- Seriously off topic: What to do when a document has a mismatch of one and two spaces after the end of a sentence?
- When do we not default?
- Implementing Exchange Online with an existing on-premises identity management solution that provisions mailboxes
- Forefront Identity Manager (FIM) 2010 R2 build 4.1.3559.0 released
- Microsoft Identity Manager, a.k.a. Forefront Identity Manager vNext roadmap
Top Posts & Pages
Tag Archives: AD DS
The first wave of Windows Server 8 documentation is available online: Windows Server 8 Beta There’s quite a bit of it. Couple of notable points: AD FS 2.1 is a server role. Features and functionality are the same as AD … Continue reading →
In my previous post I described the minimum set of permissions required by the ADMA account to provision an AD DS user object. In this post I’d like to expand on that and provide the minimum set of permissions required … Continue reading →
The purpose of this post is to provide information on the permissions required by the user account that the Active Directory Domain Services (AD DS) Management Agent (MA) or ADMA uses when it interfaces with an AD domain. I’ve seen … Continue reading →
Quick and cheerful reminder –if you want to perform a password set operation in LDP there’s two main ways of doing it: You can supply a string value to userPassword (providing the domain functional level is Windows Server 2003 or … Continue reading →
I hacked together a .NET command line application for a customer yesterday that basically resets the password of all users within scope to two random passwords. Such functionality was required because we’d P2V’d a production DC into the lab. I … Continue reading →
Quick and gentle reminder. LDP expects you to replace a Boolean attribute with either TRUE or FALSE. True, False, true or false don’t cut it… If you try and use True, False, true or false you’ll get this error: ***Call … Continue reading →
Whether in production behind a hardware load balancer or in a virtualised lab running on your laptop one thing that everyone designing and playing with FIM should be doing is utilising a virtual, or load balanced, hostname for the portal … Continue reading →
Resetting an AD DS password and honouring password history and age using the LDAP_SERVER_POLICY_HINTS control
I recently had to do some frantic experimenting around the area of password reset. I was working with a customer on a convoluted solution that necessitated a password synchronisation operation from the DMZ into a production network without a trust. … Continue reading →