Blog Archives

New features in Active Directory Domain Services in Windows Server 2012, Part 1: Overview

This entry is part 1 of 21 in the series New features in AD DS in Windows Server 2012

Windows Server 2012 can be seen as a major release for Windows Server. Not just in terms of virtualization (Hyper-V 3.0), storage (SMB 3.0 and Storage Spaces) or manageability, but also in terms of Active Directory. There’s a load of new features, improving the lives of many Active Directory admins!

0  

New features in Active Directory Domain Services in Windows Server 2012, Part 2: New Promotion Process

This entry is part 2 of 21 in the series New features in AD DS in Windows Server 2012

As I’ve mentioned in my overview post, earlier today, one of the new features of Windows Server 2012 is a new Domain Controller Promotion Tool. In this blogpost I’ll dive a little deeper on this statement.

0  

New features in Active Directory Domain Services in Windows Server 2012, Part 3: New Upgrade Process

This entry is part 3 of 21 in the series New features in AD DS in Windows Server 2012

While a lot of lab environments will be set up as I explained in part 2 of this series (with the New Promotion Process), in the real world a lot of Active Directory environments will be upgraded or transitioned, because they’re already equipped with Domain Controllers running a previous version of Windows Server. In this […]

0  

New features in Active Directory Domain Services in Windows Server 2012, Part 4: New PowerShell Cmdlets

This entry is part 4 of 21 in the series New features in AD DS in Windows Server 2012

With Windows PowerShell Scripting being one of the requirements in the current Common Engineering Criteria (CEC), all Microsoft server products need to comply with having Windows PowerShell scripting support. In Windows Server 2012, Active Directory Domain Services expands beyond the 76 Active Directory Management PowerShell Cmdlets and 15 Active Directory Provider PowerShell Cmdlets found in […]

0  

New features in Active Directory Domain Services in Windows Server 2012, Part 5: PowerShell History Viewer

This entry is part 5 of 21 in the series New features in AD DS in Windows Server 2012

As we’ve seen in part 4 of this series, Active Directory Domain Services in Windows Server 2012 now sports a grand total of 145 PowerShell Cmdlets. Learning these commands and putting them to good use, might seem like a week’s worth, but actually, the PowerShell History Viewer in the Windows Server 2012 Active Directory Administrative […]

0  

New features in Active Directory Domain Services in Windows Server 2012, Part 6: Recycle Bin GUI

This entry is part 6 of 21 in the series New features in AD DS in Windows Server 2012

A new feature in Windows Server 2008 R2 and the Windows Server 2008 R2 Forest Functional Level (FFL) is the Active Directory Recycle Bin. This feature enables administrators to restore (accidentally) deleted objects, without booting into Directory Services Restore Mode (DSRM) or reanimating objects (with loss of attributes).

0  

New features in Active Directory Domain Services in Windows Server 2012, Part 7: Fine-grained Password Policy GUI

This entry is part 7 of 21 in the series New features in AD DS in Windows Server 2012

Microsoft introduced the concept of Fine-grained Password Policies in Active Directory back in Windows Server 2008. From that day on, Active Directory admins could granularly roll out Password and Account Lockout Policies to groups and individual users. It was, however, such a painful experience, that many books suggested to use the free SpecOps Password Policy […]

0  

New features in Active Directory Domain Services in Windows Server 2012, Part 8: Group MSAs (gMSAs)

This entry is part 8 of 21 in the series New features in AD DS in Windows Server 2012

Back in Windows Server 2008 R2, Managed Service Accounts (MSAs) solved the problem of unsecure service accounts. Managing them was a nightmare, even if you knew what you were doing. Now, In Windows Server 2012, Microsoft addresses a couple of these challenges This blogposts shows how.

2  

New features in Active Directory Domain Services in Windows Server 2012, Part 9: Connected Accounts

This entry is part 9 of 21 in the series New features in AD DS in Windows Server 2012

Windows 8 and Windows Server 2012 are cloud-optimized Operating Systems. One of the areas where this is visible is the ability to connect domain accounts to Microsoft accounts (formerly known as Windows Live IDs). In this blogpost I’ll show you how this functionality works and how you can disable this functionality altogether or granularly with […]

0  

New features in Active Directory Domain Services in Windows Server 2012, Part 10: Improved KCD

This entry is part 10 of 21 in the series New features in AD DS in Windows Server 2012

Kerberos Constrained Delegation (KCD) is a feature in Windows Server that has been available since Windows Server 2003 through Kerberos extensions. It allows for clients to let an application or a service connect to other servers or services on its behalf. A client might use a front-end server, for example, that then needs to authenticate […]

0