Brian Puhl's Weblog

These postings are provided "AS IS" with no warranties, and confer no rights...WHEW...glad we got that over with, let's get to the good stuff now...

Browse by Tags

Related Posts
  • Blog Post: Time, time, everyone wants time...

    In a previous post about managing FSMO roles, I asked a question about who remembers to configure the new server as an authoritative time source when transferring the PDC FSMO role. The reason I ask this, is because when you look at managing the FSMO roles from an operational perspective, everything...
  • Blog Post: How Does Microsoft IT Do...

    Engineers in Microsoft IT spend an unusually large amount of time talking to customers answering questions which start with: How Does Microsoft IT Do...<fill in the blank here>? I'm going to try to start to post some of the more common questions and answers in this blog to "share the wealth...
  • Blog Post: Interesting SSID and Reusing Attributes

    I bought a new truck a few months ago, and right on schedule (as the salesman promised), as I was coming due for my first oil change, I got a card for my first one free at the dealership. Never being one to turn down a free deal, I dropped in the other day, handed over my keys, and directed to the lobby...
  • Blog Post: Bulk Password Resets

    When a user resets their password, what happens? What about if ALL your users reset their password? Can your infrastructure handle it? Are there "special" changes that you'd want to make? More importantly, this is probably such an edge case that it's not on your top 150 list of things to do? Well, just...
  • Blog Post: What to do with FSMO roles...

    We recently hired a new engineer to a team which manages some of the internal MS environments... We were discussing FSMO role placement and he sent me mail (snippet below slightly edited) which I thought was interesting... The reason why we separated the roles at my last company was due to the FSMO...
  • Blog Post: How MS IT Does ADFS Value Card now available...

    For the past year or so I've been working with the ADFS team to deploy 2 instances in our internal environment. The first scenario was to use ADFS to allow our North America based employees to use ADFS for single sign-on to our online company store. Without ADFS they needed to remember a seperate user...
  • Blog Post: Identity and Access Webcast Series

    Here's some info on some upcoming webcasts... This first series is for the "Technical Decision Makers", but I'll post the "IT Pro" series when they get announced. -Brian -------------- Microsoft offers a broad range of technologies and products to enable a customer’s identity and access infrastructure...
  • Blog Post: How Does MSIT Do...DC Placement?

    In the past couple of months, I've been asked at least 3 or 4 times how MS IT determines where on their network to place domain controllers. The questions are usually coming from larger, enterprise type customers and usually sound something like this: How does MS IT determine the number of users...
  • Blog Post: AD and DC Builds, tweaks, configurations... The Registry

    The first installment, what our hardware looks like, may have been useful...but I know that's not really the juicy gossip that everyone is looking for...so here's a quick and follow-up with the registry tweaks that we set internally... Strict Replication is enabled on Windows Server 2003 - For Windows...
  • Blog Post: AD and DC Builds, tweaks, configurations... (1)

    I received a mail from a blog reader (Jim) who asked: "Can you provide any insight regarding and tweaks or configuration settings you guys use on your DC builds?" Sure, I'm happy to do this, so here I am typing happily along, and realized that there is a lot more configuration/tweaking/settings...
  • Blog Post: AD Training

    hmmm....ok, so here's an interesting problem: I'm a Microsoft employee. My blog is hosted on Technet.com. And I'm pretty sure that there is a policy somewhere, which I'm unaware of, that addresses blog posts about 3rd party companies... But I've never really been one for following too many rules anyways...
  • Blog Post: x64 Domain Controllers

    Had an e-mail thread with Joe recently, which also resulted in this blog entry . He's a consultant for another big tech company, and was working with a customer that was migrating a lot of non-domain joined machines to AD as well as deploying other AD aware applications. The net result though, is that...
  • Blog Post: Useful repadmin switch

    Repadmin is the "swiss army knife" of AD tools - But the following can be one of those "big red buttons" that you keep in your back pocket and hopefully never need. But sometimes it's just useful to slow things down until you figure out what's going on... repadmin /options * +disable_outbound_repl...