Linked Value Replication – what's this about

Reading Time: 5 minutes Hmm … first the question? How many of readers is aware of Linked Value Replication (LVR) in Active Directory? If what I think about readers of this blog is true probably majority of readers is very aware what this is and how it works. At the end I don't have any survey site to perform such … Continue reading "Linked Value Replication – what's this about"

ADMod, ADFind – user rename

Reading Time: < 1 minute Another quick and dirty example how one can user ADMod and ADFind to do something in AD quickly and without scripting. This time question is – how to rename users account, with rename I understand changing their RDN in directory? I will use ADFind to find users and prepare input for ADMod like I did … Continue reading "ADMod, ADFind – user rename"

Playing with new ADFind and ADMod

Reading Time: < 1 minute Today on  simple question was asked: Is possible clean all logon scripts from a OU at the same time. This OU contains others sub-OUs. Sure it is :), thanks to joe we have updated versions of ADFind and ADMod in our toolbox. First we need a filter which is simple: (&(objectClass=user)(objectCategory=person)(scriptPath=*)) which should give … Continue reading "Playing with new ADFind and ADMod"

Windows 2003 R2 schema extension KB article

Reading Time: < 1 minute As this question still is rised on the newsgroups I've diecided to blog a little update to my previous post regarding extending the schema for Windows 2003 R2 DC. Since the date I've posted this message KB 917385 article was published which describes this behaviour and gives a solution as well. As some of you may … Continue reading "Windows 2003 R2 schema extension KB article"

Extending the schema – notes from the field

Reading Time: 6 minutes Now … the day had come, your forest schema has to be extended with some new attributes and classes. You are sweating, You are feeling dizziness (…) my goosh, my precious schema (…). That’s the case with many people – need to extend the Active Directory schema makes them ill or in best case not … Continue reading "Extending the schema – notes from the field"

Confidential bit follow-up

Reading Time: < 1 minute After my previous post about confidential bit I received great feedback through blog comment system (Thanks Jorge and Lee) and in off-line conversation on newsgroup. I’ve decided to gather this additional information in next post as an update to my original one. First of all when You want to use confidential bit for some attribute … Continue reading "Confidential bit follow-up"

How to create and use confidential attributes

Reading Time: 4 minutes Lately I have to explain to one of our customers how to create attribute in Active Directory which can be protected with additional permissions from reading its content. Such possibility was introduced in Windows 2003 SP1 but when I looked for some information to point our customer to I didn’t found much documentation so I … Continue reading "How to create and use confidential attributes"