Free tool : Find out where your AD Users are logged on into
Hi, I decided to release another free utility I wrote a while ago. This small command-line utility can be used to find out where Active Directory users are logged on into, and/or to find out who is logged on on specific machines. This should include local users, users that are logged in via RDP, user […]
Juniper ScreenOS Admin authentication using Windows based IAS (Radius)
On popular request, this is a quick write-up on how to set up a Juniper screenOS firewall to use an external Radius server (I’ll use Windows IAS) to authenticate administrators and to let the Radius server to assign admin privileges (read-only or read-write) First, you will need to set up an dedicated external Authentication server […]
Exchange 2007 – Multi Account Domain to Single Resource Forest replication with IIFP and custom Rules Extension
Introduction The title of this post may be a bit misleading – synchronizing multiple account domains to a single domain or forest is not limited to Exchange. There may be other reasons (e.g. Identity Management solution) that require you to replicate users from multiple domains into a single domain/forest, or even ADAM instance. In this […]
Merging & Syncing multiple Active Directory databases into one ADAM instance
Keywords : ldap authentication multiple domains combine adam adamsync adschemaanalyzer ldap proxy chain ldifde MS-ADAMSyncconf.xml MS-AdamSyncMetadata.ldf MS-ADAMSchemaW2K3.ldf Object Violation Naming Violation Ldap error occured. ldap_add_sW: Object Class Violation. Case definition : 2 AD domains, containing user accounts. One of the domains is a 2003 based domain and has the R2 + Exchange 2003 + Exchange […]
Windows 2008 PKI / Certificate Authority (AD CS) basics
Keywords : Windows 2008 PKI Certificate Authority certutil certreq template root CA Enterprise CA convert pfx to pem generate custom certificate request subject alternate name san attribute Today’s blog post targets the deployment of a Windows 2008 server based Certificate Authority (AD CS) and will discuss some common scenario’s where certificates are used / required. […]
Securing Windows Server 2008 and Active Directory
According to Microsoft, Windows Server 2008 is the most secure Windows server version ever. Windows 2008 does include many features that will help increase overall security of the OS, or assist you with securing AD, the network, etc. Most of the features/roles available in Windows 2008 are not being installed in a default installation of […]
Free tool – PVE Active Directory Disable Users
Every admin knows by now that using Active Directory as the central authentication database allows for a lot of possibilities in terms of user account and security management. Keeping internal as well as external users in one and the same AD might be a good idea if you have a lot of external people (partners, […]
Using Active Directory and IAS based Radius for Netscreen WebAuth authentication
As most of the bigger players in the firewall market, Juniper/Netscreen SreenOS based firewalls allow you to use/enforce/require authentication for various reasons : Admin login Client VPN Authentication to open a specific rule on the firewall In a default configuration, ScreenOS uses a local user account database for all types of authentication listed above. In […]
How to properly restore (objects in) the 2003 AD database
Windows 2000 /Active Directory has been around for more than 7 years now. I’ve been using AD for almost 7 years, and due to its stability, I never had to recover a deleted object in AD. (Knock on wood). So it’s not a real surprise to find out that a lot of admins don’t even […]
Performing AD Schema Updates in a safe way
Updating from 2003 to 2003 R2 & implementing Exchange are 2 common administrative tasks which both require a schema update. Since I’ve mentioned “updating from 2003 to 2003 R2”, I’ll take the opportunity to add some “notes from the field” to this blog post, which will increase success rate of the update and limit the […]
Donate
Your donation will help funding server hosting.
