Can I place my Exchange hybrid management server in Azure and use Azure Domain Services?

As some might know (although I and others have to repeat this regularly…), if you enable directory synchronization from your on-premises Active Directory (AD) and you migrate all you Exchange mailboxes to Exchange Online you still require an Exchange server to manage mail(box) objects. It is the only supported solution, even though some use third … Continue reading "Can I place my Exchange hybrid management server in Azure and use Azure Domain Services?"

Azure Active Directory Synchronization: Object Matching

This post is the fifth in a series about Azure Active Directory Synchronization and will cover Object Matching. Other posts have covered and will cover: Introduction, Part 1 Introduction, Part 2 Filtering, Part 1 Filtering, Part 2 Alternate Logon ID Object Matching and Joining Object matching or joining is relevant if you have multiple Active Directory … Continue reading "Azure Active Directory Synchronization: Object Matching"

Azure Active Directory Synchronization: Filtering, Part 2

This post is the fourth in a series about Azure Active Directory Synchronization and will cover Filtering. Originally I've planned to make this one post, but in my opinion it became to large and complex thus again a part 2. Other posts have covered and will cover: Introduction, Part 1 Introduction, Part 2 Filtering, Part … Continue reading "Azure Active Directory Synchronization: Filtering, Part 2"

Azure Active Directory Synchronization: Filtering, Part 1

This post is the third in a series about Azure Active Directory Synchronization and will cover Filtering. Originally I've planned to make this one post, but in my opinion it became too large and complex thus again a part 2. Other posts have covered and will cover: Introduction, Part 1 Introduction, Part 2 Filtering, Part … Continue reading "Azure Active Directory Synchronization: Filtering, Part 1"

Azure Active Directory Synchronization: An Introduction, Part 2

This post is the second in a series about Azure Active Directory Synchronization, covering part 2 of an introduction. Previous and follow up posts have covered and will cover: Introduction, Part 1 Filtering, Part 1 Filtering, Part 2 Object Matching Alternate Logon ID As most organizations will not require FIM, I will focus my attention … Continue reading "Azure Active Directory Synchronization: An Introduction, Part 2"

Azure Active Directory Synchronization: An Introduction, Part 1

This post is a first in a series about Azure Active Directory Synchronization, covering part 1 of the introduction. Follow up posts will cover: Introduction Part 2 Filtering Part 1 Filtering Part 2 Object Matching Alternate Logon ID   Why you want have synchronization For those who don't work regularly with Office 365 or other Microsoft cloud services … Continue reading "Azure Active Directory Synchronization: An Introduction, Part 1"

Some things to do after leaving Windows Server 2003 (from an Exchange perspective)

Today the Exchange Team blog posted an article about upgrading the Domain Functional (DFL) level of your Active Directory environment away from Windows Server 2003 and the fact that raising the level might have some impact on your Exchange servers (and other applications). It is possible that they might not be able to authenticate. If you … Continue reading "Some things to do after leaving Windows Server 2003 (from an Exchange perspective)"

Kerberos Constrained Delegation, Double-Hops and Protocol Transition

Have been struggling with an issue where "Constrained Delegation" is enabled for an application and it is doing multiple "Hops" from the application and eventually making it to a SQL Server.  During the hops, an SPN is correctly presenting the Users TGT Hash as requested but then for some reason the TGT hash changes from an SPN to just … Continue reading "Kerberos Constrained Delegation, Double-Hops and Protocol Transition"

NTFRS Depricated with Windows Server 2012

Microsoft has now officially deprecated FRS for Active Directory's use of it for SysVol replication.  That doesn't mean it still isn't supported and it isn't going away anytime soon but it has been reported that the next major release will be the last to support FRS replication and that o/s will probably be shipped sometime … Continue reading "NTFRS Depricated with Windows Server 2012"

Can I Virtualize ALL My DC’s In the Domain?

With the advent of Windows Server 2012 R2, Microsoft has worked diligently to provide support for virtualization and allow corporations to reduce costs by virtualizing as much hardware as possible. New features in 2012 R2 help prevent USN rollback and/or Lingering objects via the new VM-Generation ID.  If a guest o/s is restored from a snapshot … Continue reading "Can I Virtualize ALL My DC’s In the Domain?"