Managed IT Services Blog

For many traditional domain migrations, the use of sIDHistory is a common vehicle to avoid disruptions. As users and groups are migrated to other domains, they inherit new SIDs. This is because SIDs are domain specific. So historically problems arose when users and groups attempted to access resources in the source domain. Because the DACLs (Discretionary Access Control List) of the source resources are still attuned to the original SID's, users who migrated to a new domain or forest would be denied access. So to circumvent this starting with Windows 2000 Microsoft introduced the sIDHistory attribute. The premise of this attribute is to store the users or groups SID from the previous source domain and append it to the access token along with their new SID. Now users and groups in the midst of a migration could have access to source resources like file servers that have yet to be migrated.

Rutter Networking Technologies, Inc. will be joining VMware associates at Gillette Stadium on Thursday,  January 19, 2012 for the New England VMUG Winter Warmer. VMware has revolutionized the way businesses and people solve IT challenges through the innovation of cloud infrastructures and management platforms.   Learn about the latest virtual technology. Hear from the leading industry experts. Get a deeper understanding with our hands on labs and take advantage of the opportunity to network with over 1100 people. Join us at the New England VMUG.

Check Point has recently announced the release of Endpoint Security, E80.30. This release has resolved several issues that were present in E80.20 and also introduced some new features that should prove to be useful in the future. Two features of the E80.20 are Virtual Groups and Media Encryption & Port Protection Support.

This document will provide an overview of Microsoft Transporter Suite which allows for the coexistence of IMAP Messaging environments and Microsoft Exchange 2007. I will focus on coexistence in this article and will separately discuss about migration in a different article. Some companies have requirements for a coexistence solution which will need to last for a couple of months to a year, or even longer. Although it is not recommended to have such a long coexistence period, this requirement typically exists because of the long durations it can take to develop, deploy and migrate existing Notes applications to a separate environment (typically Microsoft Sharepoint).

When planning a Lync deployment, we are finding some customers are running into issues in planning the CPU overhead of their systems. For many people, they are using the “Lync Server 2010 Capacity Calculator” to generate their anticipated system load.

As an administrator faced with the demanding task of an Active Directory migration, you need to know which machines are used by every client, which machines are used by multiple people and which employees log into them. This information can be very useful for support staff in general – but it really becomes a lifesaver when doing an AD migration or consolidation. You do not need a sophisticated third party auditing tool with an expensive support agreement. Just a one line capture script:

At Teched 2011 this year, Microsoft announced the broadened virtualization support of Exchange 2010.

Customers often try to strike the right balance between managing the “threat from within” while at the same time offering their user population access to network resources.  The edge of the network represents a unique opportunity to enforce the company’s security posture and acceptable use policy.   No longer is it sufficient to merely leverage 802.1x to authenticate and grant users access to the network.

vSphere 5 has been out for about a month now and we are all really excited about some of the new features.  The internal Rutter environment has been running View and vSphere 5 for about a month now with no issues (knock on wood!).

A common problem when migrating objects from one forest to another using Microsoft’s ADMT (Active Directory Migration Tool) is the inability of the tool to migrate SID history for windows standard domain global groups such as "Domain User" or "Domain Admins." Typically what happens is in situations where administrators have used these groups to assign permissions such as in file and directories on a file and print server, users no longer have access to these files and directories during the interoperability stage of a migration. This stage is when users, groups and workstations have all been migrated to the new forest, but the application servers still remain in the source domain.