Category Archives: Microsoft Windows Server 2012

Virtualization-safe(r) Active Directory in VMware environments, Part 2

In the first post of this series, I’ve shown how to uncover the VM-GenerationID, the random value that unlocks all that Windows Server 2012 Active Directory Domain Services magic, on VMware’s vSphere and Workstation virtualization solutions. Today, I’m showing you how to interpret this value and how this value might be different between versions of […]


Virtualization-safe(r) Active Directory in VMware environments, Part 1

When you check my list with virtualization platforms that support Virtualization-safe(r) Active Directory through the Microsoft backed VM-GenerationID capability, you’ll notice that VMware has been supporting it in their products for a while now: Both VMware Workstation and VMware ESXi support it towards Windows Server 2012 and Windows Server 2012 R2-based Virtual Machines (VMs). Unfortunately, […]


I will be speaking at the 2014 NL VMUG Event

There are many organizations with the ‘VMUG’ initials. I’ve presented sessions to the UK VMUG, which stands for Virtual Machine User Group. In the Netherlands, VMUG stands for VMware User Group. This organization hosts their annual meeting on March 6th, 2014 in Den Bosch and I will be there too, to present a session.      […]


I’m still an ADPrep kinda guy

In Windows Server 2012, Microsoft introduced the new streamlined Active Directory Domain Services Configuration Wizard, that in most Microsoft documentation is labeled the successor to dcpromo.exe. I’m a big fan of the new wizard, but there’s one feature I don’t use: the automatic Active Directory preparation steps it can perform for you to update the […]


Transitioning your Windows Server 2003 Domain Controllers to Windows Server 2012

Your organization might still be running their Active Directory Domain Services on top of Windows Server 2003-based Domain Controllers. You might be looking to replace these servers with Windows Server 2012-based Domain Controllers, either to utilize the new features, make the most out of your virtualization project or to simply do away with the aging […]


Cross-forest Migrating Dynamic Access Control

Six months ago, I wrote on 10 Things you need to be aware of before deploying Dynamic Access Control. As point 8, I told that the Active Directory Migration Tool (ADMT) does not support cross-forest migrating Dynamic Access Control (DAC). As an Active Directory admin, ADMT, obviously, would be the first tool to look you […]


KnowledgeBase: A Windows 8-based client computer or Windows Server 2012-based member server does not use the BitLocker Network Unlock feature

Last month, Microsoft released a KnowledgeBase article regarding BitLocker Network Unlock. Basically, Windows 8-based and Windows Server 2012-based client computers sometimes may not receive or use the Network Unlock Protector feature, depending on whether the client receives unrelated BOOTP replies from a DHCP server or WDS server.


KnowledgeBase: Lost secure channel takes a long time to be reestablished when RPC Endpoint Mapper is secured on Windows Server 2012 Domain Controllers

Microsoft has released a KnowledgeBase article, in which they describe an issue you might encounter in a multi-domain environment, resulting in a loss of the secure channel between the domains and a long time for the secure channel to become reestablished.


KnowledgeBase: Kerberos authentication fails when the computer tries to request a service ticket from a Windows Server 2012-based Domain Controller

Earlier this month, Microsoft released KnowledgeBase Article 2877460, describing an issue where Kerberos authentication to an Active Directory-integrated service may fail, despite proper implementation and time synchronization, with an error describing time differences between the Primary Domain Controller (PDC) and a Backup Domain Controller (BDC).


KnowledgeBase: Smart card logon option is displayed incorrectly on the logon screen in Windows 8 or Windows Server 2012

Last week, Microsoft published a new KnowledgeBase article detailing two issues with the way (virtual) Smart Card login is displayed on the Windows 8 and Windows Server 2012 logon screen. The article contains a hotfix to address the issues.