Location: Articles

Articles

Articles

Current Articles | Categories | Search | Syndication
Articles from Windows Server

Powershell 2.0 script to bulk create test user accounts

Author: Tony Murray :: Monday, November 09, 2009 10:35 PM

This script uses Powershell 2.0 with the Windows Server 2008 R2 Active Directory service provider and CMDlets.  Use the script to bulk create test user objects in AD.

Read More..

13896 Views :: :: Categories: Active Directory, Scripting, Windows Server

Considerations when using a domain-based service account with AD LDS

Author: Tony Murray :: Monday, April 13, 2009 9:39 PM

When creating an AD LDS instance you are prompted to specify an account to use as the service account. At this point you can specify either the Network Service account or another account. Unless you have a particular need, you should choose the built-in Network Service account. If you opt for a domain-based service account you have to jump through a whole lot of hoops to get things working. Also, you typically end up giving your domain-based service account more permissions than are strictly necessary (as described later in this article). The Network Service account on the other hand provides an easy set up option and is a good choice from a security perspective given that the account has limited access to the local computer.

 
 
 
So why bother to use a domain-based service account at all? Well, if you have a number of services on your server all running under the context of the Network Service account there is potential for security compromise. In this scenario you may want to consider isolating the services from each other using dedicated service accounts.
 
What follows is a discussion of the steps required to configure AD LDS to use a domain-based service account.

Read More..

16764 Views :: :: Categories: Active Directory, Tips and Tricks, Windows Server

Multiple Domain Forests: Still a Valid Design Model?

Author: Tony Murray :: Monday, July 21, 2008 2:52 PM

On the ActiveDir.org list there has been some good discussion about whether the multi-domain forest is still considered a valid design option. This article attempts to crystallise the discussion for use as a reference for those involved with the design or review of forest models.
 
The general consensus is that single domain forests are now the preferred design option for all but the most marginal cases. Note that this does not preclude the use of multiple forests within a single organisation. For example, the use of the Exchange Resource forest in environments that have a distributed NOS architecture but a centralised messaging architecture is common in larger organisations.

Read More..

24534 Views :: :: Categories: Active Directory, Windows Server

Tracking LDAP Searches with Windows Server 2008 Reliability and Performance Monitor

Author: Tony Murray :: Tuesday, February 26, 2008 4:39 PM

Windows Server 2008 ships with the Reliability and Performance Monitor (RPM) snap-in.  On DCs, RPM incorporates an Active Directory Diagnostics feature that includes the abilility to track LDAP searches against a DC.  The amount of information captured can be very useful when troubleshooting LDAP issues.

This article provides a step by step guide on how to use RPM to track LDAP searches.

Read More..

21198 Views :: :: Categories: Active Directory, Windows Server

Mapping of MMC display names to snap-in file names (*.msc)

Author: :: Sunday, November 25, 2007 8:59 PM

This mapping can be useful for those who like to launch snap-ins from the command line or from Start -> Run.

Read More..

10290 Views :: :: Categories: Windows Server

Migrating from FRS to DFS-R

Author: :: Sunday, November 25, 2007 8:50 PM

This article provides information on how to migrate from FRS to DFS-R

Read More..

7305 Views :: :: Categories: Windows Server

Copyright 2012 ActiveDir.org
Terms Of Use