Active Directory as network service has (at least IMO) one great advantage (some problems can be pointed as well ) – relative simplicity of building service which will be fault tolerant service. With proper design and maintenance it takes some efforts to break AD as a service. It provides: multiple directory replica with multi-master replication … Continue reading "Who needs another DC?"
Implementing effective password policy was always a hard task. Especially when additional accounts like: workstation local administrator account services account (look for W2008R2 new features) name whatever you want account … comes into equation and you have to make sure that all of them are in compliance with password policy of your company. Not always … Continue reading "And you will keep your password updated …"
Some time ago on Polish Windows Server users forum about client site location mechanics in context of Exchange Server and how it deals with site location. As it turned out problem which was discussed was result of some specific 9bad) design but I will cover this further in more details. But thread itself was push … Continue reading "And I will stick to my site"
Recently one of customers asked me simple troubleshooting question – why users on Terminal Services can’t use "Open as Web folder” in IE? First answer is simple – because it is grayed out :). But why it is grayed out? Look, Terminal services == GPO in most cases. Answer was simple, but this customer has … Continue reading "Inactive “Open as a web folder” in IE"
Flying over Europe to Dublin I’ve decided to take some time and write a bit about a delegation discussion I had recently with my customer. To be specific about delegating to a user right to set “User must change password at next logon” flag in ADU&C console. (cc) Stillframe I was asked about this task … Continue reading "Lost in delegation …"
Some time ago one of my friends at MCS had come across a problem while promoting RODC in a multi domain forest. This problem was "access denied" error when new RODC was promoted in one of child domains. This problem was solved thanks to discussion and involvement of few different individuals and I had a … Continue reading ""Access denied" while promoting RODC in a domain"
Another short download information: RODC Deployment Guide just hit TechNet web pages, so anyone interested in deploying Windows Server 2008 with this role have something to read while servers will do its daily business. This part of this guide deals only with deploying RODC in branch office scenario. Other planned parts of this document will … Continue reading "RODC deployment guide"
Number of RODCs in a production environment is probably not very high now but many peoples and organizations are thinking about it. For those I have good news that new KB article 944043 was published which is delivering RODC compatibility pack for down level clients. In this case 'down level' means XP and 2003. This … Continue reading "RODC compatibility pack for down-level clients"
… You want to have Your own blog with fresh content … on different topics … just steel this post like Deepak Gupta is doing. Lately he wrote about maximum limits in AD, just like I did. He wrote also about Hyper-V new features, exactly as Natasha did on her blog. Maybe I should be … Continue reading "Steal this post … just like Deepak"
Have you ever wondered how many objects You can create in Your DIT (actually this was showed some time ago by ~Eric) ? Or how many DC is to many in a domain? For some time now on one of MS internal distribution groups group of folks were discussing document which describes such limits related … Continue reading "How far You can actually push AD?"