Microsoft's official enterprise support blog for AD DS and more
Ned here. Please take a moment to tell us how we've been doing over the past 18 months, and if you've found AskDS to be useful. The poll has been added to our sidebar on the left, just scroll down a little. It should take you less than 5 seconds to complete. :-)
- Ned Pyle
New KB articles related to Directory Services for the week of 4/5-4/11.
Windows Server 2003 and Windows XP clients cannot obtain certificates from a Windows Server 2008-based certification authority (CA) if the CA is configured to use SHA2 256 or higher encryption
On a computer that is running Windows Server 2008 or Windows Vista, the certificates and the cryptographic keys are unusable after the user password is changed on another network computer
After the Active Directory RMS role is decommissioned on a Windows Server 2008-based server, users cannot open documents that IRM helps protect
An error occurs when you run the ADPREP/FORESTPREP command on a Windows Server 2003-based or Windows Server 2008-based computer: "An attribute with the same link identifier already exists"
New KB articles related to Directory Services for the week of 4/11-4/18.
A DNS zone transfer between two Windows Server 2003-based DNS servers generates incomplete zone data when the DNS transfer process stops unexpectedly
The Tcpipv6.sys driver stops responding to any TCP/IPv6 requests on a Windows Server 2003 SP2-based computer when the driver binds to many network adapters
All network share access through the SMB protocol (client-side redirector) may fail on a Windows Server 2003-based computer
Windows Server 2003 SP2-based domain controllers return incorrect error code to Kerberos requests during the shutdown process
Windows 7 clients cannot locate the Active Directory Management Gateway service that is installed on Windows Server 2003-based domain controllers
A Windows Server 2003-based file server may return file identifiers (Fids) that have the 0xffff value under heavy stress
Some files are missing on a Windows Server 2003 R2-based computer after a DFSR replication
Users cannot perform authentication through ADFS in a Windows Server 2003 R2 environment when the UPN suffixes contain a character that expands to a two-letter pair
How do I enable User Account Control in Windows Vista?
New KB articles related to Directory Services for the week of 4/19-4/25.
You cannot use a UPN-formatted user name to log on to a Windows Server 2003-based FTP server that is running IIS 6.0 if the domain controller for authentication is running Windows Server 2008
Windows Server 2008-based domain controllers cannot negotiate Quality of Protection (QoP) for Transport Layer Security (TLS) connections from non-Windows LDAP clients
You may see garbled text on the logon page when you connect to a Terminal Services RemoteApp application from the Administration Console for Windows Essential Business Server 2008 Management Server
New KB articles related to Directory Services for the week of 3/28-4/5.
Roaming user profiles are ignored if the network connection to the remote server that stores the roaming user profile is slow
On a computer that runs Windows Vista or Windows Server 2008, after you rename, delete, or move the files in a network share that is hosted on a Windows Vista or Windows Server 2008-based computer, files are still listed in the network share
IIS logging for Windows Integrated authentication
German Version of AGPM translates "State" incorrectly
The memory usage of the Windows Server 2008 Active Directory Certificate Services (Certsrv.exe) may keep increasing when third-party plug-ins are installed and certificate requests are rejected
The tracing option for Group Policy Preferences uses incorrect code in the German version of Windows Server 2008-based systems
A check box in the German edition of Windows Server 2008 was translated incorrectly from the English edition
The SYSVOL share migration from FRS to DFSR fails on Windows Server 2008 R2 Beta-based servers if a disjoint namespace is configured