Category: 1116

Since Windows Server 2008, Microsoft no longer offers the ability to restart a Domain Controller in Directory Services Restore Mode (DSRM) from the default F8 boot menu.

Microsoft has included numerous features in Active Directory the last couple of years. Also, more and more technologies in products like Exchange Server, SharePoint Server and the Windows client (Windows Vista, Windows 7) have an Active Directory opt-in to store information in Active Directory. All this bountiful integration, however, comes with a price. The price … Continue reading "Active Directory Feature Requirements"

While upgrading your Active Directory Domain Controllers, Domain Functional Level(s) and Forest Functional Level to Windows Server 2008 and Windows Server 2008 R2 offer additional functionality compared to previous versions, also a couple of caveats exist, that I think you should be aware of.

After releasing the whitepaper on Remotely Managing Server Core boxes, I received a message from a colleague. He claimed the following sentence on page 5 of the Whitepaper to be faulty: After you first install Windows Server 2008, in either a full or Server Core installation, you are required to change the Administrator password to … Continue reading "A Curious Change in Default Password Policies"

Microsoft touts the smaller attack surface as one of the biggest benefits of using Server Core, compared to a Full installation of Windows Server 2008. Because a Server Core installation is optimized, it doesn’t include most of the vulnerabilities found in Full installations. A consequence of these optimizations is a Server Core installation might need … Continue reading "The Server Core Updates Estimation, Revisited"

When the Server Core installation option of Windows Server was introduced in 2008, not a lot of people saw the greatness. A few tried it once, some tried it twice and others got hooked! Fellow administrators often complain that it’s so hard to administer the roles and features of it.

You know, in terms of deploying servers in a smart way, so you can actually utilize them for as long as their economical lifecycle in a supported fashion without a need to reinstall them, I’ve made a stupid decision in advising IT Pros to deploy Server Core Domain Controllers in the last two years.

Server Core installations of Windows Server 2008 can be utilized in a variety of ways. I’ve written about using them as Web 2.0 Servers with IIS 7, PHP and MySQL, as Streaming media (reverse) proxies, as branch office servers, loaded with DFS, DNS, DHCP and secured with BitLocker Drive Encryption and of course using them … Continue reading "How to tell whether it’s a Server Core Domain Controller"

On Patch Tuesday for June 2009 (yesterday, June 9, 2009) Microsoft released security bulletin MS09-18 yesterday to address a vulnerability in Active Directory and Active Directory Application Mode (ADAM) that could allow remote code execution. It’s should not come as a shock Microsofts Active Directory and Active Directory Application Mode (ADAM) contain insecure code, allowing … Continue reading "A New Vulnerability in Active Directory (MS09-018)"

Microsoft released Service Pack 2 for Windows Vista and Windows Server 2008 to the Download Center and Windows Update. The Service Packs are available in five languages (English, French, German, Japanese and Spanish). Localized packages in your favorite languages (not including Medieval Swahili) are expected to arrive within two weeks. (unofficially available here) Windows Vista … Continue reading "Service Pack 2 for Windows Vista and Server 2008 is here"