Microsoft has introduced an impressive array of technologies and an awesome vision on Hybrid Identity. Their vision entails seamless access to corporate resources, services and applications for people, no matter where these resources, services and apps are located (either on-premises or in the cloud) while in the mean time allowing for strong authentication and granular … Continue reading "Default checks to perform when implementing Hybrid Identity, Part 5: Groups with non-linked-value replication-enabled members"
Category: Windows Server 2003
Microsoft Windows Server 2003
Knowledgebase: When you enable DNS debug logging to removable media, the DNS Service no longer starts
Sometimes, Microsoft products have a way of their own. The Domain Naming System (DNS) service since Windows Server 2003, too, has a nice little quirk that I ran into the other day, that I’d like to share with you. About DNS debug logging When you suspect problems with the Domain Naming System (DNS) Service, … Continue reading "Knowledgebase: When you enable DNS debug logging to removable media, the DNS Service no longer starts"
Hybrid Identity features per Active Directory Domain Services Domain Controller Operating System, Domain Functional Level, Forest Functional Level and Schema version
Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. These components have requirements of Active Directory Domain Services (AD DS) in terms of the schema, the Windows Server versions on the Domain Controllers an organization runs, the Domain Functional Level (DFL) and the … Continue reading "Hybrid Identity features per Active Directory Domain Services Domain Controller Operating System, Domain Functional Level, Forest Functional Level and Schema version"
Critical Flaw in SMB1 could allow remote code execution on Active Directory Domain Controllers (MS17-010, KB4013389)
Today, for its March 2017 Patch Tuesday, Microsoft released a security update for supported versions of Windows Server offering File Sharing services using the Server Message Block (SMB) version 1.0 protocol. The security update addresses the vulnerabilities by correcting how SMBv1 handles specially crafted requests. About the vulnerabilities The vulnerabilities that are fixed with … Continue reading "Critical Flaw in SMB1 could allow remote code execution on Active Directory Domain Controllers (MS17-010, KB4013389)"
Advances in Active Directory since Windows Server 2003
In six months time, on July 14 2015, Microsoft ends the extended support for Windows Server 2003. After 11 years and 6 months (Windows Server 2003 became generally available on May 28th, 2003) the plug is pulled on updates to the product and the support information on TechNet, MSDN and its KnowledgeBase. Running Active Directory on Operating … Continue reading "Advances in Active Directory since Windows Server 2003"
Transitioning your Windows Server 2003 Domain Controllers to Windows Server 2012
Your organization might still be running their Active Directory Domain Services on top of Windows Server 2003-based Domain Controllers. You might be looking to replace these servers with Windows Server 2012-based Domain Controllers, either to utilize the new features, make the most out of your virtualization project or to simply do away with the aging … Continue reading "Transitioning your Windows Server 2003 Domain Controllers to Windows Server 2012"
Big Drives, Part 2
I can imagine that after reading part 1 of the 'Big Drive Problem" one essential question remained unanswered and haunted your thoughts: How big should I make my C: drive if I move every dynamic, sensitive or performance related piece of data from it? I intend to answer that question in this post.
Big drives, Part 1
It's not uncommon to find big drives in new servers. Some people might suggest to format it with one NTFS based C: drive, but I suggest you don't listen to them. Not placing dynamic data on your C: drive is a best practice. This practice requires you to make other disks, volumes or partitions.
WDS without Active Directory
Windows Deployment Services (WDS) is part of the recently released Service Pack 2. In the last months one question remained unanswered: "Is it possible to use Windows Deployment Services (WDS) in a non-Active Directory environment?" Today I answer it myself, using questions you might have after this short introduction…
Exchange Server 2007 and the Active Directory, Part 4
With Microsoft Exchange Server 2007 comes a new security model to publish your servers to the Internet: Microsoft Exchange Server 2007 boxes configured with the Edge Transport Server Role. This new model replaces the current Front-End / Back-end model.