Category Archives: Active Directory

AD Certificate Services

by in Active Directory, Certificates, Microsoft Server, Uncategorized | Leave a comment

I hate certificates. Well, a nice wildcard cert deployed internally is fine, but when there’s a faff to replace certificates and it’s been so long, that you really cannot remember what you did in the first place…I just hate it. So imagine my childish delight when I had to build AD CS!

It’s not that bad in all fairness and it boils down to make server, add role, next next next and let AD do it’s magic for all machines you need sending the certificate to within the domain. That’s just reminded me about the VDM certificate for connection servers, which will come later on.

I followed the MS lab guides and also backed this up with a very nice blog post with pretty screenshots and all worked fine. Just remember to add in any subject alternative names if you have a mixture of FQDN and abbreviated server names within your domain.

AD CS and PKI

Deploying Standalone Root CA (Server 2012)

AD Sites, Subnets and Links

by in Active Directory, Microsoft Server, Uncategorized | Leave a comment

Ok, so you may have set up AD, done your Domain and it all works and the world is a happy place. But Alas! You now have to deal with the Branch Office. Dead easy. You got your connection to it? Check. You know the name you want to use? Check. You got the subnet? Check.

Read these and be done with it!

Understanding it!

Step by Step Set up

More details

There considerations such as the Cost (really for multiple sites) and the Replication schedule. I’ve always found the traffic/bandwidth use, to be minimal, but your mileage may vary depending on those underground wires you’re connected to. Or satellite. Or point to point laser link (Pew pew! Aw it’s foggy it doesn’t work anymore!)

Documenting Active Directory

by in Active Directory, Microsoft Server | Leave a comment

Over the years I’ve amassed a huge amount of AD related information. Most of it at the moment I’m working through is about creating a Forest/Domains, OU structure, logical/Geographical models and I think if you need to do that… You probably know how to or where to get the information to do it! All the MS stuff is easily accessible so it’s a bit pointless me posting everything I’ve ever read on it.

One thing that is of use and that bypasses the need to actually…Pay for things is a very old school way of making pretty pictures from AD. It doesn’t work on server 2012, so it will need playing with, but it saves a ton of time working through text documents, AD users and computers, then Visio:

AD Visio Tool