Windows Blue AKA Windows 8.1 Preview is here with a long list of changes. To see the long list of what’s new see the link below.
To download the preview here’s the link
Friday 19 July 2013
Thursday 18 July 2013
Active Directory Recycle Bin Step-by-Step Guide
Active Directory Recycle Bin helps minimize directory service downtime by enhancing your ability to preserve and restore accidentally deleted Active Directory objects without restoring Active Directory data from backups, restarting Active Directory Domain Services (AD DS), or rebooting domain controllers.
When you enable Active Directory Recycle Bin, all link-valued and non-link-valued attributes of the deleted Active Directory objects are preserved and the objects are restored in their entirety to the same consistent logical state that they were in immediately before deletion. For example, restored user accounts automatically regain all group memberships and corresponding access rights that they had immediately before deletion, within and across domains.
Active Directory Recycle Bin is functional for both AD DS and Active Directory Lightweight Directory Services (AD LDS) environments.
Extract for TechNet for full article see link below
Deploying a GlobalNames Zone (GNZ)
A common requirement in computer networks is the ability to resolve simple, single-label names. The use of single-label names makes it possible for a computer to access hosts such as file and Web servers by using short, easy-to-remember names instead of the fully qualified domain names (FQDNs) that form the default naming convention for Domain Name System (DNS). To make the use of single-label names possible, many networks deploy Windows Internet Name Service (WINS) technology and servers in their environment. As a name resolution protocol, WINS is an alternative to DNS. It is an older service that uses NetBIOS over TCP/IP (NetBT). WINS and NetBT do not support Internet Protocol version 6 (IPv6) protocols; therefore, they are being phased out in many networks.
To help network administrators migrate to DNS for all name resolution, the DNS Server role in Windows Server 2008 supports a specially named zone, called GlobalNames. By deploying a zone with this name, you can have the static, global records with single-label names, without relying on WINS. These single-label names typically refer to records for important, well-known and widely-used servers—servers that are already assigned static IP addresses and that are currently managed by IT-administrators using WINS.
The GlobalNames zone is not designed to be a complete replacement for WINS. You should not use the GlobalNames zone to support the name resolution of records that are dynamically registered in WINS, records which typically are not managed by IT administrators. Support for these dynamically registered records is not scalable, especially for larger customers with multiple domains or multiple forests.
This is an extract from a TechNet article see the link below for the full article.
TechNet: Deploying a GlobalNames Zone
Additional references
Wednesday 17 July 2013
Securing Accounts After an RODC Is Stolen
Having work for large organisations with many branch offices it was not an infrequent event to have equipment stolen.
From experience … the people that stole your kit know you will be sending out new kit so they will return for that.
Read Only Domain Controllers (RODC) are designed for insecure environments .. so what do you do if one gets nicked … you follow the procedure on the link below to disable the stolen RODC and reset the passwords on any cached user accounts.
Tuesday 16 July 2013
Managing AD LDS using PowerShell
Microsoft Active Directory Lightweight Directory Services (AD LDS) is an independent mode of Active Directory that provides dedicated directory services for applications.
MSDN: Active Directory Lightweight Directory Services
AD LDS can use many of the familiar tools used to manage Active Directory Directory Services (AD DS) even when it comes to using the AD PowerShell Module there is a feeling of “deja vu”.
On the link below you will find a list of Active Directory cmdlets that can be used to manage AD LDS instances.
Windows 2008 R2: Managing AD LDS using the AD PowerShell Module
Sunday 7 July 2013
Command-line switches for Outlook 2010
You can change Outlook 2010 by adding switches to the outlook.exe command.
For example
outlook.exe /resetfolders
Restores missing folders at the default delivery location.
For a full list of switches see the following link.
Saturday 6 July 2013
Multiple mailboxes open in OWA 2010
One of the first things I found with Outlook Web Access 2010 is that you cannot have multiple mailboxes open in separate tabs; you get the following error message.
You can resort to a second browser like Chrome or Firefox to get a second mailbox open. I have tried a second tab in Chrome and get the same result …one mailbox per browser.
The solution
Create a shortcut on your desktop remembering to add <your_servername> without <>.
"C:\Program Files\Internet Explorer\iexplore.exe" -noframemerging /owa">https://<your_servername>/owa
Click the shortcut every time you want an additional OWA session. You can now open multiple OWA mailboxes in separate instances of internet explorer.
Monday 1 July 2013
Ensuring that group policy is applied before logon
By default group policies are applied asynchronously - Fast Logon Optimization . The upshot is that if you update a policy users may logon before the latest policy is applied and it may take a couple of logons before current settings are applied.
I am messing about with GPOs in a test environment so I don’t want to have to constantly rebooting PC or perform multiple logons attempts.
Disable Fast Logon Optimization by using the following
Create or update and existing group policy attached to the OU housing the computers and edit the following.
Computer Configuration
Policies
Administrative Templates
System
Logon
Enable: Always wait for the network at computer startup and logon
Subscribe to:
Posts (Atom)