Dostaval som casto otazky ohladom licencii pre RDS/TS. Vela adminov sa pytalo na zvlastne otazky o odpocitavani licencii na licencnom servery.
Ked chcete pouzivat RDS/TS viac ako 120 dni, tak si treba nainstalovat a skonfigurovat licencne sluzby pre RDS/TS. Taktiez je potrebne zakupit RDS/TS CAL-y (Client Access Licenses). CAL-y su licencie pre pripojenie sa k RDS/TS serverom. Ked sa instaluju RDS/TS licencne sluzby, tak su na vyber tri varianty licencovania CAL-ov:
Read more…
Today I tried to split two domain created in one AD forest.
Scenario
I had 1st created domain domain.local which was top-forest root domain. It contained two domain controllers (SRVDC01.domain.local (W2008R2) and SRVDC02.domain.local(WS8)). Second domain I’ve created was domain2.local which was in same AD forest, but in different AD tree. I had little problem when creating new domain domain2.local, because SRVDC02.domain.local was powered off for couple days. DCPromo on SRVXX01.domain2.local was complaining about some replication problems. So I needed to power it on and force replication. It was weird, because SRVDC2.domain.local haven’t hold any of FSMO roles. When it was all done, all looked up and running.
Read more…
Takže po dlhšej dobe pokračujem. Dneska popišem WMI filtre a taktiež Loopback Processing.
WMI Filtre
WMI filtre sa používajú na to, aby sa lepšie špecifikovali podmienky aplikovania GPO politík. Ale najprv si vysvetlime, čo to vlastne WMI je. WMI je skratka od Windows Management Instrumentation, čo predstavuje rozhranie cez ktoré je možné tak vyčítať rôzne údaje z OS ako aj samotné nastavenia OS meniť. WMI si predstavte ako databázu na každom Windows OS. Pomocou podobných príkazov ako sú SQL príkazy je možné vyčítavať rôzne informácie. Napríklad je možné vyčitať informácie o type a modele BIOSu na počítači. Ďalej napríklad informácie o veľkosti RAM pamäte, verzia OS, zoznam hotfixov, rýchlosť otáčok ventilátora na CPU,…
Read more…
At one of our bigger customer we started to have weird problem. When you disabled UAC it was still active even after reboots.
Read more…
Most of you probably already updated Active Directory infrastructure from Windows 2003 to Windows 2008 R2. What I see most is that administrators do not upgrade DFS replication subsystem for SYSVOL shares. Before Windows Server 2008 (also R2) was released FRS (File Replication System) is used. In Windows 2008 R2 there is new version released and it’s called DFSR (Distributed File System Replication).
FSR
FSR uses NTFS volumes’ USN journal to determine when a change has occured to a file and triggers replication. When FSR detects file close it gathers information about file and it’s attributes. It also checks file’s MD5 hash. If MD5 hash changes it will trigger replication. If file has changed whole file is send to FSR replication partners.
DFSR
First benefit of DFSR is that it doesn’t replicate whole file, but just a changed data in the file. To be able to check only changes in files it uses RDC (Remote Differential Compression) compression algorithm.
Read more…
Couple days I installed Windows Server 8 and I started to play 🙂
There is weird desktop in new Windows. It’s not as pretty as it is in Windows Server 2008. It’s kinda forced to use touch screen, but who would use touch screen to administer servers? Not me 🙂
Normal stuff
- I couldn’t find any way to restart/shutdown Windows Server 8. Only way I could use is command line (shutdown.exe). But there is a way via Metro…upper right corner…Settings…Power…Restart (http://technet.microsoft.com/library/hh831491.aspx)
- I don’t know how to turn IE ESC off. I couldn’t find any setting to enable/disable it
- It is nice to be able to team network interfaces, but there is no help what each setting means
Active Directory
Nice article about changes http://blogs.technet.com/b/askds/archive/2012/04/06/group-policy-management-improvements-in-windows-server-quot-8-quot-beta.aspx
DNS
They have imported DNSSec into DNS server.
Security tab for DNS server settings is running faster 🙂
Windows Update Service
I received errors after installation and I couldn’t run WSUS console.
Read more…
When you are facing slow logons into domain and you also get events 1030 and 1006 you need to look into your network. By default Kerberos uses UDP packets to communicate. You need to force Kerberos to use TCP instead of UDP by changing registry key:
HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\ Kerberos\\Parameters
If it doesn’t exists just create it 🙂
Create DWORD key called MaxPacketSize and set it to value 1.
For more infor there is official KB http://support.microsoft.com/kb/244474/en-us
Nowadays I meet couple customers which wanted to implement old school technologies: folders redirection and roaming profiles. When they have implemented features they didn’t do it right way, because they have used default settings which are not really what you might want. I also read couple articles why roaming profiles and folders redirection are bad solutions. They really ain’t that bad.
Read more…
When you start cmd.exe in Windows 2008 or Windows 7 you will get little small tinny window:
Small cmd.exe
This is getting on my nerves to change is on every server/workstation I log in.
Read more…
When I was cheking Remote Desktop configuration on couple Windows 2008 R2 servers I’ve noticed that I cannot access Remote Desktop Session Host Configuration and I get following error:
Read more…
Recent Comments