Linked Value Replication (LVR) and Active Directory

An excellent article on what LVR is and how LVR works!   I was in a discussion with a co-worker the other day after he asked me why he was getting errors while trying to modify the memberOf field, to which I reminded him how backlinks work.  I thought this was a very good explanation and…

Read More

The limits of Active Directory

I saw this post over on MSBlog and wanted to preserve it for my own memory. maximum number of GPOs that can apply to a user/computer: 999  maximum number of DNS servers in an AD-integrated zone (without manually adding the details): 850 (Windows 2000), 1300 (Windows 2003) maximum number of supported DCs in a given…

Read More

64bit Domain Controllers and Event Log Max Sizing

There has been alot of discussion on using Windows Server 2003 64-bit edition for an Active Directory Domain Controller (DC) lately. Brian Puhl posts some insightful information on his blog, which offers details on Microsoft’s internal 64bit environment. Joe is seeking some results from the field on those who are paving the 64-bit DC way. Of…

Read More

FSMO roles: If you could only save one, which would it be?

I came across an old post on Brian Puhl’s blog, going over the importance of having certain FSMO roles online, and their impact to the forest.  I like his question of “If you could only seize one, which one and why?” if all the roles were down in a domain.  I am a bit surprised…

Read More

How many trees are in your IT forest?

I have to wonder, what the average number of domains in an Active Directory forest in most enterprises.  Do many organizations only have 1 domain within their AD forest.  I suppose the question is not solely about AD, but about LDAP directories in general. If directories can have multiple paritions, why do so many apps…

Read More