Linked Value Replication – what's this about

Hmm … first the question? How many of readers is aware of Linked Value Replication (LVR) in Active Directory? If what I think about readers of this blog is true probably majority of readers is very aware what this is and how it works. At the end I don't have any survey site to perform such … Continue reading "Linked Value Replication – what's this about"

Playing with new ADFind and ADMod

Today on Microsoft.public.windows.server.active_directory  simple question was asked: Is possible clean all logon scripts from a OU at the same time. This OU contains others sub-OUs. Sure it is :), thanks to joe we have updated versions of ADFind and ADMod in our toolbox. First we need a filter which is simple: (&(objectClass=user)(objectCategory=person)(scriptPath=*)) which should give … Continue reading "Playing with new ADFind and ADMod"

Windows 2003 R2 schema extension KB article

As this question still is rised on the newsgroups I've diecided to blog a little update to my previous post regarding extending the schema for Windows 2003 R2 DC. Since the date I've posted this message KB 917385 article was published which describes this behaviour and gives a solution as well. As some of you may … Continue reading "Windows 2003 R2 schema extension KB article"

Extending the schema – notes from the field

Now … the day had come, your forest schema has to be extended with some new attributes and classes. You are sweating, You are feeling dizziness (…) my goosh, my precious schema (…). That’s the case with many people – need to extend the Active Directory schema makes them ill or in best case not … Continue reading "Extending the schema – notes from the field"

Confidential bit follow-up

After my previous post about confidential bit I received great feedback through blog comment system (Thanks Jorge and Lee) and in off-line conversation on newsgroup. I’ve decided to gather this additional information in next post as an update to my original one. First of all when You want to use confidential bit for some attribute … Continue reading "Confidential bit follow-up"

How to create and use confidential attributes

Lately I have to explain to one of our customers how to create attribute in Active Directory which can be protected with additional permissions from reading its content. Such possibility was introduced in Windows 2003 SP1 but when I looked for some information to point our customer to I didn’t found much documentation so I … Continue reading "How to create and use confidential attributes"