Tag | Active Directory Posts

Classes the week of July 21 at New Horizons of MN New Horizons of MN, located in Edina MN, has the following classes running next week. Most classes are offered either as a public class here at our facility or as a remote class, which is the same instructor led class, but instead of coming in to our office, you take the class from anywhere. For more information on what remote learning is, please visit http://www.nhmn.com/Service... IT Courses 1456AI Citrix Access Suite 4.0: Build/Test ...
There are 3 seminars this week: SharePoint Server 2007: Connecting People Process and Information - Tuesday morning How I Became a Software Quality Muscle Man - Tuesday afternoon Server 2008 Active Directory Services and Your Infrastructure (Windows Server 2008 - What's new?) - Wednesday morning Details Below for each one: SharePoint Server 2007: Connecting People, Process and Information Date:Tuesday, June 24, 2008 from 9-11:30am Registration Link: http://www.nhmn.com/Courses... ...
Server 2008 Active Directory Services and your Infrastructure When: June 25, 2008 Time: 9:00 - 11:30 Location: New Horizons of MN Registration Link: http://www.nhmn.com/Courses... Seminar overview: Windows Server 2008 introduces a number of new features that are designed to streamline the role of the Active Directory in your environment, as well as promote a dramatic change in the idea of Branch Office Optimization. Traditionally a Domain Controller has been a fairly heavy ...
Server 2008 Active Directory Services and Your Infrastructure - Windows Server 2008 - What's new? Registration Link: http://www.nhmn.com/Courses... Date: June 25 Time: 9am-11am Location: New Horizons of MN Seminar Room - 4510 W 77th St Suite 210 Edina MN Class Overview Windows Server 2008 introduces a number of new features that are designed to streamline the role of the Active Directory in your environment, as well as promote a dramatic change in the idea of Branch Office ...
Roles in Perth, Scotland Business Analyst Support Analyst/Programmers for Home Services systems Roles in Basingstoke, England Analyst/Programmers for Energy Sales systems with C#.Net or PL/SQL skills Roles in Havant, England Project Managers Business Analysts Senior Analyst/Programmers with ORACLE skills Analyst/Programmers with ORACLE skills Analyst/Programmers with ORACLE E Business Suite skills Lead Systems Designers IT Security Engineers Database Administrators (DBAs) ORACLE or SQL Server skills ...
I spent some time playing with the security and Work Item Templates in TFS in an attempt to figure out how the "Assign To:" property works. The Work Item Template allows you to edit the Suggested Values property of this field. Here is what I found: <FIELD name="Assigned To" refname="System.AssignedTo" type="String" reportable="dimension"> <SUGGESTEDVALUES> <LISTITEM value="[Project ]\Contributors" /> </SUGGESTEDVALUES> </FIELD> Displays in the dropdown: All users in ...
The Membership API is new to ASP.NET 2.0. It provides you with a full-fledged infrastructure for managing and authenticating users of your applications. ASP.NET 2.0 shipped two Membership providers, SQL Server and Active Directory. While plenty of articles and blog posts have been published on how to use the SQL Server Membership provider, very few have been done for the Active Directory Membership provider. I was recently leading an enterprise web site project that required the Active Directory ...
Don't be scared o thef Universal Print Driver! Printing is the biggest pain for most XenApp (formerly Presentation Server) administrators. My friends, don’t be afraid of the Universal Print Driver (UPD). Sure, there might be limitations to the UPD. However if you are running PS 4.0 or 4.5 there are few cases where you would need to install native drivers and 3rd party drivers. CITRIX METAFRAME XP (Universal Print Driver) · black and white printing · no advanced functions CITRIX METAFRAME PRESENTATION ...
I have been working lately with a big group of fellow developers here in SilverKey on the architecture and design of a relatively big project that required much services and messaging work. We thought that we should implement our public services the REST way using WCF for .NET 3.5, with so many customizations, and that we'll use a library called nServiceBus for internal messaging. Mohammed Nour wrote a little about thinking in REST. nServiceBus is a framework for handling publisher/subscriber (pub/sub) ...
I would NOT have made it through the day if it hadn't been for this page. I am setting up a little application-ette to allow us to use our Active Directory as the single point of contact for employee information (Phone List, HR, etc). and using Active Directory for a role management provider is no joke, especially if your development box is Windows XP. Definitely take a look at the article if you need to use Active Directory as your roles manager source in an ASP.NET app. ~L ...
The Enterprise Library 4 CTP and the feature list can be found at the Codeplex Home page. General Features of Entlib 4 (Excerpt from Release Notes) · Enterprise Library 4.0 takes advantage of the improved features in the .NET WMI 2.0 API to provide update capability for configuration exposed through the Manageable Configuration Source. Objects defined in the Enterprise Library configuration, such as databases, trace listeners, and cache backing stores, are exposed through WMI as a set of classes ...
I have a small page I need to write for my company to list all empoyees. This in effect becomes the in-house phone roster. Makes sense, right? I though it'd be no problem. I know I can manipulate AD from an ASP.NET page, so I'll put together this app no problems. OK, my hubris got the best of me. I queried the AD Directory service no problem: DirectoryEntry server = new DirectoryEntry(); DirectorySearcher searcher = new DirectorySearcher(); searcher.SearchRoot = server; searcher.SearchScope = SearchScope.Subtree; ...
So I wanted to try DelivePoint from Barracuda Tools and I was a bit disappointed. I was expecting this tool to map out the Active Directory Groups for each site with the type of permissions plus tell me what lists and libraries had a break in permissions and what groups were associated. When I tried to view the permissions for a given site it only allowed me to choose site collection administrators, full control, designer, and readers. There was no option to view any custom permissions, contributors ...
Well kids if you did not know about this little known bug now you do. Even if you email enable your active directory group, then SharePoint may still not send alerts. I have no idea why this problem occurs. If you search for that AD Group, then you will notice no e-mail address will show up for that group even if it has an address attached...Well I did some googling and I found this beautiful article: http://blog.gavin-adams.com... Basically, ...
I found this nugget of a tool today. I haven't tried it out yet, but it sounds like one terrific tool. http://www.microsoft.com/do... The SQL Server Management Pack monitors the availability and performance of SQL Server 2000 and 2005 and can issue alerts for configuration problems. Availability and performance monitoring is done using synthetic transactions. In addition, the Management Pack collects Event Log alerts ...
*Moved to: What the 0x80072020?I have found a small bug (as in, "Not working as expected!") in the new .NET 3.5 PrincipalContext classes. When you are running on an ASP.NET site in impersonation mode you cannot retrieve information from active directory without the following error: System.Runtime.InteropServi... (0x80072020): An operations error occurred. at System.DirectoryServices.Di... throwIfFail) at System.DirectoryServices.Di... at System.DirectoryServices.Di... ...
So with the release of Windows Server 2008 I was really looking forward to some post or announcement from Microsoft with regards to the availability of native Active Directory management tools that can be installed on Windows Vista SP1 without any mods, kludges or scripts. You know, they just work out of the box. Like the good ‘ol days when you copied adminpak.msi from Windows Server 2003 over to Windows XP. Now that I am running Windows Server 2008 as a workstation I don't necessarily have to worry ...
Some Microsofties are starting to offer TechNet Briefings in Second Life at the Microsoft Ampitheatre. Michael Murphy has the straight scoop at his blog. Personally, I would like to see more of this type of thing. It add an interesting twist to keep the community engaged over the typical mass-Live Meeting webinar. Those are only a step-up from reading a book. Now and again, you will get an exceptional presenter that engages you or a fantastic demo. I tried Second Life once and found it hard to pick ...
*Moved to: Loss of My.User.Name is not that bad...Imports System.DirectoryServices.Ac... In WPF development you can't just use the "My.User.Name" classes as it is not set by default. If you still want to use it you can "My.User.InitializeWithWind... to have it setup, but there is a better way. If you are using Active Directory .Net 3.5 has provided a new way to access information...Read more...Follow my new blog on http://blog.hinshelwood.com ...
*Moved to: Kerberos and SharePoint 2007If you want to use Kerberos authentication and not NTLM with SharePoint then there are some extra tasks that you need to get someone with Domain Admin privileges to perform. For EVERY dns / port combination a SPN needs to be added to Active Directory to tell it that it is allowed to use Kerberos to authenticate a specific account or server to that URL. In a production environment with a farm of multiple server you will need to use the account option. The account ...
I have recently been introduced to a company called PostPath. They are a new technology company that have created a Linux-based alternative to Microsoft's Exchange. Their proposition is that Microsoft Outlook is the killer application. As long as users can run Outlook and have all the features and functionality that they are used to, it shouldn't matter what is serving it up on the back end. And if that back end can run on cheaper hardware and storage with a highly-flexible open source OS, all the ...
*Moved to: Removing ACL's for dead AD accounts I have run into a very vexing problem with one of my applications. I was asked to provide an application that would fin all of the permissions set against Active Directory accounts that have been since removed. These normally show up in the permissions dialogs for folders as the full SID of the account as there is no longer nay way to look it up in Active Directory. I have written a nice little threaded application that lets you select a folder and it ...
Just before Christmas it was annouced that both ILog and SOA Software had joined the Microsoft BPM Alliance. SOA software will provide SOA and BPM governance software and ILog adds Business rules management. Excerpt from SOA Software's press release: "SOA Software works with Microsoft products including BizTalk Server 2006 R2, .NET 3.0, Windows Workflow Foundation, SQL Server 2005, 2007 Office System, Microsoft Office SharePoint Server 2007, IIS, Visual Studio, Team Foundation Server, Active Directory ...
Ran into a need to connect up to Active Directory from an ASP.NET app at work today...found this article and wanted to post it up as reference. http://msdn2.microsoft.com/... Technorati Tags: ASP.NET Active Directory,Active Directory ...
We got an error yesterday that I'd not seen before, when publishing two separate packages. Both of them were created by Visual Studio 2008 instead of our typical Wise/InstallShield packages. The error was "No package in the software installation data in the Active Directory meets this criteria.". A web search found nothing useful on this error; I'd started digging into it to maybe be the first to provide something on it -- but during troubleshooting both packages were published without error. MSI ...
*Moved to: Identity crisisI am having a look at Microsoft's Identity Lifecycle Manager 2007 as a solution to our disparate user identity problem. Some of the bigger companies out there have solved this problem, and in many of the smaller companies it just does not exist, but we have many system that hold meta data about our employees. From HR systems to Active Directory and custom web based address books. Because of Aggreko's unprecedented growth these systems have outgrown our capacity to maintain ...
I had some more fun with the old Windows 2000 server today. When we got the new Windows 2003 server we tried to join it to the current domain just to the get the users and security permissions all taken care of. There was an extra issue involved though. All of the programming done in MS Access, and who knows how many other C# applications had a hard coded path to the server name and sometimes the IP Address. So I decided the best course of action was to swap out the servers and then re-join the old ...
*Moved to: AD Update-O-MaticIn my quest to play with test VB 9.0 and it very cool features I created a little application to update Active Directory. I was asked by my boss (Andre) to get some sense of order into Active Directory for the users that will be involved in the proof of concept for MOSS 2007. So I immediately thought of an application to automate this. The idea was to pull the information from AD for the selected users into a database and then make all the changes that are required there ...
Judging by my limited experiences with Vista the "security" sounds like it might be a case of how much security you need to turn off until your Server actually communicates with the other devices and runs the Applications correctly? Other than that I'm looking forward to seeing just how much can be accomplished with Power Shell, it's certainly got my Brother excited ;-) 10 things to consider when making a Windows Server 2008 upgrade decision Windows Server 2008 is expected to officially launch in ...
I recently needed to do a little analysis of some of our BizTalk implementations and needed to get some information from the IIS logs to help me. I read a little about the Log Parser tool and this post will provide a little about how it helped. Log Parser is a tool which allows you to use a SQL like syntax to parse various types of log files. This can be very useful when looking at a BizTalk environment and you want to be able to interogate a significant amount of logging information. Log Parser ...
Thanks to James McGovern for the original posting of these statistics. Thank you Microsoft for the transparency. Microsoft internal IT: 600k connected devices 10,000 Servers 3 Datacenters 1 operations center 11% is virtualized in Microsoft Datacenters 330 of 385 servers run Windows Server 2008 (RC0) plus all 85 Microsoft.com servers 11 clustered systems 30,000 users in Redmond domain (50,000 with vendors) NAP reporting 140K clients, 90 clients deferred mode The Redmond Active Directory domain is ...
A Microsoft Office SharePoint Server 2007 (MOSS) production environment is designed according to projected load, usage pattern, services, content volume and growth projections. There is a lot of information that has been published by Microsoft and others on these topics, but i recently had a need to summarize this for a client, so here are hardware and server sizing guidelines for MOSS - brief, to the point and all in one place. Virtualized deployments will be covered in a follow-up post. Guidelines ...
So I finally received the server I ordered for work. It came in, I got it all set up and ready to join it to the domain. So I ran the active directory wizard. It told me that the server I was trying to connect to wasn't prepared for a 2003 server and I needed to run the adprep.exe tool. So, obviously I remembered doing this before and I new it was in the I386 folder on the OS disc. So I went to the old server, ran the tool with adprep.exe /forestprep and then I ran adprep.exe /domainprep. Everything ...
This is the Close Combat Tactical Trainer (CCTT), also known as the Army's $70Million+ Training Facility. I like to call it an expensive video game (and it needs an update)! It is used for combat training, but we modify it for use for convoy tracking. In these pictures you will see the facility with big white boxes. Those are pods (or vehicle simulators). Inside the pods that you will see are what it looks like in the actual vehicles! What I believe I have included is both the Bradley (M2A2) and ...
The userAccountControl attribute is used to control the access of a user account. This value can be set to the bitwise OR of a set of flag values, documented here: Property flag Value in hexadecimal Value in decimal SCRIPT 0x0001 1 ACCOUNTDISABLE 0x0002 2 HOMEDIR_REQUIRED 0x0008 8 LOCKOUT 0x0010 16 PASSWD_NOTREQD 0x0020 32 PASSWD_CANT_CHANGE Note You cannot assign this permission by directly modifying the UserAccountControl attribute. For information about how to set the permission programmatically, ...
PS C:\> get-ldap -server testboy -cred $mycred -dn dc=JUNGLE -searchscope wholesubtree -search "(&(objectclass=user)(o... Again, there's no need for dozens of LDAP cmdlets. The two LDAP cmdlets included in NetCmdlets, get-ldap and set-ldap, are all you need for most tasks. The above command shows how you would search for disabled user accounts with the get-ldap cmdlet. Technorati Tags: PowerShell, LDAP, Active directory, ...
So…. Question? Would I use TS/Citrix or would I use VDI if I was building or designing the Front-Office of a Greenfield site today? This is a quite a hot topic, because as much as VDI/xDI/DDI is the latest craze that’s sweeping the IT sector, is it really all it’s cracked up to be? What has changed? My thoughts are that until relatively recently Corporate IT was rock solid and unchangeable, absolutely rooted in Change Management, driving Mainframes and COBOL – but now we are living in a much faster ...
In my previous posts about LDAP group membership, I've talked about how to get a list of groups, how to search for a particular groups members, and how to search for what groups a particular user belongs to. Up next: how to change group membership. To add or remove a user from a group, you need to modify the "member" attribute of the group itself. To do this we'll use the set-ldap cmdlet of NetCmdlets. Add a user to a group: To add a user to a group, set the DN parameter of set-ldap to the DN of ...
In the last LDAP series post, I mentioned how to search for the members of a group. Now the opposite, here's how to search for what groups a particular user is a part of: To do this search, all I do is form a search filter that is searching for all groups that has a particular member in it. So really this is a slight alteration of the search for all groups. PS C:\> get-ldap -server testboy -cred $mycred -dn dc=JUNGLE -searchscope wholesubtree -search "(&(member=CN=Lance Robinson,CN=Users,DC=JUNGLE... ...
More with the ldap cmdlets in NetCmdlets, here's how to list the members of a particular group. I used the get-ldap command shown in the last post to get a list of all my admin groups, and save it in a $groups collection: PS C:\> $groups = get-ldap -server myserver -cred $mycred -dn dc=JUNGLE -searchscope wholesubtree -search "(&(objectclass=group)(... PS C:\> $groups Host DN ---- -- testboy CN=Administrators,CN=Builti... testboy CN=Schema Admins,CN=Users,DC=JUNGLE testboy ...
NetCmdlets doesn't have a long list of Active Directory cmdlets for PowerShell. Instead, it has 2. And they aren't AD specific - they just implement the LDAP protocol itself so they can work with any LDAP server, Active Directory or not. Two cmdlets are all that is needed to make common tasks simple. One for setting values (set-ldap), and one for getting values (get-ldap). Here's how I can retrieve a list of all the "admin" groups: PS C:\> get-ldap -server myserver -cred $mycred -dn dc=JUNGLE ...
This is the question I asked myself today, just to see what kind of answer I would give myself. These are the kinds of questions I've had time to ask myself wince surgery (02JUL07) to correct a hernia and a problem with my Ileostomy. It's weird, I, like millions of other people, get up every morning, drink my coffee and read my RSS feeds (Hey what can I say, I'm a geek) then head of to work. And like so many others I never stop to ask myself questions like this one, mainly because I really don't ...
By default Office SharePoint Server 2007 imports all profiles from the Active Directory Database. This presents an issue for some companies (mine in particular ;)). After doing some searching I found an older article by Michael Bollhoefer. He tipped me off to the following LDAP filter which worked beautifully, and after running a full profile import and reindexing our SharePoint Search those old Inactive profiles were gone from the Database and the search. (&(objectCategory=perso... ...
Well looks like I'll have to add "download Server 2008 and install in VMware (oops. Virtual Server)" to my ToDo list? ;-) A closer look at Session Broker load balancing in Windows Server 2008 In Technical Articles Notice: This article was written based on the Beta 3 release of Windows Server 2008. Features and facts about the Session Broker Load Balancing therefore could be subject to change as Windows Server 2008 moves towards RTM. You should be aware of this! Session Directory versus Session Broker ...
Hmm.....I have a very under utilised Blog. Very sad indeed. Not sure if that's because I have nothing to say or I am just too lazy to put it up. Probably the latter. Anyways, I attended a Windows Server 2008 Technical Readiness event yesterday in Melbourne. As I was too busy in the past, I never had a chance to look into what new goodies Windows Server 2008 will bring, so I thought this would be a good opportunity to find out more. Surprisingly, the session was quite informative and did not turn ...
Daniel Moth has an excellent post that explains what makes up the .NET Framework 3.5. This post also sparked a very good discussion on The Code Project. There are two elements that make up version 3.5 of the Framework: the "green bits" and the "red bits". This model is aimed at minimizing the impact of delivering new features and functionality. The red bits are those parts of the Framework that exist in release today, which include the .NET Framework 2.0 and 3.0 releases. The green bits are brand ...
*Moved to: Benefits of remote access for Team SystemRemote access for Team Server is about disparate teams. This means that you can use those cheep contractors in eastern Europe without needing to give them a small project because of the difficulties in integrating their work. Essentially you use SSL with Active Directory to secure the services and sites while giving them controlled access to the system. Read more...Follow my new blog on http://blog.hinshelwood.com ...
I found it hard to find a definitive list on the internet for what ports needed opening for Active Directory to replication between Firewalls. Here are my findings and all is working so, hope this helps someone else. TCP UDP ICMP RDP Remote Desktop 3389 DNS DNS Download 53 DNS Queries 53 WINS Replication WINS 42 WINS 42 ICMP echo-request 8 info-request 15 mast request 17 timestamp 13 NetBIOS Services Name Resolution Service 137 137 Datagram Services (Browsing) 138 Session Service (net use) 139 SMB ...
According to eWeek, Microsoft will release the third beta, which is also the first pubic beta, for Windows Server "Longhorn" today. So far, Longhorn remains on track for RTM in the second half of 2007. More than 10,000 people have already tested the product either directly through Microsoft's technical beta program or through Community Technology Previews through TechNet or MSDN subscriptions. Windows Server "Longhorn" will build on the improvements made in Windows Server 2003 R2, and add the ability ...
Many of us have probably dabbled in setting up our own domain and forest for development purposes. For me - a domain is a must - I have my development environment that is heavily used to model development projects for clents - and I have my family - me, my wife, and 7 children with their own computers. So, we have a fairly detailed setup on the home front - but the following applies to ANY environment in which your primary domain controller gives up the ghost - and you do not have an image backup ...