Re: AD != AD
Indeed, since when has Azure Active Directory been called AD? AD = Active Directory.
Very confusing and I hope it is only the clueless writer and not MS muddying the waters further.
62 posts • joined 17 Oct 2013
I remember being excited when HoTMaiL (get it?), which was how it was initially stylized, IIRC, came available. It was pretty revolutionary: web interface, free.
Whippersnappers of today have no idea how it was back then and how useful Hotmail was.
Outlook.com has one extremely useful feature that the free Gmail axed: use your own domain name.
We were testing the 1803 upgrade on 6 PC out of 150.
So far 3 PC upgraded without issues, 2 not upgraded yet, and 1 has similar problem. Black screen after login, but no error messages and keys like Win-R do nothing. So we cannot try to process listed on many sites (run setup.exe from installation media).
Thanks MS... I have pushed back the phased deployment schedule for at least 1 month for the next phase, waiting for June's Patch Tuesday.
This whole krbtgt debacle is usually misunderstood. Same as the last two Reg articles about the same 2 years old+ "new" vulnerability.
This is mostly a persistence mechanism. After a DC is popped the access can be regained unless krbtgt is changed.
(Over-)Pass the hash is even older technique.
You can argue on semantics (and downvote) but each of the FSMO roles can run on only one DC per forest/domain (some are per forest some per domain) as you clearly know.
My reply was about the "only one DC" which clearly was not true in the case of Ops Masters. Of course they should be transferred out before boot but the OP did not mention it.
In my opinion DANE/TLSA records in DNSSEC signed zones would be the answer.
Self-sign the cert but put cert thumbprint in DNS - browser verifies the cert from HTTPS matches what is in TLSA. Would also work against dodgy CAs and loading own CA-certs as is done by enterprises using SSL decryption systems.
Uptake of this has been glacially slow. I do wonder why......
Ok, I'll try. I work at a very small ISP around the world but try to follow what is happening in the West.
Big problems with the U.S. Netflix situation are geographical and "telco-political" (yeah I made that up, deal with it). Very large country, largely sparsely populated where these micro/nano-ISPs (often wireless/WISP) provide only viable service that could described as "approaching broadband". Other option would be the incumbent and bad DSL over bad copper, often at ridiculous prices. To someone not from US it may seem unbelievable that even in middle of urban area, say Silicon Valley, there might be only one provider who can service you with residential fibre or high-speed cable.
The other issue is importance of private peering over Internet Exchanges. In Europe large amount of interconnection between providers is done at IXPs. At US there are very few IXPs and providers have their own private peering arrangements. Add to this the geographical/competetive situation and politics of peering by the big (at least a local monopoly really) players and what is left is the 1000 mile dark fibre from the rural WISP to Netflix.
Multi-mode fibre does "bounce" the light around whereas single mode fibre acts as you had described. MMF is still widely used in data centres (with SR optics) though many people has realized that for green-field it makes sense to go all-SMF (LR equivalent optics on-premises and shorter distances outside; ER, ZR etc. for long-haul).
Biting the hand that feeds IT © 1998–2019