Introduction: One of the security settings that Microsoft recommend applying on domain controllers is to Require LDAP Signing. Requiring LDAP signing is one policy setting that can be applied on a few seconds using group policy, but what is the impact of applying this setting in your production environment? In most customer environments I visited, … Continue reading Step by Step: Enforce Require LDAP Signing on domain controllers. Part 1
Category: Active Directory
System Center Configuration Manager – PXE Error – “Windows Failed to start Status: 0xc0000001”
The Issue When using System Center Configuration Manager to image machine the download of the boot image freezes and stops. The error message "Windows Failed to start" Status: 0xc0000001. The Investigation If you are familiar with Configuration Manager Operating System Deployment and PXE process then below concepts will be easy to grasp. Event Viewer : … Continue reading System Center Configuration Manager – PXE Error – “Windows Failed to start Status: 0xc0000001”
System Center Configuration Manager – Keep User Domain Profile after reloading
The issue: A Task sequence was used to reload a machine from Windows 7/10 to Windows 10 that has User Data on the D: Drive and Operating system on the C: Drive. After the machine was added to the domain the user data was put back to the D: drive but upon first login a … Continue reading System Center Configuration Manager – Keep User Domain Profile after reloading
Field Notes: The case of Active Directory Diagnostics – Data Collector Set Fails to Start
Performance Monitor is a great tool for collecting and analyzing performance data in Windows and Windows Server. There are many counters available that one can look at to help understand how the system is performing. Unfortunately analysis of performance data may not always be straightforward for some system administrators. Luckily, there is the built-in Data … Continue reading Field Notes: The case of Active Directory Diagnostics – Data Collector Set Fails to Start
Field Notes: The case of buried Active Directory Account Management Security Audit Policy events
Security auditing is one of the most powerful tools that you can use to maintain the integrity of your system. As part of your overall security strategy, you should determine the level of auditing that is appropriate for your environment. Auditing should identify attacks (successful or not) that pose a threat to your network, and … Continue reading Field Notes: The case of buried Active Directory Account Management Security Audit Policy events
Most Common Mistakes in Active Directory and Domain Services – Part 3
This blog post is the third (and last) part in the 'Most Common Mistakes in Active Directory In Domain Services" series. In the previous parts, we covered some major mistake like configuring multiple password policies using GPO and keeping FFL/DFL at a lower version. The 3'rd part of the series is no exception. we'll go … Continue reading Most Common Mistakes in Active Directory and Domain Services – Part 3
Understanding Volume Activation Services – Part 2 (Active Directory-Based Activation)
In the previous part of the series, we talked about KMS, MAK, and how to choose between the two when looking for the right activation method in your environment. Today, we are going to talk about Active Directory-based activation or ADBA in short. Series: Part 1 - KMS and MAK Part 2 - Active Directory-Based … Continue reading Understanding Volume Activation Services – Part 2 (Active Directory-Based Activation)
