Directory Services MVP Alexandre Augagneur posted a script for Auditing Active Directory Subnets to the Microsoft Gallery. The script is able to audit IPv4 and IPv6 subnets. Thank you for your community contribution, Alexadre!

Not a typical topic for the Active Directory blog, but MVP Sainath K E V contributed a TechNet Wiki article titled: System Center Orchestrator Security on the TechNet Wiki. The article addresses the question of " How is the Security managed with Orchestrator...

Microsoft MVP Sainath K E V recently posted a tutorial on the TechNet Wiki titled Creating Multiple Active Directory Domains Different Networks using Hyper-v RRAS . The document provides an example of how to create and configure domains across multiple...

The Active Directory Maximum Limits and Scalability topic has been recently updated to reflect improvements in Windows Server 2012 to the number of RIDs that can be allocated over the lifetime of a domain. Another update was made to the section about...

"All my love's in vain." - "Love in Vain" , Robert Johnson (1911-1938) Hey folks, We know if you read this blog you love to find answers to all your Active Directory questions in our documentation on Microsoft.com. But before you can do that, you...

I have created this URL for Windows Azure AD cmdlets http://aka.ms/aadposh Some people might be searching for them under the name: AAD PowerShell or WAAD PowerShell , but those are not official titles or names. Other URLs created: Windows Azure...

Hey folks, The AD DS Deployment cmdlets for Windows PowerShell are some of the most powerful and useful (and deep in parameter and feature options) of the many cmdlets that were introduced in Windows Server 2012. If you are not sure how to use these...

We recently published TechNet topics about Adprep.exe for Windows Server 2012. Adprep has many changes for this release: Adprep runs automatically as needed as part of AD DS installation. For example, if you are installing AD DS on a server that...

Some users have run into this problem in Windows Server 2012 when they try to install a domain controller using Server Manager. They start the Add Server Roles Wizard in Server Manager and run through the steps to install Active Directory Domain Services...

A couple years back, we posted on TechNet Wiki an older article that was originally published on the TechNet Library by Steve Riley, when he worked at Microsoft. The article is Active Directory Replication over Firewalls . Since publishing it on TechNet...

I would like to make everyone aware of the two brand new whitepapers that I and Tom Shinder just published on the TechNet Wiki: http://social.technet.microsoft.com/wiki/contents/articles/15530.the-four-pillars-of-identity-identity-management-in...

We want to make people aware of guidelines we have published for installing Active Directory on Windows Azure Virtual Network at http://msdn.microsoft.com/en-us/library/jj156090.aspx . This topic covers the differences between installing AD on Windows...

Herbert from Microsoft support team has authored a great topic about Kerberos Forest Search Order (http://technet.microsoft.com/en-us/library/configure-kerberos-forest-search-order-kfso(WS.10).aspx). KFSO allows finding a service principal name (SPN)...

We have published a topic about upgrading domain controllers to Windows Server 2012: http://technet.microsoft.com/library/hh994618.aspx. It covers a lot of useful background information to help you prepare for an Active Directory upgrade, including...

Update Dec 12, 2012: Thanks to the users who reported this error regarding license expiration: "The License has expired. Please download a new version of the Active Directory Replication Status tool from the Microsoft website." Please download the tool...

We recently published Capacity Planning for Active Directory Domain Services on TechNet at http://technet.microsoft.com/en-us/library/jj651019.aspx . This is a a detailed and comprehensive set of guidelines to help optimize computing resources for DCs...

You may have already seen that you can deploy most Windows Server 2012 role services with Windows PowerShell. If you are interested in Active Directory Certificate Services (AD CS), you've probably noticed the PowerShell commands for deploying all six...

Breaking guidance change: Although you can use Setspn -A , you should use Setspn -S instead because -S will verify that there are no duplicate SPNs. However, if you are using Windows Server 2003 or earlier, you will not be able to use the -S switch because...

Here is a great question and reply from a lead developer for AD Recycle Bin. Q: After enabling the AD Recycle Bin, is there any downside to bringing the tombstoneLifetime value down to, e.g. 7 days? On the face of it it seems sensible to do this to...

Just want to make people aware of a new topic recently posted by colleagues: Configuring MaxConcurrentAPI for NTLM pass-through authentication . This was written by the authentication product group team themselves and has a deep explanation of how...

When I was first learning about Active Directory Certificate Services (AD CS), a colleague told me that I should search on Step-by-Step Guide with AD CS. He was right, that was a good place to get started. Starting with Windows Server 2008 R2, the Test...

Recently a question was asked on the blog regarding printing queries from Active Directory Administrative Center (ADAC). There is no native functionality for printing queries performed in ADAC, but there is a workaround. 1. Open ADAC and create a query...

One of the favorite ice breakers for computer geek get-together is to talk about your first computer. Hey, I still remember the TRS 80 (who people in the know call it the Trash80). If you liked something and you are proud of it and still refer to it as...

I was recently alerted to the situation that not all of our Microsoft customers have adjusted their language based on the new branding of Active Directory to include more than just Active Directory Domain Services. For example, people might just be searching...

A few updates were just posted, so I am putting out an FYI post. I should do this more often, so I will! Anyways, here goes: 1. Slowly, but surely, the AD CS documentation is being consolidated into a single download center page: Active Directory Certificate...