So I was doing some tests at one of my favorite customers in the world 😉 they allowed me to share the information of a test on replication of a domain controller on a different site on a single forest single domain infrastructure. The key here is that we have preloaded 120 000 users and … Continue reading "The Real Replication Traffic"
So I received loads of comments asking me what the DC* log files log.
I always have to look up in different locations as to which ports are needed for certain functions like Active Directory, DFSR, Certificate Services, Cluster Service, DHCP Server etc. When you need them handy its always a mission to get to the documentation, here is a document that has all these ports in one article … Continue reading "Complete list of Ports required for our Windows Server System"
So here is a list of things that you need to do when thinking and about to make schema changes: Understand the Active Directory Schema Terminology Then read How the Active Directory Schema Works Once you have that understanding you then go through our Checklist before extending the schema And make sure you know how … Continue reading "Active Directory Schema 4 easy steps"
I was chatting to a friend of mine and he was complaining of DCPROMO failing during a promotion of a member server to a domain controller. He could not understand why. With him about 17 000km away from me, I couldn't just jump over and help him. He didn't have VPN access for me and … Continue reading "DCPROMO Debug"
So as I was going along promising customers that the Password Portal would be released with MIIS SP2 I was caught like a fish out of water. The Password Portal was pulled from SP2 and the customer was not happy at all.
I know I have posted in a while but I have a good reason and some juicy things to come in the near future. So the two things I have been busy with (which is the excuse I am using for not blogging ;)) Password Portal Active Directory Users and Computers (ADUC) – Dialog extentions
I needed to change the way the DisplayName is automatically formatted in ADUC for a customer and was shocked to know they did not know of the createDialog propery in the CN=409 under DisplaySpecifier(s) in the Configuration partition. Below is a extract from the KB that shows you how to do this.
Most companies do not understand how important a PDC is in your environment. They often oversee this role and I think in a way it is our fault to make this single role “more important” than the other roles (** for those die hearts out there please note the quotes over “more important”). With this … Continue reading "How to lessen your PDC’s load"
I know that Kerberos delegation can be a pain in the A$$ one of the first steps is to see if the user/administrator has registered a Service Principle Name (SPN) if he has and Kerberos delegation is still not working then check if he has duplicate entries for that SPN entry.