Taking Advantage of Replication Improvements

Windows Server 2003 allows an Active Directory Architect more freedom in the placement of domain controllers across the enterprise. This is because Windows Server 2003 has improved the behavior of replication. At the most basic level, Windows Server 2003 has changed the model for replication. Windows 2000 Active Directory replicated changes object by object. Windows 2003 Active Directory takes this concept one step further by replicating changes attribute by attribute. The net result is an...

Adding Security via Firewall Settings for ASP Terminal Servers

When using Terminal Servers in an ASP environment or sometimes even in a corporate environment you will want to provide some protection for the servers by placing them behind a firewall. By default RDP communicates over TCP port 3389. If for some reason you would like to change the default port this can be done by modifying the following Registry key Use Registry Editor at Your Own Risk If you use Registry Editor incorrectly, you could cause serious problems that might require you to reinstall...

The Registry Editor

In earlier versions of Windows, Registry editing was conducted through two different but similar tools Regedit.exe and Regedt32.exe. Each tool could do some of the tasks involved in making Registry configuration changes, but one could not be used to the exclusion of the other. With Windows XP and Windows Server 2003, Microsoft has consolidated the features of the two tools into a single Registry Editor that has the look and feel of the old Regedit.exe but includes the security and remote access...

Determining the Impact of Global Catalog Failure

When a user authenticates against an Active Directory domain controller, the domain controller must be able to contact a global catalog to determine if the user is a member of any universal groups. If a domain controller fails to contact a global catalog, the user's logon will fail. As such, if a domain controller is going to be placed in a remote site in order to ensure local access to local resources in an office where many users might not have locally caches credentials, it is important to...

Automatic Private IP Addressing APIPA

The Client Server service has been updated in Windows 2000 clients and later, enabling it to automatically assign itself an IP address if no server is available it does so through a process called Automatic Private IP Addressing (APIPA). APIPA clients automatically assign themselves an IP address in the 169.254.0.0 16 range in this situation, which allows them to have basic TCP IP connectivity in small networks. APIPA might be problematic in larger networks because it forces clients to assign...

DHCP Database Backup and Restore Automation

The process of backing up all DHCP settings and restoring them onto the same (or a different) server has been streamlined in Windows Server 2003. No longer do you need to export Registry keys and manually move databases between servers to migrate DHCP because the Backup and Restore process can be accomplished directly from the MMC. The process for backing up and restoring a DHCP database is as follows Open the DHCP Manager by choosing Start, All Programs, Administrative Tools, DHCP. Right-click...

Using Microsoft Metadirectory Services Effectively

When Active Directory designs encompass multiple forests or when the design has to account for mergers and acquisitions, the Microsoft Metadirectory Services MMS tool can be invaluable in keeping directories in synch. MMS, now called Microsoft Identity Integration Server 2003 MIIS 2003 , enables you to integrate and manage identity information across multiple directories. These directories can be different systems or platforms. MIIS 2003 adds functionality to Active Directory by providing...