Recently a customer asked me about Active Directory Domain Trusts and how the passwords were managed. I replied with some educated guesses based on how AD manages a variety of passwords. After stating how I thought it worked (and mentioned that I wasn’t sure), I decided to look it up. I was mostly correct. Every …
Tag: FSMO
May 08 2014
Active Directory FSMO Placement Guidance
FSMO Placement Guidance Summary: Make sure the PDC is highly available and connected. Place the PDC on your best hardware in a reliable hub site that contains replica domain controllers in the same Active Directory site and domain. Place the Forest FSMOs on the forest root PDC (schema master & domain naming master). Place the …
Nov 17 2012
Windows 2012 RID Management
While “1 Billon RIDs should be enough for anyone,” there are scenarios where a domain could run out of RIDs. This is a “very bad thing” since every security principal requires a RID for creation (Domain SID + RID = security principal SID). One can check the number of RIDs remaining in a domain through …
Recent Comments