I'm done with an intensive month of sessions, delivered for different user groups and other communities online. When you managed to attend my session about Kerberos I hope you liked it ;). Now it's time for some blogging activities. A friend asked on his blog (PL only, sorry) a question how to quickly determine the groups a computer account … Continue reading "Groups and tokens"
joe has released new version of excelent ADFind tool, You can read about this update and grab new version on joe's blog. I want to mention only one of the aspects of this update – on Windows 2008 (aka Longhorn) this version gives You access to new statistics for LDAP queries from AD. Let's take … Continue reading "ADFind udpate, stats and performance"
Today on microsoft.public.windows.server.active_directory newsgroup somebody came with a question how he can remove and add workstations to domain, without performing this operation manually on every workstation? Because of some DR situation he had 250 workstations which were a member of non-existing domain and new AD, and wanted to add them back to domain. The same … Continue reading "How to removeadd workstation fromto domain remotely?"
Yesterday I was at customer site to talk about identity management and as it often happens some other topics were discussed with customer tech stuff after discussing main topics. In this discussion I was asked how to read and parse security descriptor for Active Directory object. After few questions we came to conclusion that they … Continue reading "How to check if I can update attribute?"
If You need Windows XP SP2 IE 6 client virtual machine for testing purposes or just for browsing You can download pre-configured (and activated) VHD image (1.5 Gb) from Microsoft. It contains Windows XP SP2 IE6 and IE7 Readiness Toolkit. System installed on this VHD will expire on 04/01/2007.
New download called Windows Automated Installation Kit just showed up on Downloads. According to its description: (…) Use this tool to configure unattended setup answer files (Unattend.xml) and capture images. (…) It support Windows 2003/XP/Vista. There is nothing more what I can tell You about it just now, I will have to test it and … Continue reading "Windows Automated Installation Kit (WAIK)"
If You are developer and You have to utilize Active Directory or ADAM in Your application .NET System.DirectoryServices (S.DS) namespace is nice thing to have. It simplifies operation performed against Active Directory, hiding all COM stuff behind relatively few different classes You can use to query and modify directory objects. S.DS is nice namespace, but it still utilizes … Continue reading "More data is available exception when searching with S.DS"
Hmm … first the question? How many of readers is aware of Linked Value Replication (LVR) in Active Directory? If what I think about readers of this blog is true probably majority of readers is very aware what this is and how it works. At the end I don't have any survey site to perform such … Continue reading "Linked Value Replication – what's this about"
Another quick and dirty example how one can user ADMod and ADFind to do something in AD quickly and without scripting. This time question is – how to rename users account, with rename I understand changing their RDN in directory? I will use ADFind to find users and prepare input for ADMod like I did … Continue reading "ADMod, ADFind – user rename"
Now … the day had come, your forest schema has to be extended with some new attributes and classes. You are sweating, You are feeling dizziness (…) my goosh, my precious schema (…). That’s the case with many people – need to extend the Active Directory schema makes them ill or in best case not … Continue reading "Extending the schema – notes from the field"