I find myself quite often trying to keep straight all the different replication activities that can occur within an Active Directory (AD) domain. There is: Intrasite Replication Urgent Replication Intersite Replication Intersite Change Notification Replication Reciprocal Replication Immediate Replication Manual Replication
Ace here again. I thought to touch base on DNS zones, and more so, focus on what AD integrated zones are and how they work. This blog almost mimics my class lecture on this topic. Check back for updates periodically, which I will notate with a timestamp above with whatever I’ve added or modified. This topic was also briefly discussed in the following Microsoft Technet forum thread: Technet thread: “Secondary Zones?” http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/c1b0f3ac-c8af-4f4e-a5bc-23d034c85400 source: http://blogs.msmvps.com/acefekay/2013/04/30/dns-zone-types-explained-and-their-significance-in-active-directory/
There are some specific concepts in active directory which may put your environment in trouble if you do not attend to fix them as soon as you notice. One of them is Lingering objects. Defining the meaning of Lingering Objects (LO) is not difficult. Basically if an object in your active directory partitions exist in one or more domain controllers and not exist in the rest of the domain controllers in the same partition. So you may ask yourself how […]
last week , i try to work with Windows 2008 R2 server but my system restart frequently . after research i find Reboot problem. If these servers are using File Share or SMB v.2, srv2.sys may cause this problem. Srv2.sys driver is root cause of this problem. This is SMB 2.0 server driver. You can download hotfix KB2552033 for Windows Server 2008 R2 SP1 with your own risk until Microsoft officially release it.
I am sure you must have experienced VPN reconnect – a new IKEv2 based VPN tunnel that is added in Windows 7 that allows automatic and seamless switchover of an active VPN connection when the underlying Internet interface (connection) changes thus maintaining application persistence. Isn’t that COOL – like VPN user moving from Wifi to WWAN and back – giving a true mobile connectivity to corpnet ! Yes it is… This means, Windows7 in-built VPN client and Windows 2008 R2 […]
About each folder under the SYSVOL share in Domain Controller SYSVOL folder used to store a copy of the domain’s public files like system policies, Group Policy settings and logon/logoff scripts, which are replicated to all other domain controllers in the Active Directory domain through File Replication Services (FRS), You can find many folders inside the SYSVOL share, I would like to explore and explain each folder by how it’s used in the process of SYSVOL replication.
trusting domain and the trusted domain For the diagram above, we have the following summary: When you create a trust from the Account Domain (trusted), the type of trust will be “incoming trust”. When you create a trust from the Resource Domain (Trusting), the type of trust will be “outgoing trust”. Remember that Direction of Trust is the opposite to Direction of Access.
Here is the list of all articles about Direct Access Technologies. i need to configure Direct access for students , so they must reading articles. this article is useful for helping Is Direct Access Really That Hard To Setup (No) or are we becoming IT Complacent (Yes)? Direct Access http://www.labo-microsoft.org/articles/Direct_Access/1/
When you are facing slow logons into domain and you also get events 1030 and 1006 you need to look into your network. By default Kerberos uses UDP packets to communicate. You need to force Kerberos to use TCP instead of UDP by changing registry key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\ Kerberos\Parameters If it doesn’t exists just create it Create DWORD key called MaxPacketSize and set it to value 1. For more infor there is official KB http://support.microsoft.com/kb/244474/en-us
Just a quick image about differences between “old” Software Restricion Policy and “new” AppLocker: Now it’s easy to describe and remember.
List of Ports
In this article you can see how to enable audit logging for Windows Firewall with Advanced Security. Windows Firewall with Advanced Security can log firewall activity such as dropped packets or successful connections. By default the firewall log is: %windir%\system32\logfiles\firewall\pfirewall.log You can configure firewall logging by using Group Policy if desired. But what if you want to collect more detailed logging of firewall activity such as kernel mode connections/drops and other filtering activity? You can do this by enabling Windows […]
Unfortunately there is a problem when you try to add .Net Framework 3.51 to Windows Server 2012 using Server Manager! In order to fix that issue and get .Net Framework 3.51 installed issue following command from Command Prompt: dism /online /enable-feature /all /featurename:NetFX3 /source:x:\sources\sxs In order to assign static IPv4 address to Windows Server 2012 Core using power shell use: New-NetIPAddress -IPAddress 192.168.1.10 -InterfaceAlias “Ethernet” -DefaultGateway 192.168.1.1 -AddressFamily IPv4 -PrefixLength
We want a user to be able to change your password. However, there is operation is possible with delegation. but in the following article we will look at The process of transferring power to the network users for change password This is a two part operation, firstly you need to give the user(s) the rights to change passwords, then give them the tools to do so. http://www.petenetlive.com/KB/Article/0000503.htm
I was surfing the web. I found a nice poste about virtualization and its infrastructure. I think it is interesting to see the poster. The issue of networking in System Center Virtual Machine Manager 2012 SP1 is more complex and offers several features so it is classified first. Microsoft has now released a poster that summarizes the most important information. This poster for Virtual Machine Manager Networking helps … … In planning the networks with the use of VMM VM Networks, […]
There are some days that I’m going to study.Principles of Network and raw materials is very important And that’s exactly what other fail in a new search i found a new site about TCP/IP refrence. I suggest you read this site: http://www.protocols.com/pbook/tcpip1.htm#Application
—FOR USERS— User Well known SID Creator Owner S-1-3-0 Administrator S-1-5-21domain-500 Guest S-1-5-21domain-501 KRBTGT S-1-5-21domain-502 Interactive S-1-5-4 Anonymous S-1-5-7
1. Download and install WAIK 2.Mount the Image Create folders “Images” and “mount” on c:\ BOOT.WIM=> dism /mount-wim /WimFile:c:\Images\boot.wim /index:2 /MountDir:c:\mount INSTALL.WIM=> dism /mount-wim /WimFile:c:\Images\Install.wim /index:1 /MountDir:c:\mount
Windows Server 2008: Read-Only Domain Controller (RODC) A Read-Only Domain Controller (RODC) is a new type of domain controller in Windows Server 2008. Its main purpose is to improve security in office branches. In this post, I summarize the functionality of RODC. In office branches, it is often not easy to provide sufficient physical security for servers. It is not a big deal to manipulate a Windows system if you can get physical access to it. Since Domain controllers store […]
Domain trusts can be complicated to administer, and it’s important to implement changes correctly the first time. Here are some key points to keep in mind to help ensure that your trusts are configured effectively with a minimum of headaches. 1: Determine what kind of trust you should use Before deploying a domain trust, you should ensure that the type(s) used are correct for the tasks at hand. Consider the following dimensions of a trust:
I need to design a plan for Active directory . in this way visio and Edarw are two software that help me .today i find a new software that automatically generate a diagram like as Visio ! The Microsoft Active Directory Topology Diagrammer reads an Active Directory configuration using LDAP, and then automatically generates a Visio diagram of your Active Directory and /or your Exchange Server topology. The diagramms may include domains, sites, servers, organizational units, DFS-R, administrative groups, routing […]
PowerShell is a powerful scripting tool that can greatly expedite your admin tasks. If you haven’t had a chance to learn how to use it, you might want to make time for it now. Here are some reasons why the effort will pay off.
In advance of one of the most significant waves of product launches in Microsoft’s history, today we are unveiling a new logo for the company.
What is Active Directory Tombstone Lifetime (TSL) ? The tombstone lifetime in an Active Directory forest determines how long a deleted object (called a “tombstone”) is retained in Active Directory Domain Services (AD DS). The tombstone lifetime is determined by the value of the tombstoneLifetime attribute on the Directory Service object in the configuration directory partition.
I ran across a document from Microsoft that lists maximum limits for Active Directory. This document pertains to Windows 2000 Server and Windows Server 2003. There is no reference to Windows Server 2008 in the document. However, the majority of the limits also apply to Windows Server 2008. Below is a summary of the maximums. The full details, including rationale, can be found here: http://technet.microsoft.com/en-us/library/cc756101.aspx.