With the latest o/s release Microsoft modified the default encryption method from RC4 to AES when first attempt to commenicate with a Ticket Granting Ticket Service Request. As long as the client whether it be Windows 7 or Windows 2008, communicates with a Windows 2008 R2 Domain Controller (DC) everything is all good. However if the client … Continue reading "Windows 7/2008 Kerberos Default Encryption and Windows 2003/2000"
After recently bringing up a RODC in my default site, all my 2003 RWDC's in all my sites flipped to a single process which is not a good thing for DC's. I can't be absolutely certain this was the cause but the errors occured on the same day of the RODC promotion. The erorr in … Continue reading "Invalid service type: RpcSs when running DCDIAG"
With the advent of Read Only Domain Controllers (RODC) remote offices no longer have to present a risk for your Active Directory (AD) enterprise secrets. RODC's by default do not cache ANY user or computer passwords. This can present a problem if there is a loss of connectivity between the remote site's RODC and a Read … Continue reading "RODC – Password Replication Policy and Password Cache Management"