Field Notes: Error when changing DNS replication scope

Introduction Way back when your AD integrated DNS zone data lived inside of the naming context in AD (next to your users and computers) you could protect it from accidental deletion just like any other object. But this can cause a problem years later when you want to move these zones to their own application … Continue reading Field Notes: Error when changing DNS replication scope

Create a Group Managed Service Account (gMSA)

I have been using Group Managed Service Accounts (gMSA) more frequently and decided to post a refresher on the creation of gMSA accounts. I still find that customers are not making use of these service accounts and use standard accounts with fixed passwords instead. In this blog I will highlight the benefits of using a gMSA account and show the steps to create and update a gMSA account

Getting Ready for LDAP Channel Binding & LDAP Signing Changes on March 10 Windows Update

In this blog post, we will deal with March 10 Windows Update and its expected changes regarding LDAP Channel Binding and LDAP Signing. What is LDAP Signing? Is it safe to configure Channel Binding Token? And how can I be sure that LDAP clients will continue to work properly after installing the update? Let's try to answer all of these questions.

Active Directory Based Activation (ADBA) Fails with Error: 0x8007202B

Introduction I was working with a customer recently who could not get clients or servers at a new remote site to activate using Active Directory Based Activation (ADBA). They were getting event ID 8214 as in the image below. Notice in the above where I bold the computer name Client1.Child1.Contoso.local. This means that Client1 is … Continue reading Active Directory Based Activation (ADBA) Fails with Error: 0x8007202B

Powershell – “Search and Count All File Extensions on Multiple Machines using Powershell”

The Issue Recently I was at a customer that had a very strange and specific requirement. They wanted to query All File Type Extensions with a count on all machines in the environment. This was an environment with 30 000+ machines and they wanted it to run quickly and once off. The Investigation System Center … Continue reading Powershell – “Search and Count All File Extensions on Multiple Machines using Powershell”

PowerShell: Active Directory Cleanup – Part 4 – Unsupported Windows Operating Systems

Introduction Welcome to part 4 in my Active Directory Cleanup Series. This part is concentrated on pulling a report of Windows Operating Systems that are obsolete/unsupported. Using this report you can review them and decide if they should be removed or upgraded. Script 1: Long 1 liner. The following script was posted on one of … Continue reading PowerShell: Active Directory Cleanup – Part 4 – Unsupported Windows Operating Systems

PowerShell: Active Directory Cleanup – Part 3 – Stale Computer Objects

Introduction Hello everyone. Part 3 in my AD Cleanup series is stale computer objects. Stale computer objects are computers that haven't logged into the domain for a specified number of days. This script includes a NumberOfDays parameter that either you specify when calling the script or it defaults to 120 days during script execution. The … Continue reading PowerShell: Active Directory Cleanup – Part 3 – Stale Computer Objects

How to enable Internet and vNET connectivity for nested VMs in Azure

For a full walk-through of this setup, please watch the video at the end of this post. Greetings readers, Hyper-V nested virtualization in Azure has unlocked different scenarios and use cases such as sandbox environments, running unsupported operating systems or legacy applications that require specific features that are not natively supported in Azure, think about … Continue reading How to enable Internet and vNET connectivity for nested VMs in Azure