New features in Active Directory Domain Services in Windows Server 2012, Part 20: Dynamic Access Control (DAC)

For the last years, we’ve been modeling the business into group memberships and their associated access control lists. For some organizations this has even led to changing the way they performed business from before they automated their business processes. For other organizations, this has resulted in token bloat. It’s time someone changed that and introduced … Continue reading "New features in Active Directory Domain Services in Windows Server 2012, Part 20: Dynamic Access Control (DAC)"

New features in Active Directory Domain Services in Windows Server 2012, Part 15: Deferred Index Creation

As already mentioned in the previous blog post on RID Improvements in Windows Server 2012, Active Directory environments are sometimes cathedrals of Microsoft technology; they’re big, they’re old and a lot of effort has been put into them to get them into the shape they’re in today.

New features in Active Directory Domain Services in Windows Server 2012, Part 9: Connected Accounts

Windows 8 and Windows Server 2012 are cloud-optimized Operating Systems. One of the areas where this is visible is the ability to connect domain accounts to Microsoft accounts (formerly known as Windows Live IDs). In this blogpost I’ll show you how this functionality works and how you can disable this functionality altogether or granularly with … Continue reading "New features in Active Directory Domain Services in Windows Server 2012, Part 9: Connected Accounts"

New features in Active Directory Domain Services in Windows Server 2012, Part 8: Group MSAs (gMSAs)

Back in Windows Server 2008 R2, Managed Service Accounts (MSAs) solved the problem of unsecure service accounts. Managing them was a nightmare, even if you knew what you were doing. Now, In Windows Server 2012, Microsoft addresses a couple of these challenges This blogposts shows how.

New features in Active Directory Domain Services in Windows Server 2012, Part 4: New PowerShell Cmdlets

With Windows PowerShell Scripting being one of the requirements in the current Common Engineering Criteria (CEC), all Microsoft server products need to comply with having Windows PowerShell scripting support. In Windows Server 2012, Active Directory Domain Services expands beyond the 76 Active Directory Management PowerShell Cmdlets and 15 Active Directory Provider PowerShell Cmdlets found in … Continue reading "New features in Active Directory Domain Services in Windows Server 2012, Part 4: New PowerShell Cmdlets"

New features in Active Directory Domain Services in Windows Server 2012, Part 3: New Upgrade Process

While a lot of lab environments will be set up as I explained in part 2 of this series (with the New Promotion Process), in the real world a lot of Active Directory environments will be upgraded or transitioned, because they’re already equipped with Domain Controllers running a previous version of Windows Server. In this … Continue reading "New features in Active Directory Domain Services in Windows Server 2012, Part 3: New Upgrade Process"