Category Archives: Microsoft Windows Server 2008

MS13-066 Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (Important)

On Tuesday, August 13, 2013 Microsoft, in its monthly Patch Tuesday, released MS13-066, a Security Bulletin addressing an issue with Active Directory Federation Services. This security update resolves a privately reported vulnerability in Active Directory Federation Services (AD FS). reveal information pertaining to the service account used by AD FS. An attacker could then attempt […]


Nice offer on a great Server Core book when you’re in the Netherlands! (and a little promotion of this blog)

For a limited time, Computer Collectief is offering books on Windows Server 2008 for a mere €10 each. While all these books would be great resources and a professional way to spend your holidays on the beach, I feel one particular book, should really make it to your reading list, when you’re working with Server […]


Active Directory Services and their System Center Management Packs

As you might be aware, every Microsoft technology has the requirement to be manageable through PowerShell and System Center. Manageability through System Center is done through Management Packs. (MPs). While I discussed the PowerShell manageability stories for the five Active Directory services last Saturday, below is the overview of the availability and functionality of the […]


Active Directory Services on Server Core installations

Windows Server 2012 is a major leap forward for Server Core installations of Windows Server. Not only are Full installations of Windows Server convertible back and forth to Server Core installations without reinstallation, a whole slew of new Server Roles have become available for installation on the mean, clean Server Core installations. Active Directory Domain […]


KnowledgeBase: You cannot use redirusr.exe and redircmp.exe in the Windows Server 2008 DFL on Windows Server 2008

In the past years, I’ve found many systems and many errors. Today, I’m sharing behavior in Microsoft Windows Server that had me frown and chuckle. A bug in Active Directory code I’ve been grateful for, since it illustrates the nature of software. Note: This behavior has not been publicized in the Microsoft KnowledgeBase (yet). In […]


MS13-032 Vulnerability in Active Directory Could Allow Remote Code Execution (Important)

It’s not often, that Active Directory Domain Controllers get security updates. The Active Directory Domain Services Server Role is one of the most robustly written code, as I pointed out in an earlier blogpost on Statistics on Active Directory-related Security Bulletins. Since 2001, Microsoft has issued 18 Security Bulletins with patches to address issues in […]


PowerShell, LDIFDE, CSVDE and Protection from Accidental Deletion

When you build test environments regularly, at some point you’ll want to fill your Active Directory quickly. If, for instance, you have a data set with Organizational Units (OUs), user accounts and groups, you’ll want to quickly import this data. If, on the other hand, in your business you’re allowed to use the user information […]


Active Directory in Hyper-V environments, Part 7

This entry is part 7 of 10 in the series Active Directory in Hyper-V environments

For a while, Microsoft’s KnowledgeBase article 976424, titled Error code when the kpasswd protocol fails after you perform an authoritative restore: "KDC_ERROR_S_PRINCIPAL_UNKNOWN", has been available to solve issues with unexpected behavior after authoritatively restoring  the krbtg account on Windows Server 2008 and Windows Server 2008 R2-based Domain Controllers.


DCPROMO Advanced Mode, what does it do?

In the past 11 years, Microsoft has released four versions of Windows Server on which you could install Active Directory. On all these platforms, Microsoft offered two ways to promote a server to a Domain Controller. In this blogpost I’ll reveal the differences between the advanced mode and normal mode for dcpromo.exe for the Windows […]


How to effectively defend against Morto.A in the enterprise

Whenever a worm utilizes the normal access and daily tools systems admins use, there is a significant problem. After all, shutting down the attack vector suddenly isn’t that easy. So, without making dramatic changes to your environment, how can you rest assured?