A speed bump on the information super highway.
Random header image... Refresh for more!

Group Policy Best Practice Analyzer

by jayb

These Best Practice Analyzers are some great tools from Microsoft. I’ve used the Exchange one before and its found issues we didn’t even know about. Now they have one from group policies. I know what I’m going to do next week!

Hi, Tim here. Ever heard of a Best Practice Analyzer , otherwise known as a ‘BPA’? It’s a type of tool that many of our product or support teams have been creating the last few years which can be used to gauge the general health of a…(read more)

Group Policy Best Practice Analyzer
NedPyle
Fri, 11 Apr 2008 17:32:30 GMT

Popularity: 3% [?]

Tags: , , , , , , , , ,

Related posts

April 11, 2008   No Comments

Active Directory & Exchange Schema Versions

by jayb

This is some incredibly usefully information. I’m posting this just for my own need.

If you are running into environments and working on aspects of them such as Exchange, OCS, PKI, or other Active Directory integrated applications, you will encounter situations where you may need to update the AD schema. Of course, the first question is, what version am I at today?

Here’s a handy way to find out:

Query for the objectVersion attribute of the CN=Schema,CN=Configuration,DC=yourdomainhere of your Active Directory domain and compare the value to the table below.

I’ve provided links to the schema update information (where available), if you are curious as to what is updated in each.

objectVersion
AD Schema Update

13
Windows 2000 Server

30
Windows Server 2003 **

31
Windows Server 2003 R2

44
Windows Server 2008

** The Windows Server 2003 upgrade from 2000 also adds the CN=Windows2003Update,CN=ForestUpdates,CN=Configuration,DC=yourdomainhere and sets its revision attribute to 9. This hasn’t been used again, yet.

Exchange Server saves the current version of its schema updates in an attribute of two locations.

For /forestprep operations, query the rangeUpper attribute of the CN=ms-Exch-Schema-Version-Pt,CN=Schema,CN=Configuration,DC=yourdomainhere object.

For /domainprep operations, query the Microsoft Exchange System Objects object in each domain for its objectVersion value.

The table below provides the number to version translation.

Value
Exchange Version

4406
Exchange 2000 Server

6936
Exchange Server 2003

10628
Exchange Server 2007

Active Directory & Exchange Schema Versions

Popularity: 4% [?]

Tags: , , , , , , , , , , ,

Related posts

March 9, 2008   5 Comments

Transitioning your Active Directory to Windows Server 2008

by jayb

We’ve talked about starting from scratch again with our AD forest. This post has some great information about the new features of a 2008 AD and options you have to get there.

You might be running Windows Server 2003 and Windows Server 2003 R2 Domain Controllers at the moment and you’re looking to replace these servers with Windows Server 2008 Domain Controllers to utilize the new features of Windows Server 2008. You might also be looking to replace your aging Windows Server 2003 and Windows Server 2003 R2 Domain Controllers with spanking new Windows Server 2008 Domain Controllers, while keeping your Active Directory running smoothly.

The things that are better left unspoken : Transitioning your Active Directory to Windows Server 2008

Popularity: 3% [?]

Tags: , , , , , , , ,

Related posts

March 4, 2008   No Comments

Updated Windows Server 2008 Step-by-Step Guides

by jayb

AT work we’ve talked about creating a brand new forest and moving all 5 of our current domains (same forest) into it. So we started totally fresh using windows 2008 for all our DCs. Here’s a great list of guides to get us going.

We’re getting ready to release Windows Server 2008 so you’ll see a steady flow of information around it and Windows Vista SP1.  Here are a bunch of the updated step-by-steps for Windows Server 2008. 

  • Creating_and_Deploying_Active_Directory_Rights_Management_Services_Templates_Step-by-Step_Guide.doc
  • Deploying Active Directory Rights Management Services in an Extranet Step-by-Step Guide.doc
  • Deploying Active Directory Rights Management Services with Microsoft Office SharePoint Server 2007 Step-By-Step Guide.doc
  • Deploying SSTP Remote Access Step by Step Guide.doc
  • Server Core Installation Option of Windows Server 2008 Step-By-Step Guide.doc
  • Server Manager Scenarios Step-by-Step Guide.doc
  • Step-by-Step Guide for Configuring a Two-Node File Server Failover Cluster in Windows Server 2008.doc
  • Step-by-Step Guide for Configuring a Two-Node Print Server Failover Cluster in Windows Server 2008.doc
  • Step-by-Step Guide for Windows Deployment Services in Windows Server 2008.doc
  • Step-by-Step Guide to Deploying Policies for Windows Firewall with Advanced Security.doc
  • Using Identity Federation with Active Directory Rights Management Services Step-by-Step Guide.doc
  • Windows Server 2008 Active Directory Certificate Services Step-By-Step Guide.doc
  • Windows Server 2008 Foundation Network Guide.doc
  • Windows Server 2008 Step-by-Step Guide for DNS in Small Networks.doc
  • Windows Server 2008 TS Gateway Server Step-By-Step Setup Guide.doc
  • Windows_ Server_Active_Directory_Rights_Management_Services_Step-by-Step_Guide.doc
  • Windows_Server_2008_Terminal_Services_RemoteApp_Step-by-Step_Guide.doc
  • Windows_Server_2008_TS_Licensing_Step-By-Step_Setup_Guide.doc
  • Windows_Server_2008_TS_Session_Broker_Load_Balancing_Step-By-Step_Guide.doc

See http://www.microsoft.com/downloads/details.aspx?FamilyID=518d870c-fa3e-4f6a-97f5-acaf31de6dce&DisplayLang=en for the direct download details.

Updated Windows Server 2008 Step-by-Step Guides
Keith Combs
Sat, 02 Feb 2008 04:11:51 GMT

Popularity: 4% [?]

Tags: , , , ,

Related posts

February 3, 2008   No Comments

Which KB articles resolve the most Directory Services issues?

by jayb

This article by askds contains a lot of good links related to directory services.

Hi, Craig here. It can be frustrating to call support only to have your issue resolved by an article in the Microsoft Knowledge Base. Sometimes you are just happy to get the problem solved, but most people prefer to solve something themselves and avoid…(read more)

Which KB articles resolve the most Directory Services issues?
NedPyle
Wed, 02 Jan 2008 15:58:00 GMT

Popularity: 2% [?]

Tags: ,

Related posts

January 2, 2008   No Comments

Can you rename a Windows 2003 Domain?

by jayb

We’ve been talking about doing this. We currently are using the same domain name as our external DNS name for all the domains in the forest. I’ve talked about consolidating to one domain then renaming it to a *.local DNS name. This has really become an issue since we started using  AD based DFS, when you are outside the network, DFS mapped drives hang because they are querying the external DNS servers for records and host names. :-( Not fun!

So we learned recently that Microsoft has made great strides in allowing you to rename a domain in Server 2003. They have provided a tool but remember this CAN NOT be used on a Windows 2000 domain and will cause you lots of problems.

With this being said here was the situation:


A company was bought out by another company and wanted to retain the purchased companies domain structure while just changing the domain name. Google an Admin’s best friend returned this page from Technet…

Here is the direct link to the tool and a excerpt from the Microsoft site (But we recommend reading the whole thing before you begin!)…

The Windows Server 2003 Active Directory Domain Rename Tools provide a security-enhanced and supported methodology to rename one or more domains (as well as application directory partitions) in a deployed Active Directory forest. The DNS name and the NetBIOS name of a domain can be changed using the domain rename procedure. For an understanding of the constraints of the domain rename procedure, please see the accompanying document, "Understanding How Domain Rename Works," available on this page.

Note: These tools are for use with Windows Server 2003 only. Do not use them with Windows 2000.

Worked like a charm. Everything is up and running - so far so good! But the real test will be in the morning. When we attempted this about 10 years ago on a NT domain it was horrible and just didn’t work. Microsoft sure has come along way!
Have you renamed a domain? How did it go? Hit us up in the comments…

Can you rename a Windows 2003 Domain?
Karl L. Gechlik
Tue, 11 Dec 2007 12:18:00 GMT

Popularity: 3% [?]

Tags: , , , ,

Related posts

December 16, 2007   No Comments

Twitter Updates for 2007-10-22

by

Powered by Twitter Tools.

Popularity: 2% [?]

Tags: , , , , , , , , , ,

Related posts

October 22, 2007   No Comments

Create A Silent ICA Client Installation Package

by jayb

For those somewhat new in dealing with Citrix environments, this article explains how you easily create a silent ICA installation package:

“This howto is all about how to create and configure a silent installation package to distribute the ica client. For this example we used the current ica client 9.230.”

“Most of the people in the field already now this method to create ica client installation package(s) but those who are new to Citrix could find it usefull. You can distribute it by a policie in active directory for example.”

Read the entire howto at DataCrash.net.

[Via Thincomputing.net]

Popularity: 2% [?]

Tags: , , , , , ,

Related posts

January 5, 2007   No Comments

Site Upgrade

by jayb

I finally got around to upgrading to MT 2.63, so far so good. I don’t see anything that isn’t working. Next up upgrading the MT-Blacklist plugIn to help stop the stupid blog spammers.

looks like Stone has been putting in some extra time at work and finally gets to upgrade to Active Directory.

I also just upgraded to the version of MT-Blacklist 1.61b and it Rocks!! If you are running an older version make sure you upgrade as soon as possible. Great work Mr. Allen. Thank you.

Popularity: 1% [?]

Tags: , , , , , , , , ,

Related posts

November 8, 2003   No Comments

  • Recent Comments