active directory

Active Directory Replication Types

omid.koushki

I find myself quite often trying to keep straight all the different replication activities that can occur within an Active Directory (AD) domain.

There is:

Intrasite Replication
    Urgent Replication
    Intersite Replication
    Intersite Change Notification Replication
    Reciprocal Replication
    Immediate Replication
    Manual Replication

Continue reading “Active Directory Replication Types”

Can I Virtualize ALL My DC’s In the Domain?

omid.koushki

With the advent of Windows Server 2012 R2, Microsoft has worked diligently to provide support for virtualization and allow corporations to reduce costs by virtualizing as much hardware as possible. New features in 2012 R2 help prevent USN rollback and/or Lingering objects via the new VM-Generation ID.  If a guest o/s is restored from a snapshot the VM-Generation Id that is stored in the DIT (msDS-GenerationID attribute on the DC’s computer object) is compared to the value on the Host.  If they don’t match then the Invocation-Id is updated with a new value and any RID’s from the machine are replaced with a new set from the RID Master.

So the question is, “Do I need a physical DC in my Domain?”  Continue reading “Can I Virtualize ALL My DC’s In the Domain?”

Understanding Lingering Objects in Active Directory and How To’s?

omid.koushki
There are some specific concepts in active directory which may put your environment in trouble if you do not attend to fix them as soon as you notice. One of them is Lingering objects. Defining the meaning of Lingering Objects (LO) is not difficult. Basically if an object in your active directory partitions exist in one or more domain controllers and not exist in the rest of the domain controllers in the same partition. So you may ask yourself how that is possible to have an object in a DC and not having the same object in another DC? So what is the responsibility of replication? Wasn’t it designed in order to have a synchronized AD database in your environment? We are going to cover your questions as well. 

Continue reading “Understanding Lingering Objects in Active Directory and How To’s?”

10 things about AD domain trusts

omid.koushki

Domain trusts can be complicated to administer, and it’s important to implement changes correctly the first time. Here are some key points to keep in mind to help ensure that your trusts are configured effectively with a minimum of headaches.

1: Determine what kind of trust you should use

Before deploying a domain trust, you should ensure that the type(s) used are correct for the tasks at hand. Consider the following dimensions of a trust: Continue reading “10 things about AD domain trusts”

Active Directory Topology Diagrammer

omid.koushki

I need to design a plan for Active directory . in this way visio and Edarw are two software that help me .today i find a new software that automatically generate a diagram like as Visio !

The Microsoft Active Directory Topology Diagrammer reads an Active Directory configuration using LDAP, and then automatically generates a Visio diagram of your Active Directory and /or your Exchange Server topology.

The diagramms may include domains, sites, servers, organizational units, DFS-R, administrative groups, routing groups and connectors and can be changed manually in Visio if needed.

Download

Continue reading “Active Directory Topology Diagrammer”

Active Directory Maximum Limits

omid.koushki

I ran across a document from Microsoft that lists maximum limits for Active Directory. This document pertains to Windows 2000 Server and Windows Server 2003. There is no reference to Windows Server 2008 in the document. However, the majority of the limits also apply to Windows Server 2008.

Below is a summary of the maximums. The full details, including rationale, can be found here: http://technet.microsoft.com/en-us/library/cc756101.aspx. Continue reading “Active Directory Maximum Limits”