Understanding Local Groups in Computer Management
Open compmgmt.msc on any Windows server or workstation, expand Local Users and Groups, click Groups, and you see roughly 20 built-in local groups staring back at you. Each one bundles…
Tag: Windows Server
Understanding NTFS Advanced Permissions
Click the Advanced button on any folder’s Security tab and you land in a different world. The everyday permissions — Full Control, Modify, Read & Execute, Write — vanish, replaced…
Windows File Permissions: Share vs NTFS Stacking
Every Windows admin runs into the same question on a file server: “I gave the user Full Control on the Security tab — why can’t they delete the file?” The…
Perform an Authoritative Restore of Active Directory Objects
This is the hands-on authoritative restore walkthrough — the procedure Part 5 set up conceptually. We simulate a real disaster: an OU with users is deleted from DC01, the deletion…
Bare Metal Restore: The Full Procedure
The disaster: someone deleted the entire VM. Or the OS volume corrupted. Or a ransomware event encrypted the host. The procedure now is to bare-metal restore from the backup we…
Bare Metal Backup Test on a VM (Prove the Backup Actually Restores)
An untested backup is not a backup. This post is the test. We’ll create a bare-metal backup of a disposable lab VM — not just system state, but the full…
Schedule Automatic Backup in Windows Server 2022
Manual backups are practice. Scheduled backups are what actually saves you when a DC dies at 3 AM. Part 1 covered the one-shot system state backup; this post automates the…
Backup the Active Directory Database (System State + wbadmin)
If you only ever do one Active Directory backup, it’s the system state backup. System state pulls everything AD needs to come back from scratch — the NTDS.DIT database, SYSVOL,…
KCC: How AD’s Knowledge Consistency Checker Builds the Replication Topology
You never have to tell Active Directory “DC1 should replicate with DC2.” AD figures it out itself. The component that does the figuring is the Knowledge Consistency Checker (KCC) —…
AD Replication Frequency: Intra-Site (15 sec) vs Inter-Site (180 min) Explained
AD replication runs on two clocks. Inside a site, it’s near-realtime — 15 seconds after any change. Across sites, it’s scheduled polling — default 180 minutes, minimum 15 minutes, configurable…
How an AD Object’s Metadata Is Modified During Replication (USN, Version, Timestamp)
An AD object isn’t just a name and some attributes — it’s the attributes plus a per-attribute change diary. That diary, called replication metadata, is what makes inter-DC replication, conflict…
How Active Directory Replication Actually Works (USN, DSA GUID, HWMV, UTDV)
Active Directory replication is the engine that keeps every domain controller’s copy of the directory in agreement. It’s also where most “weird” AD problems live — lingering objects, USN rollback,…