In preparation for the Active Directory forest to be upgraded (to Windows Server 2012 R2), it may be prudent to re-evaluate Active Directory disaster recovery plans. Active Directory if configured correctly will just sit there and work; servicing all requests that are presented and because of this robustness, its importance is often overlooked and its criticality … Continue reading Active Directory: Disaster Recovery (Recap)
Blatant self-promotion, but I wanted to share a blog post from OneLogin that gives their list of top Active Directory experts (including me) and our top tips on "What you should never do when working with Active Directory". Top 6 (Independent) Microsoft Active Directory Integration Experts to Follow Does anyone else have any other “No … Continue reading Top 6 (Independent) Microsoft Active Directory Integration Experts to Follow
Microsoft have stated for numerous years that anyone with Kerberos authentication issues often due to users being in multiple groups and commonly known as Token Bloat should increase the MaxTokenSize to 65535 bytes. Whilst reading Understand and Troubleshoot Dynamic Access Control in Windows Server 2012 guide, I read that “Previous versions of Windows had … Continue reading MaxTokenSize – Change of recommendation from Microsoft.
Microsoft have updated the must read Active Directory document on Active Directory Forest Recovery. “The guide contains best-practice recommendations for recovering an Active Directory forest if forest-wide failure renders all domain controllers in the forest incapable of functioning normally. The steps, which you must customize for your particular environment, describe how to recover the entire … Continue reading Active Directory: Forest Recovery – Whitepaper updated.
Microsoft have released a new document which contains best practice recommendations to assist organisations in enhancing the security of their Active Directory installations. Microsoft state that “In implementing these recommendations, organisations will be able to identify and prioritise security activities, protect key segments of their organisation’s computing infrastructure and create controls that significantly decrease … Continue reading Best Practices for Securing Active Directory
I have just returned from the MVP summit in Redmond, where I spent the best part of a week with the Active Directory Product Group and other Directory Services MVP’s. In conversation with a fellow Directory Services MVP Microsoft PFE Mike Kline, I mentioned a way that I had spoofed a domain to ensure … Continue reading Active Directory: Mergers and Divestitures – Spoof a domain to implement a DFS Namespace.
Over the past view months I have been quietly working on the revised edition of the O’Reilly Active Directory Bible. I am pleased to say Brian has finished the book and it is now available. For further information checkout Brian’s Blog at http://briandesmond.com/blog/active-directory-5th-edition/