Domain Controller Ports

Recently I was asked by a client to produce a list of firewall ports that are used by Active Directory Domain Services (AD DS), specifically those for domain controllers.  This is what I came up with: TCP and UDP 389 Directory, Replication, User and Computer Authentication, Group Policy, Trusts LDAP TCP 636 Directory, Replication, User … Continue reading Domain Controller Ports

Server 2016 Versions & Builds

When Microsoft introduced the Operating System as a Service with Windows 10, a lot of people got started getting confused because of the different version numbers and build numbers, all the while Microsoft was telling us it was really the same operating system.  Okay, I think we have it clear now... three years later. So … Continue reading Server 2016 Versions & Builds

Delegating Control in Active Directory

I have been saying for years that a good IT department in a secure, well-managed infrastructure will give their end users the tools they need to do their job… and nothing more.If that is true for end users, shouldn’t it also be true for the IT department themselves?  It is frustrating to see the number … Continue reading Delegating Control in Active Directory

Offline Files: Groan!

You’ve configured Folder Redirection in Group Policy, and it works as expected… as long as you are connected to the network.  As soon as you disconnect, things stop working.  That may be a real inconvenience if you are redirecting your Photos, but if you have redirected your Desktop folder to a network share, there is … Continue reading Offline Files: Groan!

KB4103723: DO NOT APPLY!

Hey folks, if you know what is good for you, do not apply this patch yet.  KB4103723 protects against a CredSSP vulnerability that has not yet been compromised.  However, it will break lots of things in your system, including RDP and Hyper-V connections.  Errors will include CredSSP errors when trying to connect via RDP (or … Continue reading KB4103723: DO NOT APPLY!

Automated Virtual Machine Activation

Let's face it... Microsoft wants you to use Microsoft, so when it can, it creates technologies that make it easier for you to do so.  Automatic Virtual Machine Activation (AVMA) is one of those tools. I remember when Microsoft got into the server virtualization game, it really had very little to compete with VMware, other … Continue reading Automated Virtual Machine Activation

Windows Server 2016: A pet peeve

Over the next few weeks, as I do my first production infrastructure implementation based on Windows Server 2016 and System Center 2016, I am sure this list will grow longer.  In the meantime, I have uncovered my first pet peeve in the new version. Don’t get me wrong, overall I like Server 2016… but to … Continue reading Windows Server 2016: A pet peeve

Scheduling Server Restarts

If you manage servers you have likely come to a point where you finished doing work and got a prompt ‘Your server needs to reboot.  Reboot now?’  Well you can’t reboot now… not during business hours.  I guess you’ll have to come back tonight… or this weekend, right? Wrong.  Scheduling a reboot is actually pretty … Continue reading Scheduling Server Restarts

SQL Server: How to tame the beast!

One of the benefits of virtualization is that you can segregate your SQL Servers from your other workloads.  Why?  If not then Microsoft SQL Server will hoard every last bit of resources on your machine, leaving scant crumbs for other workloads.  Seriously… when you start the Microsoft SQL Server you will immediately see your memory … Continue reading SQL Server: How to tame the beast!

UNC Path Nightmare

Anyone who has taken a basic networking course will understand that UNC (Universal Naming Convention) paths are one of the common ways we in IT access file shares across our local networks.  They will usually look like this: \\oak-mgt-01\Sharename.  Of course, you can see all of the shares on a particular server by just entering … Continue reading UNC Path Nightmare

OEM Servers: Myths vs. Realities

In a recent conversation I realized that there are still a lot of misconceptions about OEM (Original Equipment Manufacturer) operating system rights with regard to Windows Server. While I am not here to say who is right and who is wrong (whether one should or should not buy OEM operating systems), I still think it … Continue reading OEM Servers: Myths vs. Realities