Tag: Domain

upgrade

Upgrade Your Active Directory and Domain Controllers the Safe Way

Introduction There are several good guides on the internet about upgrading your Active Directory Forest, Domains and Domain Controllers to Windows Server 2012 R2. I’d like to give you my strategy on this subject. It’s not wrong to add new Domain Controllers to your 2003/2008 domain, transfer the FSMO roles and demote the 2003/2008 DC’s,

Continue Reading
kerberos

Illegal cross-realm Ticket and the Rejected Authentication by Kerberos

Introduction Finally I have found some time to write this blogpost in detail. It took place last year somewhere around october and november, so here we go! The other day I received some complaints about not being able to access a CIFS share on the network. Several users acknowledged this, they got the Windows authentication

Continue Reading
testing

Create “Hidden” Active Directory Site for Application Testing Purposes

One of the biggest challenges in Active Directory Domain Controller upgrades are the application member servers, specifically the ones that make use of Active Directory authentication (Ldap). We all know the legacy applications within the organization, they’re still running after ten or more years, nobody knows something about it, there isn’t any documentation left but

Continue Reading
monitoring

How To Monitor LDAP, Kerberos and NTLM Traffic To Your Domain Controllers

Now with the extended support date for Windows Server 2003 in mind (14-07-2015) it’s good to look at how to finally get rid of those old domain controllers.  I came across a nice Technet article about how to monitor LDAP, kerberos and NTLM traffic to your domain controllers to find out which applications and servers

Continue Reading