Day: January 29, 2009

Securing Wireless with WHS Part II

Some of you might be using Windows 7 already and have noticed that the Wireless solution for Windows Home Server does work well with Windows 7. In fact, the computer does not challenge the user for a username or password, but just tells you it cannot connect. This is because Windows 7 has a different default setting for WPA-Enterprise authentication to wireless networks. By default the client computer will try to authenticate the user including the computername. IAS warnings in the eventlog are a result of Windows 7 computers trying to authenticate.

Read more

Windows 2008 Features (DFSRMIG)

 

The introduction of Windows 2008 brought us the famous Read-Only domain controller, the domain controller without passwords (unless explicitly approved) and one-way replication. That one-way replication also applied to the SYSVOL share. Sysvol is replicated by either FRS or DFSR depending on the initial setup of the domain. If you have upgraded your domain from Windows 2000 or Windows 2003 to Windows 2008 SYSVOL is still using FRS to replicate. When you have initially deployed Windows 2008 and set the forest functional level to use the Windows 2008 standards; DFSR is used. Usually the replication of Sysvol is two-way, you can change the contents on each domain controller and those changes are replicated to all domain controllers.

Read more

Windows 2008R2 features part II: Recycle Bin

Windows 2008 R2 Active Directory introduces the Recycle Bin option. If you deployed Windows 2008 R2 or upgraded your domain to the Windows 2008 R2 schema and you think the recycle bin is active, you are wrong. You have to specifically enable the recycle bin feature.

So upgrade your forestlevel and run the following command within a poweshell console:

Enable-ADOptionalFeature -Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=DirectoryService,CN=Windows NT,CN=Services,CN=Configuration,DC=rootdomain,dc=local’

 -Scope Forest -Target ‘rootdomain.local’

 

Read more

Windows 2008R2 features part I: Offline domain join

Since Windows NT4, clients who wanted to join a domain always needed a direct connection to the domain, either via VPN, dial-in or direct connection. New in Windows 2008R2 is the option for an offline domain join.. how does this work.. ? read on!

A new program is introduced called djoin.exe. We can use this to join a computer to the domain which is not directly connected. What does it do? It creates a text file that can be used by a Windows 7 or Windows 2008R2 client to join the domain.

Read more