I found out this morning that I was awarded the Microsoft Most Valuable Professional (MVP) designation for 2013. This is the 6th year that I have been designated as a Microsoft MVP in the Directory Services expertise.
Category Archives: Publications
MVP Again for 2012
I found out this morning that I was awarded the Microsoft Most Valuable Professional (MVP) designation for 2012. This is the 5th year that I have been designated as a Microsoft MVP in the Directory Services expertise. It’s truly humbling!
Microsoft Lync Server 2010: Access the Address Book with Ease TechNet Magazine Article Published
One of the real benefits of Microsoft Lync Server is the seamless manner in which you can access the updated address book from any device.
Published in the February 2012 issue of Microsoft TechNet Magazine. The article can be found here: http://technet.microsoft.com/en-ca/magazine/hh824722.aspx.
Lync Server 2010: Archiving Essentials TechNet Magazine Article Published
The need to properly and securely archive content has risen greatly over the last few years with compliance issues. Microsoft Lync Server 2010 can help.
Published in the July 2011 issue of Microsoft TechNet Magazine. The article can be found here: http://technet.microsoft.com/en-us/magazine/hh328432.aspx.
RMT’d MCITP Self-Paced Training Kit (Exam 70-647): Windows Server® 2008 Enterprise Administrator (2nd Edition)
The MCITP Self-Paced Training Kit (Exam 70-647): Windows Server® 2008 Enterprise Administrator (2nd Edition) RTM’d last week. Similar to the1st edition, I was involved as a coauthor on this Training Kit.
Additional information on the Training Kit can be found at http://oreilly.com/catalog/0790145316622/.
Microsoft Lync Server 2010: Provisioning Mechanisms TechNet Magazine Article Published
There are many ways to provision Lync Server, each with varying degrees of capability and flexibility. It’s important to be familiar with all of them.
Published in the May 2011 issue of Microsoft TechNet Magazine. The article can be found here: http://technet.microsoft.com/en-ca/magazine/hh219341.aspx.
MVP Again for 2011
I found out this morning that I was awarded the Microsoft Most Valuable Professional (MVP) designation for 2011. This is the 4th year that I have been designated as a Microsoft MVP in the Directory Services expertise. It’s truly humbling!
Talk TechNet Webcast: Episode 15: John Policelli on Directory Services
I was a guest speaker on Talk TechNet yesterday. I enjoyed the live Webcast and appreciate the questions that came in. The hosts, Keith Combs and Matt Hester, were a blast as well. In case you missed it, the Webcast is now available for download here. You can also check out more details on the Webcast by going to the Talk TechNet blog:
Installing RSAT on Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2
I came across a TechNet Wiki, which is a good read for anyone planning to install RSAT. The Wiki can be read here:
What you need to know before delegating permissions to AD create objects
Do you plan to delegate the permission the create Active Directory objects? Did you know doing so provides the ability to escalate privileges and facilitates stale object ownership?
How much disk space can be reclaimed with an offline defrag?
Want to know whether or not an offline defragmentation of your Active Directory Domain Services (AD DS) database will reclaim disk space? If so, change the garbage collection logging level on your domain controllers.
Follow Me
I’m now using Twitter…http://twitter.com/johnpolicelli
TechNet Magazine Article “AdminSDHolder, Protected Groups and SDPROP” Finally Updated
As I’ve mentioned on my blog before, a TechNet Magazine article that I wrote had some errors in it. When I was informed of these errors, I fixed them and asked the TechNet Magazine team to revise the online version of this article. This was a few weeks after it was published. After several repeated attempts, and several months, the online version of this TechNet Magazine article has been updated.
The link to the article is http://technet.microsoft.com/en-us/magazine/2009.09.sdadminholder.aspx.
Some additional information on this subject:
TEC 2010 Presentation: In Depth Look at AdminSDHolder, Protected Objects, and SDPROP
For those of you that are interested, the presentation I gave at The Experts Conference 2010 in L.A. last week can be downloaded from http://policelli.com/Files/TEC2010_John_Policelli_AdminSDHolder_ProtectedObjects_SDPROP.pdf.
You can also find more information on this topic on my blog post: http://policelli.com/blog/?p=136
Thank you Active Directory Documentation Team Blog
The Active Directory Documentation Team blog has a post on it titled Other places to find good information. The post states:
I want to take the opportunity to thank the people who are out there providing information everyday to people using Active Directory. As I say thank you, I will link to their sites, so our readers can find them easily
I was pleased to see Kurt Hudson included me on this ‘thank you.’
Thanks Kurt 
Clearing the Air: My TechNet Magazine Article – AdminSDHolder, Protected Groups and SDPROP
As I’ve mentioned on my blog before, a TechNet Magazine article that I wrote had some errors in it. When I was informed of these errors, I fixed them and asked the TechNet Magazine team to revise the online version of this article. This was a few weeks after it was published. However, after repeated attempts, the TechNet Magazine article has not been revised (I sent another request today).
As you may know, I presented at The Experts Conference 2010 a few days back. I came across a recent post on a well known mailing list, where someone that I assume attended my presentation ridiculed me for referencing the TechNet Magazine article. In hindsight, it probably wasn’t a good idea for me to provide a link to the TechNet Magazine article in my TEC presentation when the errors have not been fixed yet.
So, in my effort to clear the air…
MVP Again for 2010
I found out this morning that I was awarded the Microsoft Most Valuable Professional (MVP) designation for 2010. This is the third year that I have been designated as a Microsoft MVP in the Directory Services expertise. It’s truly humbling!
One of the many perks with the MVP program is the Executive Recognition Letter, which is Microsoft’s way of having MVP’s “expert participation recognized more broadly in the form of a letter from Rich Kaplan, Corporate Vice President of Customer and Partner Advocacy, that outlines the impact of the MVP program and the significance of the MVP Award.”
In previous years, I haven’t shared this letter too much, but I thought I would this time around. The letter is below:
I’m presenting at The Experts Conference (TEC) 2010 in Los Angeles
I was very happy to hear that I was selected to present at TEC 2010 in Los Angeles.
TEC was previously known as DEC (Directory Experts Conference). The conference has been expanded to include training on Exchange and SharePoint, and effectively renamed to TEC. Here’s a snippet for the TEC 2010 Website:
For the 9th consecutive year, the TEC team will deliver expert-led, 400-level training on vital Microsoft technologies. In addition to its highly-acclaimed training on Microsoft Directory & Identity technologies, TEC 2010 will bring back a full agenda of Exchange training, staging the world’s leading authorities on Microsoft’s powerful messaging platform. And, this year, for the first time ever, we are pleased to introduce an entirely new TEC for SharePoint training conference!
I will be presenting in the Directory & Identity track. My session is called An In-Depth Look at AdminSDHolder, Protects Groups, and SDPROP.
Here is the abstract for my session:
Active Directory includes a number of built-in controls, which collectively provide an additional level of security for members of privileged groups. Even though these controls have been in place since the inaugural release of Active Directory a decade ago, administrators are still impacted by this functionality regularly. In this session, John Policelli will dive into the AdminSDHolder object, Protected Groups, and the Security Descriptor Propagator. Real-world examples, demos, and theory will be used to provide you with a comprehensive understanding of how these built-in controls interoperate and how you can use them to further secure members of privileged Active Directory groups.
I’ve attended DEC/TEC for several years, and it has proven invaluable each time. I have yet to find any comparable conferences. For more information on TEC 2010, please go to http://www.theexpertsconference.com/. I hope to see you there!
Enterprise IT Planet Article Published: Windows Server 2008 R2: Introducing the AD Recycle Bin
The Active Directory Recycle Bin is a handy new feature in Windows Server 2008 R2. Once enabled, it is now easier to recover accidentally deleted Active Directory objects.
Enterprise IT Planet Article Published: The New AD Domain Services in Windows Server 2008 R2
Windows Server 2008 R2, released to manufacturing in July, introduces a number of new features, including a host of new Active Directory Domain Services features. We look at the seven that pack the most powerful punch.
Windows 7: Will you or won’t you
A Computer World Canada feature, Windows 7: Will you or won’t you, on Windows 7 adoption in Canada ran today following an interview with me. The story interviews a number of IT Managers across industries and business environments to present an overview of business’ approach to Windows 7.
“Introducing the Active Directory Recycle Bin in Windows Server 2008 R2” Article Published on informIT.com
One powerful feature in Windows Server 2008 R2 is its ability to recover objects from Active Directory, which is very handy in those "Uh oh" moments. John Policelli, author of Active Directory Domain Services 2008 How-To, explains what the Active Directory Recycle Bin does and how to use it.
Read the online article by going to: http://www.informit.com/articles/article.aspx?p=1374789
AdminSDHolder, Protected Groups and SDPROP Article Published in TechNet Magazine
Are you having problems with Access Control Lists and permissions? It may be related to AdminSDHolder. Learn exactly what AdminSDHolder is, how it works—and how you can tweak it to better meet your organization’s needs.
Published in the September 2009 issue of Microsoft TechNet Magazine.
Active Directory and Active Directory Domain Services Port Requirements MS Document Published
Does this sound familiar…you need to determine the port requirements for Active Directory and you find yourself having to refer to multiple KB articles. Well I have found myself in this situation many times, and I am happy to report that Microsoft has published a document that covers all Active Directory components (i.e. Replication, Trusts, GCs, RODCs, DNS, User and Computer Authentication, Group Policy, and Active Directory Web Services). I personally requested this whitepaper from MS, and helped the MS documentation team create it. The document can be found here: http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx.
How-To Administer Active Directory Domain Services Groups Using Windows PowerShell
I posted an article on the Microsoft Identity and AD blog on Network World’s Microsoft Subnet community.
The blog entry is titled How-To Administer Active Directory Domain Services Groups Using Windows PowerShell and can be read by going to: http://www.networkworld.com/community/node/42601