Category Archives: Microsoft Windows Server 2008 R2

Active Directory in Hyper-V environments, Part 7

This entry is part 7 of 10 in the series Active Directory in Hyper-V environments

For a while, Microsoft’s KnowledgeBase article 976424, titled Error code when the kpasswd protocol fails after you perform an authoritative restore: "KDC_ERROR_S_PRINCIPAL_UNKNOWN", has been available to solve issues with unexpected behavior after authoritatively restoring  the krbtg account on Windows Server 2008 and Windows Server 2008 R2-based Domain Controllers.


KnowledgeBase: Event ID 46 and 7023 logged during startup of Windows Server 2008 R2 or Windows Server 2012

Last week, Microsoft introduced a new Active Directory-related KnowledgeBase article, titled Event ID 46 and 7023 logged during startup of Windows Server 2008 R2 or Windows Server 2012. This article relates to the Windows Time (W32Time) service and the Netlogon (netlogon) service and their startup sequence.


Working with High Performance Computing resources (scale up vs. scale out in the Microsoft World)

This week I got the chance to work with some x86 High Performance Computing hardware at the Donald Smits Center for Information Technology (CIT) at the University of Groningen. Their hardware typically contains more than 64 logical processors and TBs of RAM. 10Gb/s interconnects and loads of Solid State Disks (SSDs) are also not very […]


My interview with Paula Januszkiewicz (TechDays 2012)

I’m a Directory Services MVP. Have been for the last three years, too. This expertise is part of the Identity and Access area together with the ForeFront, ForeFront Identity Manager (FIM) and Enterprise Security MVPs. These latter guys and girl are really great. One of my favorite Enterprise Security MVPs is Paula Januszkiewicz. I’ve had […]


DCPROMO Advanced Mode, what does it do?

In the past 11 years, Microsoft has released four versions of Windows Server on which you could install Active Directory. On all these platforms, Microsoft offered two ways to promote a server to a Domain Controller. In this blogpost I’ll reveal the differences between the advanced mode and normal mode for dcpromo.exe for the Windows […]


How to effectively defend against Morto.A in the enterprise

Whenever a worm utilizes the normal access and daily tools systems admins use, there is a significant problem. After all, shutting down the attack vector suddenly isn’t that easy. So, without making dramatic changes to your environment, how can you rest assured?


Preventing OUs and Containers from Accidental Deletion

Those of you running Domain Controllers with full installations of Windows Server 2008 R2 or are managing Windows Server 2008 R2-based Domain Controllers using the Remote Server Administration Tools (RSAT) on Windows 7, might have seen the following configuration warning in the Active Directory Best Practice Analyzer (AD BPA)


How to add a DSRM startup option in Windows Server 2008 and Windows Server 2008 R2

Since Windows Server 2008, Microsoft no longer offers the ability to restart a Domain Controller in Directory Services Restore Mode (DSRM) from the default F8 boot menu.


Active Directory Feature Requirements

Microsoft has included numerous features in Active Directory the last couple of years. Also, more and more technologies in products like Exchange Server, SharePoint Server and the Windows client (Windows Vista, Windows 7) have an Active Directory opt-in to store information in Active Directory. All this bountiful integration, however, comes with a price. The price […]


Photos of the NGN Windows Server 2008 R2 Day

Yesterday, the Dutch Networking User Group (NGN) organized the day filled with sessions on Windows Server 2008 R2, I blogged about earlier. I delivered a  30-minute session on Active Directory features in Windows Server 2008 R2, followed by 30 minutes of Group Policy Goodness by Raymond Comvalius and rounding off the morning sessions together with […]