joeware - never stop exploring... :)

A pretty common issue out there in the real world is an error of something like “There are multiple accounts with name XXX/YYYYYYYYYY of type DS_SERVICE_PRINCIPAL_NAME” or maybe that last bit is “of type 10” floating about. The general guidance is to find the objects with the same SPNs and clean all but one of […]

I was recently pinged by a friend who had some consultants in at his company and the consultants I guess were going on about how the domain is the security boundary and it is perfectly safe/acceptable to have a bunch of child domains that are run by disparate groups of admins. THIS IS INCORRECT! It […]

Someone on ActiveDir Org (and actually the umich LDAP list) were asking about putting multivalued manager info into AD for dotted line reports. Active Directory’s manager attribute is single valued so this won’t work. You get one manager, have a nice day. 🙂 Well this someone wants MSFT to add this to their schema, it […]

Back in May of last year I mentioned that Longhorn RODCs would have an issue with updating lastLogonTimeStamp. This was indeed the case at the time. I just wanted to revisit the topic and say that the DS team at MSFT realized that was a serious problem and put in some special functionality into Windows […]

http://computerworld.co.nz/news.nsf/tech/99A7774F067EA284CC257474007C0076   Hewlett-Packard is working with Fusion-io to adapt the start-up’s high-performance, solid-state input/output storage technology to HP’s enterprise servers to improve their data access performance and energy efficiency. … “With our ioMemory architecture, we’re getting more than 200,000 IOPS within HP BladeSystem c-Class server blades today,” says Don Basile, Fusion-io’s chief executive officer. “So, […]

A friend of mine pinged me recently and asked … can you think of way of determining with certainty that a DC was IFM promoted or not based on its DIT (logs are say long since retired) I thought about this a moment,  furrowed my brow for another moment and then started down the path […]

Wow I went looking and actually found the SLIQ Major MUD scripts I talked about in the last post. Or at least I think I found most of them, even then I broke the stuff up into multiple files and modules. I was poking around in one piece and found this section which was one […]

So I am working on Active Roles Server (ARS for now on…) and ran into a little issue that had me thinking for a little bit… The thing was that I needed to auto-generate the user name and it needed to be [LASTNAME],[SPACE][FIRSTNAME][SPACE][INITIALS] So for example, say I have John Q. Public the name attribute […]

So you will recall my previous post on AdFind and PowerShell using S.DS.Protocols… If you read activedir.org you will know that I realized some odd things occurred… I didn’t want to post back here until I had some more understanding of what is going on but now almost 2 weeks later I still haven’t a […]

So Brandon stepped up and did something I didn’t think anyone would step up and do… Start profiling and comparing the performance of PowerShell and .NET DS Protocols against a native App using the wldap32 LDAP library[1]. Brandon’s first blog entry on the topic is here – http://bsonposh.com/archives/325 While I am going to question Brandon’s […]