Active Directory Replication Types

I find myself quite often trying to keep straight all the different replication activities that can occur within an Active Directory (AD) domain.

There is:

Intrasite Replication
    Urgent Replication
    Intersite Replication
    Intersite Change Notification Replication
    Reciprocal Replication
    Immediate Replication
    Manual Replication

Continue reading “Active Directory Replication Types”

DNS Zone Types Explained

Ace here again. I thought to touch base on DNS zones, and more so, focus on what AD integrated zones are and how they work. This blog almost mimics my class lecture on this topic. Check back for updates periodically, which I will notate with a timestamp above with whatever I’ve added or modified.

This topic was also briefly discussed in the following Microsoft Technet forum thread:
Technet thread: “Secondary Zones?”
http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/c1b0f3ac-c8af-4f4e-a5bc-23d034c85400

source: http://blogs.msmvps.com/acefekay/2013/04/30/dns-zone-types-explained-and-their-significance-in-active-directory/

Server 2008R2 SP1 reboot and Srv2.sys Driver Hotfix

last week , i try to work with Windows 2008 R2 server but my system restart frequently . after research i find Reboot problem. If these servers are using File Share or SMB v.2, srv2.sys may cause this problem.

Srv2.sys driver is root cause of this problem.

This is SMB 2.0 server driver. You can download hotfix KB2552033  for Windows Server 2008 R2 SP1 with your own risk until Microsoft officially release it.

Compare VPN tunnel types in Windows

I am sure you must have experienced VPN reconnect – a new IKEv2 based VPN tunnel that is added in Windows 7 that allows automatic and seamless switchover of an active VPN connection when the underlying Internet interface (connection) changes thus maintaining application persistence.

Isn’t that COOL – like VPN user moving from Wifi to WWAN and back –  giving a true mobile connectivity to corpnet ! Yes it is…

 This means, Windows7 in-built VPN client and Windows 2008 R2 in-built VPN server (aka RRAS) supports following VPN tunnels:

  • ·        PPTP
  • ·        L2TP/IPSec
  • ·        SSTP
  • ·        VPN Reconnect (or IKEv2)

  Continue reading “Compare VPN tunnel types in Windows”

SYSVOL Folder Structure

About each folder under the SYSVOL share in Domain Controller

SYSVOL folder used to store a copy of the domain’s public files like system policies, Group Policy settings and logon/logoff scripts, which are replicated to all other domain controllers in the Active Directory domain through File Replication Services (FRS), You can find many folders inside the SYSVOL share, I would like to explore and explain each folder by how it’s used in the process of SYSVOL replication.

Continue reading “SYSVOL Folder Structure”

Slow logging into domain

When you are facing slow logons into domain and you also get events 1030 and 1006 you need to look into your network. By default Kerberos uses UDP packets to communicate. You need to force Kerberos to use TCP instead of UDP by changing registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\ Kerberos\Parameters

If it doesn’t exists just create it :)

Create DWORD key called MaxPacketSize and set it to value 1.

For more infor there is official KB  http://support.microsoft.com/kb/244474/en-us

Enabling Firewall audit logging in windows

In this article you can see how to enable audit logging for Windows Firewall with Advanced Security.

Windows Firewall with Advanced Security can log firewall activity such as dropped packets or successful connections. By default the firewall log is: %windir%\system32\logfiles\firewall\pfirewall.log

You can configure firewall logging by using Group Policy if desired. But what if you want to collect more detailed logging of firewall activity such as kernel mode connections/drops and other filtering activity? You can do this by enabling Windows Filtering Platform (WFP) audit logging as follows:

Auditpol /set /category:”System” /SubCategory:”Filtering Platform Packet Drop” /success:enable /failure:enable

Auditpol /set /category:”System” /SubCategory:”Filtering Platform Connection” /success:enable /failure:enable

Note that this form of logging may be very verbose, so be careful when enabling this on a computer in your production environment.