windows net
play

Windows.NET Windows.NET Beta 3 Beta 3 Active Directory New Features - PDF document

Sep 04, 2022 •261 likes •588 views

25. DECUS Symposium 16.04.2002 Windows.NET Beta 3 Windows.NET Windows.NET Beta 3 Beta 3 Active Directory New Features Directory New Features Active Active Directory New Features Wolfgang Werner Wolfgang Werner Compaq Compaq Decus Bonn

  1. 25. DECUS Symposium 16.04.2002 Windows.NET Beta 3 Windows.NET Windows.NET Beta 3 Beta 3 Active Directory New Features Directory New Features Active Active Directory New Features Wolfgang Werner Wolfgang Werner Compaq Compaq Decus Bonn 2002 Decus Bonn 2002 Agenda Agenda Agenda � Install Replica from Media � Domain Controller Rename � Domain Rename � Universal Group Membership Caching � Linked Value Replication � Forest Trusts � Application Directory Partitions � Defunct Schema Objects � InetOrgPerson http://www.decus.de 1

  2. 25. DECUS Symposium 16.04.2002 Install Replica from Install Replica from Media Media Install Replica from Media � Problem: Installing a Domain Controller at a site with slow network connection � Windows 2000 replicates a complete copy of the Active Directory database and possibly the Global Catalog over the network 1 Install Replica from Media Media Install Replica from Install Replica from Media � Windows.NET Server allows loading the Active Directory database from a backup of an existing Domain Controller or Global Catalog server – Backup the system state of an existing DC – Restore system state on an alternate location on target server http://www.decus.de 2

  3. 25. DECUS Symposium 16.04.2002 Install Replica from Install Replica from Media Media Install Replica from Media � Run DCPROMO in Advanced Mode – DCPROMO /ADV Install Replica from Media Media Install Replica from Install Replica from Media � Network connectivity still required for up-to-date information – Changes in the AD databases and SYSVOL folder updates are replicated over the network � Restrictions – The backup cannot be older than the tombstone lifetime (default 60 days) – Application directory partitions will not be restored http://www.decus.de 3

  4. 25. DECUS Symposium 16.04.2002 Agenda Agenda Agenda � Install Replica from Media � Domain Controller Rename � Domain Rename � Universal Group Membership Caching � Linked Value Replication � Forest Trusts � Application Directory Partitions � Defunct Schema Objects � InetOrgPerson Domain Controller Rename Rename Domain Controller Domain Controller Rename � Windows 2000 a domain controller (DC) can't be renamed � In Windows.NET DCs can be renamed without being demoted first � New name is automatically updated to DNS and Active Directory http://www.decus.de 4

  5. 25. DECUS Symposium 16.04.2002 Domain Controller Domain Controller Rename Rename Domain Controller Rename � No Explorer like features � Procedure: – Add a new name – Wait for the new name to propagate through the network – Remove the old name Domain Controller Rename Rename Domain Controller Domain Controller Rename � Add new name – NETDOM COMPUTERNAME oldname /ADD:newname � Wait for replication of – DNS host (A) records � servicePrincipalName attribute to all DCs in the domain and all Global Catalog servers in the forest http://www.decus.de 5

  6. 25. DECUS Symposium 16.04.2002 Domain Controller Domain Controller Rename Rename Domain Controller Rename � Update computer account in AD – NETDOM COMPUTERNAME oldname /MAKEPRIMARY:newname � Reboot � Wait for the replication of the DNS Locator resource records – Defined in system32\config\netlogon.dns Domain Controller Rename Rename Domain Controller Domain Controller Rename � Remove old name – NETDOM COMPUTEENAME newname /REMOVE:oldname – Removes old DNS host (A) records – Removes the old name in Active Directory � Change "Computer Name" in System Control Panel http://www.decus.de 6

  7. 25. DECUS Symposium 16.04.2002 Domain Controller Domain Controller Rename Rename Domain Controller Rename � Moving DCs between domains was planned but will not be implemented � Certification Authorities can not be renamed � DNS and Active Directory replication latency may cause a temporary inavailability Agenda Agenda Agenda � Install Replica from Media � Domain Controller Rename � Domain Rename � Universal Group Membership Caching � Linked Value Replication � Forest Trusts � Application Directory Partitions � Defunct Schema Objects � InetOrgPerson http://www.decus.de 7

  8. 25. DECUS Symposium 16.04.2002 R Renaming enaming D Domains omains Renaming Domains � Change the DNS and NetBIOS names – of the forest-root domain – any tree-root domains – any parent and child domains � Restructure a domain's position within a forest Renaming enaming D Domains omains R Renaming Domains � No Pruning and Grafting capabilities � Windows.Net Help and Support: "A domain rename will affect every domain controller in your forest and is a thorough multi-step process that requires a detailed understanding of the operation" � Resources from http://www.microsoft.com/windows2000/downloads/tools/ domainrename/default.asp – Understanding How Domain Rename Works (28 pages) – Step-by-Step Guide to Implementing Domain Rename (69 pages) – rendom.exe utility http://www.decus.de 8

  9. 25. DECUS Symposium 16.04.2002 R Renaming enaming D Domains omains Renaming Domains � Identity of the forest root domain cannot be changed � If Exchange 2000 is deployed in the same forest domain rename is blocked � Each domain controller in the forest will be out-of-service briefly � All Domain Controllers in the forest that where unreachable during the operation or finished in the Error state must be demoted � Any external trust relationships must be re-established � ... Agenda Agenda Agenda � Install Replica from Media � Domain Controller Rename � Domain Rename � Universal Group Membership Caching � Linked Value Replication � Forest Trusts � Application Directory Partitions � Defunct Schema Objects � InetOrgPerson http://www.decus.de 9

  10. 25. DECUS Symposium 16.04.2002 Universal Universal G Group roup M Membership embership C Caching aching Universal Group Membership Caching � In Windows 2000 a Global Catalog Server is required for logging on to a domain – To determine the users membership in universal groups – If no local GC is available a server in the remote site will be used � Recommendation: at least one GC per site – Adds replication traffic Universal G Group roup M Membership embership C Caching aching Universal Universal Group Membership Caching � If no Global Catalog is available: – If the user is an administrator logon succeeds – If only a Domain Controller is available the user fails to log on to the workstation – If no Domain Controller is available, the user is logged on with cached credentials http://www.decus.de 10

  11. 25. DECUS Symposium 16.04.2002 Universal Universal G Group roup M Membership embership C Caching aching Universal Group Membership Caching � Workaround in Windows 2000: HKLM\System\CCS\Control\Lsa\ IgnoreGCFailures 1 � Q241789 How to Disable Requirement that a Global Catalog Server Be Available to Validate User Logons � Potential security vulnerability if universal groups are also used Universal G Group roup M Membership embership C Caching aching Universal Universal Group Membership Caching � Windows.NET adds the ability to cache the Universal Memberships of the users � Enabling this caching process is done on a Site- by-Site basis � To enable GC-less logon modify AD Sites NTDS Site Settings object http://www.decus.de 11

  12. 25. DECUS Symposium 16.04.2002 Universal Universal G Group roup M Membership embership C Caching aching Universal Group Membership Caching � The DC will use the cached information even if a GC is available � Cache is updated in eight-hour intervals (default) – This caching mechanism may allow stale data � Cached data expires from lack of use – No logon in 180 days (default) Universal G Group roup M Membership embership C Caching aching Universal Universal Group Membership Caching � To adjust the default refresh interval HKLM\System\CCS\Services\NTDS\Parameters\ Cached Membership Refresh Interval DWORD in minutes � To adjust the default expiration time period HKLM\System\CCS\Services\NTDS\Parameters\ Cached Membership Site Stickiness DWORD in minutes http://www.decus.de 12

  13. 25. DECUS Symposium 16.04.2002 Universal Universal G Group roup M Membership embership C Caching aching Universal Group Membership Caching � msDS-Cached-Membership single valued attribute added to the user object – Stores the SIDs of the Universal Groups to which the user belongs – To populate the attribute the DC must contact a GC when a user first logs on – Not replicated between Domain Controllers Universal G Group roup M Membership embership C Caching aching Universal Universal Group Membership Caching � No GUI to control an update of the cached msDS-Cached-Membership attributes � Use ADSI set objRoot = GetObject("LDAP://RootDSE") objRoot.Put "UpdateCachedMemberships", 1 objRoot.SetInfo http://www.decus.de 13

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Windows Not just for houses Windows 1-10 Windows Server Essentially a jacked up windows 8 box

Windows Not just for houses Windows 1-10 Windows Server Essentially a jacked up windows 8 box

Windows Not just for houses Windows 1-10 Windows Server Essentially a jacked up windows 8 box - Still GUI based - Still makes no sense - No start menu :( - (Install classic shell)... trust me... Windows Server What can it do? - Email

1.06k views • 37 slides
Windows Not Just For Houses Everyone Uses Windows! Versions of Windows 10 There are multiple

Windows Not Just For Houses Everyone Uses Windows! Versions of Windows 10 There are multiple

Windows Not Just For Houses Everyone Uses Windows! Versions of Windows 10 There are multiple different versions of Windows 10 that support different features The version of Windows that we will be using is Enterprise edition This

973 views • 53 slides
Windows 8 Heap Internals Windows 8 Heap Internals Windows 8 Heap Internals INTRODUCTION Windows 8

Windows 8 Heap Internals Windows 8 Heap Internals Windows 8 Heap Internals INTRODUCTION Windows 8

Windows 8 Heap Internals Windows 8 Heap Internals Windows 8 Heap Internals INTRODUCTION Windows 8 Heap Internals Who Chris Valasek (@nudehaberdasher) Sr. Research Scientist Coverity Tarjei Mandt (@kernelpool) Vulnerability

1.33k views • 91 slides
mc-a ISSUED DATE McAlpine Architecture PC (T) E-mail: 34-26 Street 212.366 .0700

mc-a ISSUED DATE McAlpine Architecture PC (T) E-mail: 34-26 Street 212.366 .0700

WINDOWS TO BE REPLACED, APT. 508/509 UPPER SASH OF BATHROOM WINDOW WINDOWS TO BE REPLACED, APT. 508/509 WINDOWS TO BE REPLACED, APT. 508/509 WINDOWS TO BE REPLACED, APT. 508/509 WITH LOUVER IN PLACE OF GLASS FOR A/C mc-a mc-a mc-a mc-a

217 views • 8 slides
Windows NT Security Windows 95, 3.1, 3.11 are basically DOS and they have no security

Windows NT Security Windows 95, 3.1, 3.11 are basically DOS and they have no security

Windows NT Security Windows 95, 3.1, 3.11 are basically DOS and they have no security whatsoever. Windows NT has security features, especially as a computer in a network. Security of Windows NT should be understood correctly. In

592 views • 31 slides
Roadmap for Section B A Brief History of Windows and Linux Comparing the Windows and Linux kernel

Roadmap for Section B A Brief History of Windows and Linux Comparing the Windows and Linux kernel

Unit OS B: Comparing the Linux and Windows Kernels Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section B A Brief History of Windows and Linux Comparing the Windows and Linux

430 views • 25 slides
1. 2. 3. 1. 2. 3. Windows 10 IoT Core Universal Windows Platform (UWP) Microsoft Azure v7

1. 2. 3. 1. 2. 3. Windows 10 IoT Core Universal Windows Platform (UWP) Microsoft Azure v7

1. 2. 3. 1. 2. 3. Windows 10 IoT Core Universal Windows Platform (UWP) Microsoft Azure v7 v8 Windows Embedded Standard One core Multiple SKUs v8. Windows Embedded 1 Windows 10 Windows Embedded Handheld Converged OS kernel Converged

1.08k views • 60 slides
Windows 8/RT and Wine Admittedly not usually ARM-specific Ridiculous Terminology MS

Windows 8/RT and Wine Admittedly not usually ARM-specific Ridiculous Terminology MS

Windows 8/RT and Wine Admittedly not usually ARM-specific Ridiculous Terminology MS introduced a mess of new terms for Windows 8, and I have to go through them so we dont get confused. Windows RT: An edition of Windows 8 that runs on

389 views • 8 slides
26.1 FUNDAMENTAL WINDOWS SECURITY ARCHITECTURE Anyone who wants to understand Windows security

26.1 FUNDAMENTAL WINDOWS SECURITY ARCHITECTURE Anyone who wants to understand Windows security

CHAPTER 26 W INDOWS S ECURITY 26.1 FUNDAMENTAL WINDOWS SECURITY ARCHITECTURE.................. 2 26.2 WINDOWS VULNERABILITIES ................................................. 18 26.3 WINDOWS SECURITY DEFENSES

537 views • 43 slides
Installing and Demonstrating Cantera 1.7 for Windows ChE 641 Combustion Modeling System

Installing and Demonstrating Cantera 1.7 for Windows ChE 641 Combustion Modeling System

Installing and Demonstrating Cantera 1.7 for Windows ChE 641 Combustion Modeling System Requirements A PC running MS Windows 2000, or Windows XP Matlab (6.5, 2007a/b or 2008a/b) Python 2.5 Download the Windows installer from

288 views • 10 slides
Roadmap for Section A.1 General Concepts - Windows Networking Domains & Active Directory The

Roadmap for Section A.1 General Concepts - Windows Networking Domains & Active Directory The

Unit OS A: Windows Networking A.1. Networking Components in Windows Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section A.1 General Concepts - Windows Networking Domains &

443 views • 28 slides
Windows | Doors | Facades Products and Services | Windows | Doors | Facades | Frameless glass

Windows | Doors | Facades Products and Services | Windows | Doors | Facades | Frameless glass

Windows | Doors | Facades Products and Services | Windows | Doors | Facades | Frameless glass partitions | Stainless steel handrails Windows Windows , that reflect your style Window systems AWS 65 AWS 70.HI

215 views • 19 slides
Roadmap for Section 2.3. Environment Subsystems System Service Dispatching Windows on Windows -

Roadmap for Section 2.3. Environment Subsystems System Service Dispatching Windows on Windows -

Unit OS2: Operating System Principles 2.3. Windows on Windows - OS Personalities Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section 2.3. Environment Subsystems System

678 views • 20 slides
SirepRAT Windows IoT Core Abusing a Windows service for RCE About Me 7+ years in InfoSec

SirepRAT Windows IoT Core Abusing a Windows service for RCE About Me 7+ years in InfoSec

SirepRAT Windows IoT Core Abusing a Windows service for RCE About Me 7+ years in InfoSec Security Researcher @Safebreach Presented at DEFCON, DEEPSEC, Hackfest @bemikre Contents 1. Windows IoT Core 2. Live SirepRAT

967 views • 74 slides
Hat: Windows and WIMP Neil Mitchell Progress Updates I have: Ported the Hat tools to Windows

Hat: Windows and WIMP Neil Mitchell Progress Updates I have: Ported the Hat tools to Windows

Hat: Windows and WIMP Neil Mitchell Progress Updates I have: Ported the Hat tools to Windows Written Hat-make Library-fied some Hat tools Written Hat-Gui Hat Windows Port Works reasonably well Windows dislikes:

280 views • 14 slides
Windows 10: Decisions, Preparation and Boot Camp Introduction Ernie and John conversation 1. Why

Windows 10: Decisions, Preparation and Boot Camp Introduction Ernie and John conversation 1. Why

Windows 10: Decisions, Preparation and Boot Camp Introduction Ernie and John conversation 1. Why upgrade to Windows 10 rather than staying with Windows 7 or 8.1? a. Windows 7 is over 5 years old. There will be no new features . b. Windows 8.1 is

432 views • 6 slides
1 Not just operating systems The basic issue 7 8 Developing software systems that are On

1 Not just operating systems The basic issue 7 8 Developing software systems that are On

1 2 Lecture 26: Introduction to Programming From Programming to Bertrand Meyer Software Engineering Last revised 2 February 2004 Chair of Softw are Engineering I ntroduction to Programming Lecture 26 Chair of Softw are Engineering I

234 views • 8 slides
Microkernels John Criswell University of Rochester 1 Onwards to user-space! 2 Microkernels 3

Microkernels John Criswell University of Rochester 1 Onwards to user-space! 2 Microkernels 3

CSC 256/456: Operating Systems Microkernels John Criswell University of Rochester 1 Onwards to user-space! 2 Microkernels 3 Monolithic Kernel (aka Everything and the Kitchen Sink) Application Application Libraries Commands

225 views • 22 slides
Equilibrium Configurations of Nematic Liquid Crystals on a Torus Antonio Segatti Dipartimento di

Equilibrium Configurations of Nematic Liquid Crystals on a Torus Antonio Segatti Dipartimento di

Equilibrium Configurations of Nematic Liquid Crystals on a Torus Antonio Segatti Dipartimento di Matematica F . Casorati, Pavia url: www-dimat.unipv.it/segatti DIMO 2013 Diffuse Interface Models, Levico Terme 12/09/2013 Joint with M.

1.35k views • 92 slides
Linking and Caging Yuliy Baryshnikov 1 , 2 Bell Laboratories, Murray Hill, NJ 1 joint with A.

Linking and Caging Yuliy Baryshnikov 1 , 2 Bell Laboratories, Murray Hill, NJ 1 joint with A.

Linking and Caging Yuliy Baryshnikov 1 , 2 Bell Laboratories, Murray Hill, NJ 1 joint with A. Vainshtein, U Haifa 2 supported by DARPAs SToMP grant. December 14, 2009 Yuliy Baryshnikov (Bell Laboratories) December 14, 2009 1 / 24 caging

765 views • 57 slides
Four Projects Simplifying Comparing Locating Input Coverage Causes 3 weeks 3 weeks 4 weeks

Four Projects Simplifying Comparing Locating Input Coverage Causes 3 weeks 3 weeks 4 weeks

About the Course Andreas Zeller 1 Course Topics Tracking and Reproducing Problems The Scientific Method Making Programs Fail Isolating Failure Causes (automatically) Locating and Fixing Defects Why does my Program Fail?

66 views • 5 slides
Rekindling Network Protocol Innovation with User-Level Stacks Felip Felipe e Huici ici (NE

Rekindling Network Protocol Innovation with User-Level Stacks Felip Felipe e Huici ici (NE

Rekindling Network Protocol Innovation with User-Level Stacks Felip Felipe e Huici ici (NE (NEC Europ rope) e) Michio Honda (NetApp), Joao Taveira Araujo (UCL), Luigi Rizzo (Pisa University), Costin Raiciu (Universitea Buchalest)

839 views • 31 slides
Roadmap for Section 4.5. Thread Scheduling Details Quantum Stretching CPU Starvation Avoidance

Roadmap for Section 4.5. Thread Scheduling Details Quantum Stretching CPU Starvation Avoidance

Unit OS4: Scheduling and Dispatch 4.5. Advanced Windows Thread Scheduling Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section 4.5. Thread Scheduling Details Quantum Stretching

153 views • 14 slides
From LNK to RCE Finding bugs in Windows Shell Link Parser Lays Who am I - Lays Senior

From LNK to RCE Finding bugs in Windows Shell Link Parser Lays Who am I - Lays Senior

From LNK to RCE Finding bugs in Windows Shell Link Parser Lays Who am I - Lays Senior Researcher at TeamT5 Focus on Reverse Engineering / Vulnerability Research MSRC Most Valuable Security Researcher 2019 / 2020 Acknowledged by

1.31k views • 103 slides

More recommend