowledgeBase article 976424, titled Error code when the kpasswd protocol fails after you perform an authoritative restore: "KDC_ERROR_S_PRINCIPAL_UNKNOWN" , has been available to solve issues with unexpected behavior Read More...
DCPROMO Advanced Mode, what does it do?
In the past 11 years, Microsoft has released four versions of Windows Server on which you could install Active Directory. On all these platforms, Microsoft offered two ways to promote a server to a Domain Controller. In this blogpost I’ll reveal the differences Read More...
How to effectively defend against Morto.A in the enterprise
Whenever a worm utilizes the normal access and daily tools systems admins use, there is a significant problem. After all, shutting down the attack vector suddenly isn’t that easy. So, without making dramatic changes to your environment, how can you rest Read More...
Preventing OUs and Containers from Accidental Deletion
Those of you running Domain Controllers with full installations of Windows Server 2008 R2 or are managing Windows Server 2008 R2-based Domain Controllers using the Remote Server Administration Tools (RSAT) on Windows 7, might have seen the following configuration Read More...
How to add a DSRM startup option in Windows Server 2008 and Windows Server 2008 R2
Since Windows Server 2008, Microsoft no longer offers the ability to restart a Domain Controller in Directory Services Restore Mode (DSRM) from the default F8 boot menu. About Directory Services Restore Mode For Windows Server-based Domain Controllers, Read More...
Active Directory Feature Requirements
Microsoft has included numerous features in Active Directory the last couple of years. Also, more and more technologies in products like Exchange Server, SharePoint Server and the Windows client (Windows Vista, Windows 7) have an Active Directory opt-in Read More...
Active Directory Time Sync (broken by default)
Active Directory relies on accurate time for a number of reasons. One of this reasons is Kerberos authentication, which by nature can only cope with a difference in time (time skew) of five minutes between the Kerberos server and client. Now, don’t get Read More...
Considerations when upgrading your Active Directory to Windows Server 2008 and 2008 R2
While upgrading your Active Directory Domain Controllers, Domain Functional Level(s) and Forest Functional Level to Windows Server 2008 and Windows Server 2008 R2 offer additional functionality compared to previous versions , also a couple of caveats Read More...
Some Server Core Domain Controllers heading for a dead end street
You know, in terms of deploying servers in a smart way, so you can actually utilize them for as long as their economical lifecycle in a supported fashion without a need to reinstall them, I’ve made a stupid decision in advising IT Pros to deploy Server Read More...
More Posts Next page »