An Enterprise Administrators Blog

Support in Active Directory for centrally enforcing client DNS settings via Group Policy Objects is at best patchy.  Many of the settings work only with specific (and often legacy) versions of Windows; the “DNS Server” is one such setting.   It is supported only on Windows XP Professional meaning no support is available for Windows Server 2000, 2003, 2008, Windows Vista or Windows 7.   In most environments workstations receive their DNS Server configuration settings automatically via DHCP.   These settings can be changed by configuring either the DHCP server global or scope settings,  (note: TCP/IP settings configured locally on a computer override the settings provided by DHCP).    While commonly servers have their TCP/IP settings statically configured.   

One possibility as to why Microsoft has not pursued widening the DNS Server GPO setting support for newer releases of Windows is that network configurations particularly on servers are often more complex, for example multiple network interface cards (NICs) or multiple VLANs trunked into a single NIC.   In such scenarios it would be difficult to apply settings in a GPO to a specific targeted NIC on a server. Read more

Ensuring replication is running smoothly across an Active Directory forest is a primary Administration task.     Best practice recommends the ongoing monitoring of Active Directory replication using SCOM or  another enterprise management tool, monitoring can also be performed using repadmin (repadmin /showrepl * /csv) together with a little scripting to interpret the output.   Typical symptoms of replication issues are objects not being available in one or more site(s), for example a recently created user account, a printer or a directory share is not visible for a subset of users.

A good starting point to confirm there are issues is in the Directory Services Event Logs on the Domain Controllers   Deciding what actions to take are dependent upon the specific events that are being logged, however to troubleshoot, it is important to have a thorough understanding of Active Directory replication.

Most people reading this are already aware Active Directory Forests use sites to manage replication traffic between Domain Controllers.   Sites are interconnected by site links which determine the routing cost for replication of directory data (forest partitions, domain partitions and SYSVOL) between different sites.  The replication  routing algorithm is calculated for the forest by the KCC. Read more

Over the last 15 years I have been an advocate of certification programmes and recently having attended the VMware vSphere 4 What’s New course, one my next tasks was to update my VCP certification to VCP 4. Right now disillusioned with IT certification programmes I am keeping this on hold.

Professional certifications are intended to reward technology professionals who have proven their ability in a particular technology area. Gained through training and on the job experience a certification is something tangible the IT professional can use to market themselves, maximise future job opportunities and maximise their earning potential by providing prospective employers with official recognition for the knowledge they possess. Unfortunately today, the certification model offered by many software and hardware vendors carry little credibility as the opportunities open to candidates to cheat the system are readily available leaving most IT certification programmes lacking integrity.

Recently discussing the many available IT certification programmes with a fellow IT professional he mentioned he had already attained VCP 4 certification. He confided for his revision he had used a Read more

The System Engineers are hard at work!

Blog kicks off Jan 4th, 2010, please check back then, in the meantime follow on twitter @stuartconey and get new post alerts – thanks!