Active Directory Cookbook Blog

NetPro Announces ChangeManager & SecurityManager 

"NetPro Computing, Inc., a leading provider of distributed services management software, today announced that it will build on its Active Directory solution set with two powerful new solutions for Active Directory change management, security and compliance. ChangeManager for Active Directory enforces change policies to drive the compliancy, security and control of Active Directory, while SecurityManager for Active Directory provides real-time notification of Active Directory security vulnerabilities and provides comprehensive best practices for maintaining a secure directory environment."
Continue at source...

# posted by Robbie (10/25/2004 09:49:10 PM)

Windows IT Pro Announces Launch of the First-Ever IT Prolympics 

The folks over at Windows IT Pro magazine are holdingthe First-Ever IT Prolympics. I love the concept. I wish there were more venues for IT professionals to flex their intellectual muscles.

# posted by Robbie (10/25/2004 09:34:11 PM)

NetPro Announces Fourth Annual Directory Experts Conference 

Netpro is hosting the Fourth Annual Directory Experts Conference in March. I was invited to speak, but I'm going to be too busy attending graduate school at MIT. It will be the first DEC I've missed. Regardless, I'm sure Gil and company will put on a great show and already have a great set of speakers lined up.

# posted by Robbie (10/25/2004 09:18:53 PM)

Whitepaper: Working with Active Directory Permissions in Exchange Server 2003 

"This guide is written for Microsoft Exchange architects and Active Directory directory service deployment planners. It provides these administrators with the information that they need to understand the permissions that are required to install and manage Exchange. Additionally, architects and planners can use the information provided about the split permission model to develop a detailed permissions strategy that fits the administration model of their organization."

# posted by Robbie (10/15/2004 12:00:48 AM)

Deleting from the schema 

Mark Minasi is asking Microsoft to add the ability to delete from the schema in Longhorn server. I reported back in 2002 that you actually could delete from the schema in pre-SP2 W2K AD via a very simple (previously undocumented) procedure. Unfortunately, MS discovered the "workaround" I documented and disabled it in SP3 and later.

Deleting from the schema is a useful feature in a couple of situations. First, when you are testing new classes or attributes, you can test the extension process only once per forest. So if you want to make changes to the extensions or re-apply them, you have to do it in another forest. That is why I adopted the use of VMWare early on to test schema extensions. Instead of creating separate forests, I'd just roll-back my AD VMWare image and re-test. Not ideal, but workable. The second situation schema deletes are useful is in production environments. What happens if you extend the schema for a third-party product or perhaps for your own use and later decide you no longer need those extensions? Today you are stuck with them. Sure, you can "deactivate" them, but ultimately they are still in the schema.

The reason MS hasn't allowed this feature is because deleting from the schema in a distributed database is much more difficult than deleting from the schema in a single-master database. What happens if you delete a class or attribute that is currently in use? It is very difficult in a distributed database to guarantee that a class or attribute is not being used and therefore safe to delete. But we are all grown-ups, I think with sufficient precautions and warnings in place, MS could let people delete from the schema without much concern. And there are checks they could put in place to reduce the chance of a mistaken deletion.

# posted by Robbie (10/10/2004 11:25:32 PM)

Article: Active Directory to Ease Use of Technology on Bentley Campus 

"'Bentley migrated to Active Directory 2003 for several reasons. Some of the major highlights are - a more secure computing environment for the Bentley community, better integration and utilization of features available in newer technology, seamless connectivity to the wireless networks, and maintaining Bentley's commitment to a state-of-the-art environment,' said Jonathan Everett, the Director of Client Services." Contue at source.

# posted by Robbie (10/10/2004 10:30:17 PM)

Article: Understanding mixed and native modes in Windows Server 2003 

"Windows 2000 Server introduced two Active Directory modes, mixed and native, to support different deployment scenarios. Mixed mode provides backwards compatibility for Windows NT domains, while native mode provides expanded Windows 2000 functionality. Windows Server 2003 adds two additional modes, Windows Server 2003 interim and Windows Server 2003, giving you four modes from which to choose when deploying Windows Server 2003 Active Directory. In this Daily Feature, I'll explain each of these modes and the implications and uses for each." Continue at source.

# posted by Robbie (10/10/2004 10:27:10 PM)

This page is powered by Blogger. Isn't yours?