Category: 1149

Reading Time: 2 minutesSome time ago, when Windows 2008 was released I had some spare time (where are those days) and I wanted to master some of my .NET coding skills. What is better than find an idea to use them … and that’s how 1Identity Snapshot Recovery Tool was created. Snapshot Recovery Tool is command line tool … Continue reading "Snapshot recovery tool strikes back"

Reading Time: 4 minutesThis post is probably first of TEC 2009 follow-up series, at least partially as I thought about covering it just before going to TEC. However Brian Desmond has touched this topic during his session so it is good reason to follow-up on it. This will be about usage of catch-all subnets in AD topology design. … Continue reading "One subnet to catch them all"

Reading Time: 3 minutesActiveDir.org is always a source of all sorts of directory related discussion. In most cases interesting once. I have to admit that I would like to have more time to catch up with ActiveDir.org and to be more active there (note to self) but with Wojtek @ home (he’s growing) it is getting even harder … Continue reading "Using multiple UPN suffixes for users in single directory"

Reading Time: 5 minutesWindows 2008 R2 has hit RTM and many of users have already downloaded it from Technet and MSDN to evaluate or even deploy in the network. W2008R2 brings changes in many different aspects of operating system, some are saying that it should not be R2 but brand new OS version. Among other R2 brings changes … Continue reading "ILM AD MA, linked attributes and Recycle Bin"

Reading Time: 3 minutesThere are number of things in which my current employer managed to succeed. Among greatest success I think  one can count way in which Microsoft managed to scare people with Active Directory schema extension. Probably it has started somewhere down the road with Windows 2000 shipped, some communication, talks … but the fact is … … Continue reading "Ex2007SP2 – step towards virtual directory … sort of"

Reading Time: 2 minutesTake a lot of work, add 7 week old son and serious flue (which strikes 2 days after You got back from travel which incorporates transfer on some heavy used airports – first thought – pork 😉 ) and you will get some silence on a blog. I hope that while my son will get … Continue reading "Microsoft IT (AD) Health Scanner"

Reading Time: 3 minutesProtecting LDAP traffic with SSL is a good idea, especially if in network environment some applications are (ab)using LDAP as authentication protocol. Some explanation of abusing word – LDAP never was designed as authentication protocol (like Kerberos is). Its name states it clear “DIRECTORY ACCESS PROTOCOL”. However because it is simple to use and effective … Continue reading "Where to put SSL certificate for LDAP …"

Reading Time: 4 minutesFrom time to time people are asking me questions about AD and related topics. I don’t know why but they think I might now the answer. Sometimes this is not true 😉 but I try to do my best (I’ve just learned today that there is “Geek network” so probably those persons can answer all … Continue reading "OU layout and LDAP queries"

Reading Time: 4 minutes“Virtualization is a bless” I wrote not so long ago (or lets just say that close to that – maybe different wording) and I didn’t thought that I will get back to virtualization topic so quickly. This time it was triggered by article wrote by one of Polish sys admins who had a rather non … Continue reading "We are chasing time … or time is chasing us"

Reading Time: < 1 minuteActive Directory Documentation Team has put on the web interesting post about default permissions of Account Operators (AO) group which might be present on DC object as a result of ACLs placed earlier on computer object.   (cc) ph0t0 {loves you too} In short words: AO are being granted permissions to manage many objects in … Continue reading "Default Account Operators permissions on DC object"