Skip to Content

Category Archives: 1149

Groups and tokens

Written on June 29, 2010 at 8:27 pm, by

I’m done with an intensive month of sessions, delivered for different user groups and other communities online. When you managed to attend my session about Kerberos I hope you liked it ;). Now it’s time for some blogging activities. A friend asked on his blog (PL only, sorry) a question how to quickly determine the groups a computer account […]

Windows 2008 R2 Recycle Bin support for FIM

Written on May 4, 2010 at 12:13 pm, by

Few weeks ago I wrote about FIM 2010 support for Windows 2008 R2 Active Directory environment with Recycle Bin enabled. Basically it wasn’t supported configuration at that time. But world is changing … and FIM as well. Few days ago FIM 2010 Update 1 was released  to Windows Update and also Windows Catalog. You can […]

AD WS diagnostic logging

Written on April 10, 2010 at 12:09 am, by

I promised to get back to AD WS topic so here I am.  My last post was about the process of Active Directory Web Services (AD WS) instance location from a client perspective. When a client locates the service, in most cases, it is with the purpose to do something with it – query, update … . But what […]

FIM 2010 and Windows 2008 R2 AD support

Written on April 7, 2010 at 10:34 pm, by

Some time ago I wrote about issues with the ILM 2007 FP1 Active Directory MA connecting to Windows 2008 R2 forests. In short words: it is supported as long as Recycle Bin is not enabled. Someone asked a question ActiveDir.org, whether it is supported in regards to FIM 2010. I’ve asked a few people (thanks […]

Where is my (AD) web service?

Written on March 30, 2010 at 9:27 am, by

Windows Server 2008 R2, among other changes, brings a new interface to access directory services – the Active Directory Web Service (ADWS). It is also available for older systems – Windows 2003 and 2008 – as Active Directory Management Gateway (available as separate download). (cc) paprikaOptic ADWS I being used so far by a few Windows […]

Be careful what You promise … SYSVOL

Written on March 9, 2010 at 12:43 pm, by

… on my Polish blog a question was asked on Sunday evening if I can provide some description on the SYSVOL location process and the pitfalls which might wait there. I said … ‘Why not‘  … and then you have to keep your promise. So today it will be about SYSVOL volume. Recently it is […]

Spot the difference

Written on January 28, 2010 at 12:59 pm, by

Where is a question there is an answer (at least in most cases). This time question was “How to check schema extension introduces to a forest?” and it was asked on ActiveDir.org. There was even more than one answer … apparently some consultants are watching this list :). So how we can capture what was […]

Where is my DC?

Written on January 15, 2010 at 11:28 am, by

It is common knowledge that in AD environment client (like workstation) will always (at least it should) try to connect to most optimal domain controller. Optimal from network and AD infrastructure configuration standpoint. This process is based on DNS queries and information stored in AD configuration and in perfect case should lead to situation when […]

Kerberos and non-standard port number

Written on December 20, 2009 at 11:52 am, by

Kerberos in Windows Operating System is around for about 10 years and it is still causing problems and for many people it is like black magic voodoo. In most cases organizations and people in it are not aware that it is now working until it problem will occur on a surface with some application not […]

userPassword

Written on November 22, 2009 at 1:59 pm, by

One of my friends PFE has asked me a question regarding userPassword attribute in directory which was related to some behavior he was observing in customer environment. We had a little chat about it and then I thought that maybe other has such questions as well so … here’s a topic for a blog.  Behavior […]