Browse by Tags

Tagged Content List
  • Blog Post: Easy Checking for MaxConcurrentApi Problems

    Hi folks! I’m due for my (now) semi annual blog post, and I have a pretty good one. Short and sweet. Remember my blog posts about MaxConcurrentApi problems? Well, of course not but they are here and here so you can read them now. I’m certain you read these fine blog posts about the...
  • Blog Post: Free Hotfixes!

    OK, well public hotfixes have always been a freebie if you first call into our support line to get them. However, now you can get the hotfix via the web. No fuss, no muss. Just go to this link and give the KB article number related to the hotfix you need and your email address. https://support...
  • Blog Post: The Domain Logon Dialogue

    Happy New Years everyone! Let’s start the year off with a less strenuous article regarding how the domain logon list gets populated. I’m talking about the user logon dialogue which you see following pressing control, alt and delete at the same time. There is a little bit of confusion around what you...
  • Blog Post: A New Twist on Initial Delay in SSL Session Setup

    A while back I posted about troubleshooting a problem where a customer had seen a home grown application was not working as expected. The app was designed to run in a web site which the user would connect to from Internet Explorer on a client. The HTTP connection was secured by SSL. The problem...
  • Blog Post: ADMT and Server 2008

    Whenever we release a new product or suite of products we at Microsoft want to ease the adoption of it. For that reason we’ve released tools and scripts over the years to help our customers out. We’ve typically given these as free downloads from the internet, and (I know my opinion is skewed here) frankly...
  • Blog Post: These are the Updates You Are Looking For

    In this blog post we’re going to go over a few techniques that are a bit old school but will come in handy for understanding how things work even if you ultimately use a great monitoring suite like MOM. Now, there are great articles here and here that describe good general ways to start checking your...
  • Blog Post: Updated: NTLM and MaxConcurrentApi Concerns

        Over the past few years we’ve learned more about “NTLM and MaxConcurrentApi Concerns” and we’ve even come up with some new ways of addressing them.   The starting point for learning more is the Knowledge Base article You are intermittently prompted for credentials or experience...
  • Blog Post: What's in a name?

    Have you ever heard the Shakespeare paraphrased saying “a rose by any other name is still a rose?”. Well, the same holds true for objects in AD. Not that we have “rose” class objects, but the point being that simply renaming an object doesn’t really fundamentally alter that object. Here’s how this...
  • Blog Post: A Complicated Scenario Regarding DNS and the DC Locator SRVs

    When we do initial interviewing of a candidate for a job here in the CSS Directory Services team a question we’ll often start with is “how important is DNS to Active Directory?”. The person’s answer-if the correct answer of very important is given- is a great place to start with more detailed DNS questions...
  • Blog Post: What Would Microsoft Support Do?

    To start the new year off right I have an article that is a must read if you IT administrator and using Microsoft products.  It’s in the January edition of Windows IT Pro magazine, in their “What Would Microsoft Support Do?” column.  You can read it from this link . Happy New Year folks!
  • Blog Post: Must Read: Daylight Savings Time (DST) Update

    We had enough folks have trouble with this earlier this year that I wanted to take a moment to talk about Daylight Savings Time (DST). We’re about to have time changes in some regions so this is a hot topic right now for many people. Your first question should be “How does this affect me? Does...
  • Blog Post: Testing a Credential Provider

    Weeks ago I blogged about how single sign on and credential providers work and a scenario you can run into with them. One reader faced a slightly different scenario but was able to apply that topic toward getting his issue resolved. He had installed a credential provider for testing purposes. Unfortunately...
  • Blog Post: ADMT 3.1 Is Now Available for Download!

    There’s been a lot of interest in the next version of our free migration tool and guide. Well, it’s now available. The link below can get you to the new Migration Guide, ADMT itself, and a link to the Password Export Server (PES) 3.1 in both x86 and x64 versions. http://www.microsoft.com...
  • Blog Post: Question about AD authentication, Put In Context

    Occasionally I am contacted with specific questions or topics people would like to hear more about. This post is a reply to one of those. Here’s the question: My question is what are the impact when I change the logon workstation property of a user account in AD. Obviously, that user account cannot...
  • Blog Post: Introducing the Active Directory Discussion Blog....

    Hello, all. This is the first post in what I hope will be a useful blog for the Windows admin community. In particular, the AD (or directory services in general) admins out there. I work at one of Microsoft's Global Technical Support Centers providing support for Windows Directory Services every day...
  • Blog Post: Loading the Active Directory Database Into RAM

    Here’s another question we get asked occasionally: is there a way to load the entire Active Directory database into RAM? The idea behind this question is that having the sought after data in physical RAM would prevent the delays of seek time and paging which even the fastest hard drives have to...
  • Blog Post: Dude, where's my PAC?

    Something that is becoming more prevalent over the past few years has been great investments into our security technologies for application oriented reasons. Impersonation, people, that’s what I’m talking about. If anyone ever asks you what the big deal with Kerberos authentication is you can some it...
  • Blog Post: Thoughts on Single Sign On and Credential Providers

    We use the term single sign on (SSO) to describe a variety of behaviors in Windows and other applications where the result is simply to prevent the user from being prompted to provide their credentials again and again; to ideally enter their credentials only once at initial logon. Active Directory and...
  • Blog Post: The FEK, AES and FIPs: Acronym Heaven!

    I’ve had several blog posts about the improved security in Windows Vista and Server 2008, particularly around cryptography. Here’s one more, albeit a short one. This post is about how, generally, Encrypted File System (EFS) works using Advanced Encryption Standards (AES) encryption algorithms to...
  • Blog Post: Group Policy Best Practice Analyzer

    Ever heard of a Best Practice Analyzer , otherwise known as a ‘BPA’? It’s a type of tool that many of our product or support teams have been creating the last few years which can be used to gauge the general health of a component before things go catastrophically wrong. BPA's can also identify problems...
  • Blog Post: DCs and Network Address Translation

    A lot of planning goes into the features and capabilities of each Windows release. Over the years I’ve noticed that there is not a great deal of awareness out in the general public for just how much work and labor goes into a new version of Windows. We’ll most often hear someone say something...
  • Blog Post: Active Directory in Longhorn...Feature Feedback Requested

    One of the most time consuming, aggravating and emotionally draining issues our customers can go through is a disaster recovery issue. The general gyst of this type of thing is: -Accidental deletion of <insert terrifyingly large number here> users, groups or other objects in AD -Mad scramble...
  • Blog Post: Indexing in Active Directory

    We end up taking indexing for granted most of the time until and unless we encounter a problem. Why don’t we start off with the question of “what is indexing?”. So an index is essentially a way of organizing data for fast retrieval or at least retrieving a quick answer. For a thorough understanding...
  • Blog Post: Important Security Bulletin

    I wanted to do a quick post on an important security bulletin. It’s Microsoft Security Bulletin MS09-018 – Critical . This security update is to address a vulnerability in Active Directory. I’m pasting the Executive Summary below, but I highly recommend that you read the entire bulletin and apply the...
  • Blog Post: VSS Snapshots and You

    I find myself doing blog posts on things that are not frequent enough for most experienced admins to be aware of since it wouldn’t come across their desk often. The reason for that is that in my role I receive the least common unresolved issues that occur from our customers. When I receive a few...