Complete list of Ports required for our Windows Server System

I always have to look up in different locations as to which ports are needed for certain functions like Active Directory, DFSR, Certificate Services, Cluster Service, DHCP Server etc. When you need them handy its always a mission to get to the documentation, here is a document that has all these ports in one article … Continue reading "Complete list of Ports required for our Windows Server System"

Active Directory Schema 4 easy steps

So here is a list of things that you need to do when thinking and about to make schema changes: Understand the Active Directory Schema Terminology Then read How the Active Directory Schema Works Once you have that understanding you then go through our Checklist before extending the schema And make sure you know how … Continue reading "Active Directory Schema 4 easy steps"

Exchange Server 2007 and the Active Directory, Part 2

Microsoft Exchange Server 2007 is bound to shake up the Active Directory world as we know it. After my first post on the soon to come Exchange Server and the Active Directory I've been playing around for 2 months with it and attended a couple of seminars on the subject. Now we know that there probably won't … Continue reading "Exchange Server 2007 and the Active Directory, Part 2"

MIIS newbie tales – Export password attribute with Extensible MA

Today I had a little chat on e-mail with Alex Tcherniakhovski which was about following topic: how to create export only attribute with Extensible MA to set initial password for newly provisioned account? (OK, this wasn't exactly such topic but this is what it was about 🙂 ). So problem is: we are provisioning new account to … Continue reading "MIIS newbie tales – Export password attribute with Extensible MA"

Playing with new ADFind and ADMod

Today on Microsoft.public.windows.server.active_directory  simple question was asked: Is possible clean all logon scripts from a OU at the same time. This OU contains others sub-OUs. Sure it is :), thanks to joe we have updated versions of ADFind and ADMod in our toolbox. First we need a filter which is simple: (&(objectClass=user)(objectCategory=person)(scriptPath=*)) which should give … Continue reading "Playing with new ADFind and ADMod"

VML patch (MS06-055) released out of band

As we can read on MSRC blog, Microsoft has published out of band patch for VML vulnerability existing in IE. This flaw was described in Microsoft Security Advisory (925568) published lately. Bug patched by this update allows remote code execution so it should be applied as soon as it will be possible (some people do some tests and other … Continue reading "VML patch (MS06-055) released out of band"

Disable simple bind without SSL on ADAM

Today on ActiveDir.org ~Eric pointed out interesting feature in ADAM which allows ADAM administrator to configure ADAM instance to reject simple bind attempts on ports without SSL. To do this one have to edit properties of CN=Directory Service,CN=Windows T,CN=Services,CN=Configuration,CN={<GUID>} object and set RequireSecureSimpleBind attribute value to 1. This will reject authentication attempts which will be made … Continue reading "Disable simple bind without SSL on ADAM"