Blog Archives

SQL Server: Cannot Generate SSPI Context and KRB_AP_ERR_MODIFIED Errors

As DBAs, one of the most  common tasks performed is the installation of new SQL Servers.  While I’ve installed hundreds of SQL Server instances over the years, I only recently come across the error described below.  In the past, I’ve seen

Posted in Active Directory, SQL Server

Use Windows Authentication to Connect to SQL Server in OpenSuSE 12.3 x64

One of the things I love most about SuSE is how well it integrates with Active Directory. Joining a domain is easy when using yast. First I ensured that the Linux server’s DNS server is pointed to my DC, then

Posted in Active Directory, Linux, Security, SQL Server

SQL Server Discovery Tools and Scripts

Each time I start a new contract, the first thing I do is search for all SQL Servers across any network/subnet to which I have access. While the documentation I get is usually paltry or non-existent. When it does exist,

Posted in Active Directory, PowerShell, SQL Server

Patterns and Practices: A Guide to Claims-Based Identity and Access Control – Free ebook.

While I usually like conversation-style technical books (think: Manning’s In Action series and many Wrox books), Microsoft’s Patterns and Practices series is one of my favorite even though they feel so formal. Recently, my buddy Buck Woody posted a link

Posted in Active Directory, Networking, Security

PowerShell Workaround: “Replicate Directory Changes” Permissions in AD Required for SharePoint 2010 Profile Syncs

According to the SharePoint 2010 Communities FAQ, Microsoft is burdening SharePoint 2010 Administrators with new requirements to obtain Active Directory accounts with “Replicate Directory Changes” permissions because… In order to interrogate AD about “what has changed since time xyz”, we

Posted in Active Directory, PowerShell, SharePoint

Find LDAP DN of Users and Groups using the Command Line

I always forget this command, so here’s a handy reference (for moi): Find LDAP Path of… Command OU dsquery OU –name “OU name” Group dsquery group –name “Group name” Username dsquery user –name username Computer dsquery computer -name computername  

Posted in Active Directory

FIX: Windows 7 Login Error "The trust relationship between this workstation and the primary domain failed."

UPDATE: Omg, awesome! Use PowerShell’s Reset-ComputerMachinePassword, then reboot. Hat tip: Don’t Rejoin to Fix. Don’t do what I did below. Just run Reset-ComputerMachinePassword in PowerShell and reboot. Recently, my workstation was suddenly unable to logon to my Windows 2008 domain.

Posted in Active Directory, Windows

Securing Apache using mod_ssl, OpenSSL and Microsoft Certificate Authority (CA)

Recently, I used my Windows-based domain’s Enterprise Root Certification Authority to secure my subversion repository that is hosted on an Apache-based server. The process was rather straight-forward and relatively fast — especially because I skipped over all of the file

Posted in Active Directory, Apache, Linux, Networking, Security