Recently I was asked by a client to produce a list of firewall ports that are used by Active Directory Domain Services (AD DS), specifically those for domain controllers. This is what I came up with: TCP and UDP 389 Directory, Replication, User and Computer Authentication, Group Policy, Trusts LDAP TCP 636 Directory, Replication, User … Continue reading Domain Controller Ports
When Microsoft introduced the Operating System as a Service with Windows 10, a lot of people got started getting confused because of the different version numbers and build numbers, all the while Microsoft was telling us it was really the same operating system. Okay, I think we have it clear now... three years later. So … Continue reading Server 2016 Versions & Builds
I have been saying for years that a good IT department in a secure, well-managed infrastructure will give their end users the tools they need to do their job… and nothing more.If that is true for end users, shouldn’t it also be true for the IT department themselves? It is frustrating to see the number … Continue reading Delegating Control in Active Directory
Renaming servers is a snap with PowerShell!
You’ve configured Folder Redirection in Group Policy, and it works as expected… as long as you are connected to the network. As soon as you disconnect, things stop working. That may be a real inconvenience if you are redirecting your Photos, but if you have redirected your Desktop folder to a network share, there is … Continue reading Offline Files: Groan!
Hey folks, if you know what is good for you, do not apply this patch yet. KB4103723 protects against a CredSSP vulnerability that has not yet been compromised. However, it will break lots of things in your system, including RDP and Hyper-V connections. Errors will include CredSSP errors when trying to connect via RDP (or … Continue reading KB4103723: DO NOT APPLY!
Let's face it... Microsoft wants you to use Microsoft, so when it can, it creates technologies that make it easier for you to do so. Automatic Virtual Machine Activation (AVMA) is one of those tools. I remember when Microsoft got into the server virtualization game, it really had very little to compete with VMware, other … Continue reading Automated Virtual Machine Activation
I came to this realization last year, but I don't think I wrote about it. When monitoring domain controllers, specifically domain controllers running on Windows Server 2016, and specifically with System Center Operations Manager 2016 (and later, I assume) have a bit of an issue when you deploy the SCOM Agent to the server. It deploys, … Continue reading Domain Controller Health Service Lockdown Issue with SCOM 2016
I needed to build a new domain controller for a friend’s company recently. It is something that I have done so many times over the past two decades that some things are just instinctive… like typing dcpromo to create a domain controller. Right… I had forgotten about that. dcpromo has been deprecated. You could go … Continue reading DCPromo No More… PowerShell!
If I've told you once I've told you a thousand times... When you build a Failover Cluster on Windows Server make sure you run the Validation Tests... and make sure those tests succeed (or at the very least nothing FAILS... Warnings are acceptable). So as I sit at a client trying to cluster two Hyper-V … Continue reading Hyper-V Server Clustering Network Issue: Validation Failed?
Over the next few weeks, as I do my first production infrastructure implementation based on Windows Server 2016 and System Center 2016, I am sure this list will grow longer. In the meantime, I have uncovered my first pet peeve in the new version. Don’t get me wrong, overall I like Server 2016… but to … Continue reading Windows Server 2016: A pet peeve