Tag | Active Directory Posts

Server 2008 Active Directory Services and Your Infrastructure - Windows Server 2008 - What's new? Registration Link: http://www.nhmn.com/Courses... Date: June 25 Time: 9am-11am Location: New Horizons of MN Seminar Room - 4510 W 77th St Suite 210 Edina MN Class Overview Windows Server 2008 introduces a number of new features that are designed to streamline the role of the Active Directory in your environment, as well as promote a dramatic change in the idea of Branch Office ...
Roles in Perth, Scotland Business Analyst Support Analyst/Programmers for Home Services systems Roles in Basingstoke, England Analyst/Programmers for Energy Sales systems with C#.Net or PL/SQL skills Roles in Havant, England Project Managers Business Analysts Senior Analyst/Programmers with ORACLE skills Analyst/Programmers with ORACLE skills Analyst/Programmers with ORACLE E Business Suite skills Lead Systems Designers IT Security Engineers Database Administrators (DBAs) ORACLE or SQL Server skills ...
I spent some time playing with the security and Work Item Templates in TFS in an attempt to figure out how the "Assign To:" property works. The Work Item Template allows you to edit the Suggested Values property of this field. Here is what I found: <FIELD name="Assigned To" refname="System.AssignedTo" type="String" reportable="dimension"> <SUGGESTEDVALUES> <LISTITEM value="[Project ]\Contributors" /> </SUGGESTEDVALUES> </FIELD> Displays in the dropdown: All users in ...
The Membership API is new to ASP.NET 2.0. It provides you with a full-fledged infrastructure for managing and authenticating users of your applications. ASP.NET 2.0 shipped two Membership providers, SQL Server and Active Directory. While plenty of articles and blog posts have been published on how to use the SQL Server Membership provider, very few have been done for the Active Directory Membership provider. I was recently leading an enterprise web site project that required the Active Directory ...
Don't be scared o thef Universal Print Driver! Printing is the biggest pain for most XenApp (formerly Presentation Server) administrators. My friends, don’t be afraid of the Universal Print Driver (UPD). Sure, there might be limitations to the UPD. However if you are running PS 4.0 or 4.5 there are few cases where you would need to install native drivers and 3rd party drivers. CITRIX METAFRAME XP (Universal Print Driver) · black and white printing · no advanced functions CITRIX METAFRAME PRESENTATION ...
I have been working lately with a big group of fellow developers here in SilverKey on the architecture and design of a relatively big project that required much services and messaging work. We thought that we should implement our public services the REST way using WCF for .NET 3.5, with so many customizations, and that we'll use a library called nServiceBus for internal messaging. Mohammed Nour wrote a little about thinking in REST. nServiceBus is a framework for handling publisher/subscriber (pub/sub) ...
I would NOT have made it through the day if it hadn't been for this page. I am setting up a little application-ette to allow us to use our Active Directory as the single point of contact for employee information (Phone List, HR, etc). and using Active Directory for a role management provider is no joke, especially if your development box is Windows XP. Definitely take a look at the article if you need to use Active Directory as your roles manager source in an ASP.NET app. ~L ...
The Enterprise Library 4 CTP and the feature list can be found at the Codeplex Home page. General Features of Entlib 4 (Excerpt from Release Notes) · Enterprise Library 4.0 takes advantage of the improved features in the .NET WMI 2.0 API to provide update capability for configuration exposed through the Manageable Configuration Source. Objects defined in the Enterprise Library configuration, such as databases, trace listeners, and cache backing stores, are exposed through WMI as a set of classes ...
I have a small page I need to write for my company to list all empoyees. This in effect becomes the in-house phone roster. Makes sense, right? I though it'd be no problem. I know I can manipulate AD from an ASP.NET page, so I'll put together this app no problems. OK, my hubris got the best of me. I queried the AD Directory service no problem: DirectoryEntry server = new DirectoryEntry(); DirectorySearcher searcher = new DirectorySearcher(); searcher.SearchRoot = server; searcher.SearchScope = SearchScope.Subtree; ...
So I wanted to try DelivePoint from Barracuda Tools and I was a bit disappointed. I was expecting this tool to map out the Active Directory Groups for each site with the type of permissions plus tell me what lists and libraries had a break in permissions and what groups were associated. When I tried to view the permissions for a given site it only allowed me to choose site collection administrators, full control, designer, and readers. There was no option to view any custom permissions, contributors ...
Well kids if you did not know about this little known bug now you do. Even if you email enable your active directory group, then SharePoint may still not send alerts. I have no idea why this problem occurs. If you search for that AD Group, then you will notice no e-mail address will show up for that group even if it has an address attached...Well I did some googling and I found this beautiful article: http://blog.gavin-adams.com... Basically, ...
I found this nugget of a tool today. I haven't tried it out yet, but it sounds like one terrific tool. http://www.microsoft.com/do... The SQL Server Management Pack monitors the availability and performance of SQL Server 2000 and 2005 and can issue alerts for configuration problems. Availability and performance monitoring is done using synthetic transactions. In addition, the Management Pack collects Event Log alerts ...
*Moved to: What the 0x80072020?I have found a small bug (as in, "Not working as expected!") in the new .NET 3.5 PrincipalContext classes. When you are running on an ASP.NET site in impersonation mode you cannot retrieve information from active directory without the following error: System.Runtime.InteropServi... (0x80072020): An operations error occurred. at System.DirectoryServices.Di... throwIfFail) at System.DirectoryServices.Di... at System.DirectoryServices.Di... ...
So with the release of Windows Server 2008 I was really looking forward to some post or announcement from Microsoft with regards to the availability of native Active Directory management tools that can be installed on Windows Vista SP1 without any mods, kludges or scripts. You know, they just work out of the box. Like the good ‘ol days when you copied adminpak.msi from Windows Server 2003 over to Windows XP. Now that I am running Windows Server 2008 as a workstation I don't necessarily have to worry ...
Some Microsofties are starting to offer TechNet Briefings in Second Life at the Microsoft Ampitheatre. Michael Murphy has the straight scoop at his blog. Personally, I would like to see more of this type of thing. It add an interesting twist to keep the community engaged over the typical mass-Live Meeting webinar. Those are only a step-up from reading a book. Now and again, you will get an exceptional presenter that engages you or a fantastic demo. I tried Second Life once and found it hard to pick ...
*Moved to: Loss of My.User.Name is not that bad...Imports System.DirectoryServices.Ac... In WPF development you can't just use the "My.User.Name" classes as it is not set by default. If you still want to use it you can "My.User.InitializeWithWind... to have it setup, but there is a better way. If you are using Active Directory .Net 3.5 has provided a new way to access information...Read more...Follow my new blog on http://blog.hinshelwood.com ...
*Moved to: Kerberos and SharePoint 2007If you want to use Kerberos authentication and not NTLM with SharePoint then there are some extra tasks that you need to get someone with Domain Admin privileges to perform. For EVERY dns / port combination a SPN needs to be added to Active Directory to tell it that it is allowed to use Kerberos to authenticate a specific account or server to that URL. In a production environment with a farm of multiple server you will need to use the account option. The account ...
I have recently been introduced to a company called PostPath. They are a new technology company that have created a Linux-based alternative to Microsoft's Exchange. Their proposition is that Microsoft Outlook is the killer application. As long as users can run Outlook and have all the features and functionality that they are used to, it shouldn't matter what is serving it up on the back end. And if that back end can run on cheaper hardware and storage with a highly-flexible open source OS, all the ...
*Moved to: Removing ACL's for dead AD accounts I have run into a very vexing problem with one of my applications. I was asked to provide an application that would fin all of the permissions set against Active Directory accounts that have been since removed. These normally show up in the permissions dialogs for folders as the full SID of the account as there is no longer nay way to look it up in Active Directory. I have written a nice little threaded application that lets you select a folder and it ...
Just before Christmas it was annouced that both ILog and SOA Software had joined the Microsoft BPM Alliance. SOA software will provide SOA and BPM governance software and ILog adds Business rules management. Excerpt from SOA Software's press release: "SOA Software works with Microsoft products including BizTalk Server 2006 R2, .NET 3.0, Windows Workflow Foundation, SQL Server 2005, 2007 Office System, Microsoft Office SharePoint Server 2007, IIS, Visual Studio, Team Foundation Server, Active Directory ...
Ran into a need to connect up to Active Directory from an ASP.NET app at work today...found this article and wanted to post it up as reference. http://msdn2.microsoft.com/... Technorati Tags: ASP.NET Active Directory,Active Directory ...
We got an error yesterday that I'd not seen before, when publishing two separate packages. Both of them were created by Visual Studio 2008 instead of our typical Wise/InstallShield packages. The error was "No package in the software installation data in the Active Directory meets this criteria.". A web search found nothing useful on this error; I'd started digging into it to maybe be the first to provide something on it -- but during troubleshooting both packages were published without error. MSI ...
*Moved to: Identity crisisI am having a look at Microsoft's Identity Lifecycle Manager 2007 as a solution to our disparate user identity problem. Some of the bigger companies out there have solved this problem, and in many of the smaller companies it just does not exist, but we have many system that hold meta data about our employees. From HR systems to Active Directory and custom web based address books. Because of Aggreko's unprecedented growth these systems have outgrown our capacity to maintain ...
I had some more fun with the old Windows 2000 server today. When we got the new Windows 2003 server we tried to join it to the current domain just to the get the users and security permissions all taken care of. There was an extra issue involved though. All of the programming done in MS Access, and who knows how many other C# applications had a hard coded path to the server name and sometimes the IP Address. So I decided the best course of action was to swap out the servers and then re-join the old ...
*Moved to: AD Update-O-MaticIn my quest to play with test VB 9.0 and it very cool features I created a little application to update Active Directory. I was asked by my boss (Andre) to get some sense of order into Active Directory for the users that will be involved in the proof of concept for MOSS 2007. So I immediately thought of an application to automate this. The idea was to pull the information from AD for the selected users into a database and then make all the changes that are required there ...
Judging by my limited experiences with Vista the "security" sounds like it might be a case of how much security you need to turn off until your Server actually communicates with the other devices and runs the Applications correctly? Other than that I'm looking forward to seeing just how much can be accomplished with Power Shell, it's certainly got my Brother excited ;-) 10 things to consider when making a Windows Server 2008 upgrade decision Windows Server 2008 is expected to officially launch in ...
I recently needed to do a little analysis of some of our BizTalk implementations and needed to get some information from the IIS logs to help me. I read a little about the Log Parser tool and this post will provide a little about how it helped. Log Parser is a tool which allows you to use a SQL like syntax to parse various types of log files. This can be very useful when looking at a BizTalk environment and you want to be able to interogate a significant amount of logging information. Log Parser ...
Thanks to James McGovern for the original posting of these statistics. Thank you Microsoft for the transparency. Microsoft internal IT: 600k connected devices 10,000 Servers 3 Datacenters 1 operations center 11% is virtualized in Microsoft Datacenters 330 of 385 servers run Windows Server 2008 (RC0) plus all 85 Microsoft.com servers 11 clustered systems 30,000 users in Redmond domain (50,000 with vendors) NAP reporting 140K clients, 90 clients deferred mode The Redmond Active Directory domain is ...
A Microsoft Office SharePoint Server 2007 (MOSS) production environment is designed according to projected load, usage pattern, services, content volume and growth projections. There is a lot of information that has been published by Microsoft and others on these topics, but i recently had a need to summarize this for a client, so here are hardware and server sizing guidelines for MOSS - brief, to the point and all in one place. Virtualized deployments will be covered in a follow-up post. Guidelines ...
So I finally received the server I ordered for work. It came in, I got it all set up and ready to join it to the domain. So I ran the active directory wizard. It told me that the server I was trying to connect to wasn't prepared for a 2003 server and I needed to run the adprep.exe tool. So, obviously I remembered doing this before and I new it was in the I386 folder on the OS disc. So I went to the old server, ran the tool with adprep.exe /forestprep and then I ran adprep.exe /domainprep. Everything ...
This is the Close Combat Tactical Trainer (CCTT), also known as the Army's $70Million+ Training Facility. I like to call it an expensive video game (and it needs an update)! It is used for combat training, but we modify it for use for convoy tracking. In these pictures you will see the facility with big white boxes. Those are pods (or vehicle simulators). Inside the pods that you will see are what it looks like in the actual vehicles! What I believe I have included is both the Bradley (M2A2) and ...
So…. Question? Would I use TS/Citrix or would I use VDI if I was building or designing the Front-Office of a Greenfield site today? This is a quite a hot topic, because as much as VDI/xDI/DDI is the latest craze that’s sweeping the IT sector, is it really all it’s cracked up to be? What has changed? My thoughts are that until relatively recently Corporate IT was rock solid and unchangeable, absolutely rooted in Change Management, driving Mainframes and COBOL – but now we are living in a much faster ...
This is the question I asked myself today, just to see what kind of answer I would give myself. These are the kinds of questions I've had time to ask myself wince surgery (02JUL07) to correct a hernia and a problem with my Ileostomy. It's weird, I, like millions of other people, get up every morning, drink my coffee and read my RSS feeds (Hey what can I say, I'm a geek) then head of to work. And like so many others I never stop to ask myself questions like this one, mainly because I really don't ...
By default Office SharePoint Server 2007 imports all profiles from the Active Directory Database. This presents an issue for some companies (mine in particular ;)). After doing some searching I found an older article by Michael Bollhoefer. He tipped me off to the following LDAP filter which worked beautifully, and after running a full profile import and reindexing our SharePoint Search those old Inactive profiles were gone from the Database and the search. (&(objectCategory=perso... ...
Well looks like I'll have to add "download Server 2008 and install in VMware (oops. Virtual Server)" to my ToDo list? ;-) A closer look at Session Broker load balancing in Windows Server 2008 In Technical Articles Notice: This article was written based on the Beta 3 release of Windows Server 2008. Features and facts about the Session Broker Load Balancing therefore could be subject to change as Windows Server 2008 moves towards RTM. You should be aware of this! Session Directory versus Session Broker ...
Hmm.....I have a very under utilised Blog. Very sad indeed. Not sure if that's because I have nothing to say or I am just too lazy to put it up. Probably the latter. Anyways, I attended a Windows Server 2008 Technical Readiness event yesterday in Melbourne. As I was too busy in the past, I never had a chance to look into what new goodies Windows Server 2008 will bring, so I thought this would be a good opportunity to find out more. Surprisingly, the session was quite informative and did not turn ...
Daniel Moth has an excellent post that explains what makes up the .NET Framework 3.5. This post also sparked a very good discussion on The Code Project. There are two elements that make up version 3.5 of the Framework: the "green bits" and the "red bits". This model is aimed at minimizing the impact of delivering new features and functionality. The red bits are those parts of the Framework that exist in release today, which include the .NET Framework 2.0 and 3.0 releases. The green bits are brand ...
*Moved to: Benefits of remote access for Team SystemRemote access for Team Server is about disparate teams. This means that you can use those cheep contractors in eastern Europe without needing to give them a small project because of the difficulties in integrating their work. Essentially you use SSL with Active Directory to secure the services and sites while giving them controlled access to the system. Read more...Follow my new blog on http://blog.hinshelwood.com ...
I found it hard to find a definitive list on the internet for what ports needed opening for Active Directory to replication between Firewalls. Here are my findings and all is working so, hope this helps someone else. TCP UDP ICMP RDP Remote Desktop 3389 DNS DNS Download 53 DNS Queries 53 WINS Replication WINS 42 WINS 42 ICMP echo-request 8 info-request 15 mast request 17 timestamp 13 NetBIOS Services Name Resolution Service 137 137 Datagram Services (Browsing) 138 Session Service (net use) 139 SMB ...
According to eWeek, Microsoft will release the third beta, which is also the first pubic beta, for Windows Server "Longhorn" today. So far, Longhorn remains on track for RTM in the second half of 2007. More than 10,000 people have already tested the product either directly through Microsoft's technical beta program or through Community Technology Previews through TechNet or MSDN subscriptions. Windows Server "Longhorn" will build on the improvements made in Windows Server 2003 R2, and add the ability ...
Many of us have probably dabbled in setting up our own domain and forest for development purposes. For me - a domain is a must - I have my development environment that is heavily used to model development projects for clents - and I have my family - me, my wife, and 7 children with their own computers. So, we have a fairly detailed setup on the home front - but the following applies to ANY environment in which your primary domain controller gives up the ghost - and you do not have an image backup ...
Just wanted to note down some really useful (and Free) Active Directory Tools that I've come across in the field over the last few weeks: Have looksy and add to the list if you can think of more, but I would consider these 'must haves' in the Active Directory consulting world. • Setspn Syntax *For those double-hop Kerboros authentication scenarios between SQL and IIS. • Replmon • Repadmin • Movetree.exe • Ldp • Dsastat • Clonepr • Adsiedit • Acldiag • Xcacls • Sidwkr.dll (Sidwalker Security Administration ...
I wanted a simple way to display all the locked out users on my domain. So I created this simple query to do so. To use this:: 1. Open Active Directory Users and Computer. 2. Right click on "Saved Queries" 3. Select " New " - > "Query" 4. Select " Define Query " 5. In the find box select " Custom Query ". 6. Select the " Advance " Tab. 7. Paste the following code in: (objectCategory=Person)(obj... 8. Give ...
Just did a John Craddock 2-Day Intensive Seminar on "Security Active Directory Access" at the Novotel in London. Four Words: What an amazing event! To see Craddock peel the layers behind Microsoft's Premier Directory Services was absolutely incredible. If you think you know Active Directory Services, do this course with John. He and and his colleague Sally Storey are very talented presenters in tune with demands of the market place and delivering secure, stable technologies geared towards the ENTERPRISE. ...
I found my more detailed notes on the package flags. A couple of corrections: The flag “524288” specifically tells whether an app is published or assigned – it’s set for assigned, unset for published. 8 is typically set for published apps and cleared for assigned. I promised code. private void SearchAD(string target, string policy, string policyname) { DirectoryEntry entry = null; try { entry = new DirectoryEntry(policy); } catch (COMException Ex) { toolStripStatusLabel1.Text = "Couldn't connect ...
Sorry about the delay. Last time I dug into the SYSVOL portion of app distribution via Group Policy. This time, the Active Directory side. I'm sure you already know that the net result of GP distribution is that if the user is in the appropriate group, the app appears in Add/Remove programs. The file on the Sysvol is important -- we've seen cases where for some reason the .AAS file disappeared; when it did, the app stopped appearing in Add/Remove Programs. The other half is, of course, in Active ...
Have put together some tips on Clustering VMWare Server, have a look, hope it helps... Clustering VMWare: Virtual Machines Clusters Objective: To build two virtual machines that will be highly available Clustered nodes. Purpose: To test and build applications that use the clustered resource. NOTES: (1) Virtual machines have always the same hardware, they don't depend from the HOST hardware type and for the same reasons you can save, move and load a virtual machine anywhere where VMWare is installed. ...
Kyle and I are running into a small problem with Team Foundation Server when it comes to assigning tasks. In a typical software development company, a Project Manager receives a bug or feature request. He then assigns associated tasks to his developers. Once the developer is finished, the task is re-assigned to the PM for review. At EnGraph, things are a bit more collaborative. Partly because of our size, but also because we like to manage support and development from a team perspective. Back to ...
When migrating our TFS from a workgroup based install to Active Directory, we got a couple errors when running Team Build. Access to the path 'C:\...BuildLog.txt' is denied To fix this error, I simply deleted the root Team Project folders in Windows Explorer and re-ran the build. The build then recreated the folders. You may have to run the builds in a specific order if your solutions reference assemblies that live in these folders. The other error occurred after a build started: TF42004: Team Build ...
Moving our TFS Server to Active Directory wasn't that bad. I followed these instructions from MSDN. They are meant for people moving from one domain to another. But the steps worked for moving from a TFS workgroup based install to a domain based install. All of the tasks that were assigned to Kyle or myself were migrated over to our new domain usernames and using this handy permissions tool, I was able to get all of our permissions set correctly. The only problem is initiating a build. When I right ...