TechNet
Products
IT Resources
Downloads
Training
Support
Products
Windows
Windows Server
System Center
Internet Explorer
Office
Office 365
Exchange Server
SQL Server
SharePoint Products
Lync
See all products »
Resources
Curah! curation service
Evaluation Center
Learning Resources
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Script Center
Server and Tools Blogs
TechNet Blogs
TechNet Flash Newsletter
TechNet Gallery
TechNet Library
TechNet Magazine
TechNet Subscriptions
TechNet Video
TechNet Wiki
Windows Sysinternals
Virtual Labs
Solutions
Networking
Cloud and Datacenter
Security
Virtualization
Updates
Service Packs
Security Bulletins
Microsoft Update
Trials
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Related Sites
Microsoft Download Center
TechNet Evaluation Center
Drivers
Windows Sysinternals
TechNet Gallery
Training
Training Catalog
Class Locator
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
e-Learning overview
Certifications
Certification overview
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Other resources
TechNet Events
Second shot for certification
Born To Learn blog
Find technical communities in your area
Support options
For small and midsize businesses
For enterprises
For developers
For IT professionals
From partners
For technical support
Support offerings
For home users
More support
Microsoft Premier Online
Microsoft Fix It Center
TechNet Forums
MSDN Forums
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Sign in
Kaushik
Tags
.NET
Active Directory
ADFS
Aditya
Announcements
Auditing
Azure
Azure Storage
Best Practices
BitLocker
Brandon Wilson
bugcheck
Career
Charity Shelbourne
David Gregory
debug
debugger
Debugging
Deployment
Disk
DNS
Failover Cluster
Group Policy
Gurpreet
Hyper-V
IPv6
James Klepikow
Jeff Stokes
Jesse Esquivel
Joao Botto
John Marlin
Kerberos
Kernel
Kyle Blagg
Lab
Lakshman Hariharan
Lync 2010
Lync 2013
Mailbag
managed
Mark Morowczynski
Message Analyzer
Michael HIldebrand
Microsoft
Microsoft Azure
Net Logon
Networking
Performance
Pool
pool corruption
Powershell
Randy Reyes
Remote Desktop Services
Rick Sasser
Robert Mitchell
SBSL
Scott McArthur
SCVMM
Security
Server 2003
Server 2008
Server 2008 R2
Server 2012
Server 2012 R2
Servicing
Shasank Prasad
SOS
SQL 2008
SQL 2012
Steven Andress
Steven Graves
Storage
Storage and File
Storage and File Systems
Surface
System Center
System Center 2012 Data Protection Manager
System Center 2012 Service Manager
Tom Ausburne
Tom Moser
Troubleshooting
UAG 2010
Upgrade
Virtual Machines
Win8
Windbg
Windows
Windows 7
Windows 8
Windows 8.1
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Windows Store
WinSXS
WMIseries
WPA
WPR
xperf
Browse by Tags
TechNet Blogs
»
Kaushik
»
All Tags
»
active directory
Related Posts
Blog Post:
Securing DC to DC communication with IPsec using Windows Firewall with Advanced Security (WFAS) Connection Security Rules
Kaushik Ainapure [MSFT]
Hi folks, Lakshman Hariharan and Martin Solis here with a post on how to secure domain controller to domain controller communications using Windows Firewall with Advanced Security (WFAS) Connection Security Rules. Be forewarned that this is a long post ...read more
on
15 Dec 2014
Blog Post:
Mailbag: Tech the Halls (Issue #4)
Kaushik Ainapure [MSFT]
Hey y’all, Mark, Tom and the AskPFEPlat crew back for our last mailbag of 2014. It’s getting around the holidays, lots of people start to take vacation including myself. But don’t worry we’re really starting to get into a good ...read more
on
12 Dec 2014
Blog Post:
Mailbag: Black Friday (Issue #3)
Kaushik Ainapure [MSFT]
Mark and Tom here again with Mailbag Issue #3. Keep a copy of these first issues in the walls somewhere , they’ll be worth a fortune one day. We hope all of our friends in the US had a great Thanksgiving and that all of our friends around the rest ...read more
on
28 Nov 2014
Blog Post:
Mailbag: So Far Off To a Good Start (Issue #2)
Kaushik Ainapure [MSFT]
Hey y’all, Mark and Tom back with our second Friday mailbag. So far so good on trying to keep our regularly scheduled mailbags. We even got a few other PFEs to join in for this one so let’s get right to it. This post will cover the following ...read more
on
14 Nov 2014
Blog Post:
Troubleshooting Basics for the Netlogon Parser (v1.0.1) for Message Analyzer
Kaushik Ainapure [MSFT]
Hi all, Brandon Wilson here again to talk to you a bit more in depth about the Netlogon parser for Message Analyzer. Last time, I gave you a basic introduction on the anatomy of the parser, how to open log files, and the basics on navigation with the ...read more
on
10 Nov 2014
Blog Post:
Lingering Object Liquidator for Active Directory is now live
Kaushik Ainapure [MSFT]
Hey y’all, Mark back with some news about a new tool you might want to take a look at. Up until today, there hasn’t been a really easy way to scan for and remove lingering objects. Friend of the blog and all around Active Directory expert Justin Turner ...read more
on
24 Sep 2014
Blog Post:
Six Audit Mistakes Everyone Seems To Make With Windows Server
Kaushik Ainapure [MSFT]
Hi, this is Richard Sasser 'Rick', MCM, Red shirted dude (security guy). This might seem like old data, but you’d be surprised how many people looked at Security Auditing in Windows Server 2008 and 2008R2, saw that the old policies applied, and ...read more
on
22 Sep 2014
Blog Post:
Service Principal Name Attribute Limitations
Kaushik Ainapure [MSFT]
Jim Kelly here [edited by Richard P. Sasser], I've talked to a few customers and engineers lately, asking about character and entry limitations with the ServicePrincipalName Attribute. It is a common practice to use the same security principal to ...read more
on
1 Sep 2014
Blog Post:
Active Directory: Mixing Server 2003 DCs and Server 2012 DCs May Result In Kerberos Authentication Errors
Kaushik Ainapure [MSFT]
Hey y’all, Mark here again with a quick announcement. Our brothers in arms at AskDS have just posted something that you need to be made aware of if you have a mix of 2003 DCs and 2012 R2 DCs in your environment. Head over for all the details and ...read more
on
24 Jul 2014
Blog Post:
Troubleshooting Windows Server 2012 R2 Domain Controller new SIDs: A Real World Example
Kaushik Ainapure [MSFT]
Hi Folks. Lakshman Hariharan here again with another real world example. Feedback from the previous post I wrote indicated that readers found value in the methodology and techniques we use to isolate and troubleshoot issues that appear somewhat complex ...read more
on
30 Jun 2014
Blog Post:
LSASS Crashing, CNF Objects May Be the Cause
Kaushik Ainapure [MSFT]
Hey y’all, Mark back with a rare but hard-to-troubleshoot problem where CNF or conflict mangled NTDS Settings objects cause LSASS to crash on Active Directory domain controllers. The goal of this article is to create some awareness and have you install ...read more
on
23 Jun 2014
Blog Post:
Group Policy Debug Troubleshooting: A Real World Example
Kaushik Ainapure [MSFT]
Hi My name is Lakshman Hariharan and I work for Microsoft as a Premier Field Engineer supporting Active Directory. One of the things I love about what we do on a daily basis is the fact that we get to work on some of the strangest issues. This is also ...read more
on
2 Jun 2014
Blog Post:
How DCs are Located Across Forest-Trusts: Part Two
Kaushik Ainapure [MSFT]
Tom Moser here again. Sometime last year, I wrote a post around cross-forest DCLocator and how it works. I promised a sequel and then I got busy learning 2012 R2 stuff, VMM, ADFS, Hyper-V Network Virtualization, Forza 5, Ryse, Dead Rising, etc. After ...read more
on
26 May 2014
Blog Post:
How LastLogonTimeStamp is Updated with Kerberos S4u2Self
Kaushik Ainapure [MSFT]
Introduction Hi! My name is Richard Sasser, or Rick, as I prefer, and I’m a Microsoft Certified Master for Active Directory and I work on the Platforms DSE team. I do a lot of security related work, and consult frequently on Public Key Infrastructures ...read more
on
14 Apr 2014
Blog Post:
How to Save the DNS Cheese. Protect AD-Integrated DNS Zones from Accidental Deletions
Anonymous
As a quick follow on to our recent post about DNS deletion auditing, here's an ounce of prevention for you - well actually about 3 tons worth - courtesy of Brent Whitlow, Bryan Zink and your blogger-de jure, Hilde. Our co-workers, peers and others ...read more
on
25 Nov 2013
Blog Post:
How To Split and Migrate Child Domain DNS Records To a Dedicated DNS Zone
Anonymous
Hello, my name is Pierre Ricca, and I am a Premier Field Engineer focused on Active Directory and PowerShell scripting. I started working at Microsoft France as PFE in November 2010. An important part of my job consists of delivering health checks, risk ...read more
on
2 Dec 2013
Blog Post:
Domain and DC Migrations: How To Monitor LDAP, Kerberos and NTLM Traffic To Your Domain Controllers
Anonymous
Hi everyone Adrian Corona here, this time I’d like to talk about a scenario that I get asked about a lot: Domain / Domain Controller Migrations. A very (if not the most) important piece of a successful migration is to know when there’s ...read more
on
16 Dec 2013
Blog Post:
The Most Popular Posts of 2013 and Belated Birthday
Anonymous
Hey y’all, Mark back again for another year end recap. It has been an eventful year. We’ve added more bloggers to our team which is great, really increased our readership(it seems like you guys like us!) and have made it a full 2 years in existence on ...read more
on
6 Jan 2014
Blog Post:
Microsoft PKI OCSP Responder Now JITC Certified and Lab Setup Guide
Anonymous
Hello all, my name is Jesse Esquivel and I’m a platforms PFE with one of my specialty’s being security/PKI. I’ve been working with PKI in the Department of Defense (DoD) and Federal spaces for the last 7 years, designing, installing ...read more
on
8 Jan 2014
Blog Post:
Quick Reference: Troubleshooting, Diagnosing, and Tuning MaxConcurrentApi Issues
Anonymous
Hi this is Brandon Wilson again. In my newest “Quick Reference” (get the joke?), we will be narrowing the scope for troubleshooting and tuning MaxConcurrentApi issues. There is a lot of information out there on the net on this topic, but ...read more
on
13 Jan 2014
Blog Post:
Understanding the UserAccountControl Attribute in Active Directory
Anonymous
Dougga here. Not a password policy blog post, I am finally off of that issue. But I couldn’t help myself and included something about passwords in this post <grin>. Users and Computers have and attribute called UserAccountControl that dictates ...read more
on
16 Jan 2014
Blog Post:
How To Use the Active Directory Performance Testing Tool on Windows Server 2012
Anonymous
Hi, my name is Tom Ausburne and I am a Premier Field Engineer specializing in Active Directory. I recently had a customer ask if Microsoft had any tools to do Active Directory “stress” testing. A simple search leads you to this tool. Active Directory ...read more
on
10 Feb 2014
Blog Post:
Connect an On-premises Network to Azure via Site to Site VPN and Extend Active Directory onto an IaaS VM DC in Azure
Anonymous
As we all know, the Cloud is here, it's here to stay and its benefits are forcing businesses to consider it. We are in a transition period in Information Technology and I'd say we're far down the road to nearly every IT infrastructure having ...read more
on
3 Mar 2014
Blog Post:
Another Troubleshooting Adventure: More Real Life Memory Pool Leaks
Anonymous
Hello all, Jesse Esquivel here again with another post I hope you find useful. This post is a great complement to Jerry Devore's post on diagnosing a leak in non paged pool using event viewer, poolmon, and perfmon! Today I’m going to talk about analysis ...read more
on
10 Mar 2014