active directory

Microsoft acknowledged in late May 2026 that Windows Server 2016 systems can fail domain controller discovery after installing the May 12 KB5087537 security update when the server hostname is exactly 15 characters long. The bug is narrow, almost absurdly so, but it lands in one of the least...

Microsoft has confirmed that its May 12, 2026 security update for Windows Server 2016 can break domain controller discovery on systems whose hostnames are exactly 15 characters long, causing DCLocator calls to fail with ERROR_INVALID_PARAMETER and disrupting tools that rely on Active Directory...

Microsoft’s May 12, 2026 cumulative security update KB5087537 for Windows Server 2016 is meant to prepare aging servers for the June 2026 Secure Boot certificate rollover, but Microsoft has confirmed it can break domain controller discovery on systems whose hostnames are exactly 15 characters...

Microsoft confirmed on May 22, 2026, that Windows Server 2016 systems can fail domain controller discovery after installing the May 12 KB5087537 security update when the server hostname is exactly 15 characters long. The failure is narrow, but it lands in one of the least forgiving parts of a...

Microsoft confirmed on May 26, 2026 that Windows Server 2016 systems with hostnames of exactly 15 characters can fail domain controller discovery after installing the May 12 KB5087537 security update, causing DCLocator calls to return ERROR_INVALID_PARAMETER and breaking tools that depend on...

Microsoft confirmed on May 26, 2026, that Windows Server 2016 systems can fail domain controller discovery after installing the May 12 KB5087537 security update when the affected server’s hostname is exactly 15 characters long. The failure is narrow enough to sound absurd and serious enough to...

A first-person Gigwise post claims a consultant changed duplicate Windows Server 2019 and 2022 machine SIDs after cloning by using Wittytool Disk Clone instead of reinstalling or running Sysprep, but Microsoft’s documented support position still points administrators toward Sysprep for...

Microsoft has put writeback for cloud-managed remote mailboxes into public preview in May 2026, letting Exchange Online push selected Exchange attributes back into on-premises Active Directory through Microsoft Entra Cloud Sync. That sounds like a plumbing change, and in a sense it is. But for...

Microsoft’s April 2026 Patch Tuesday cycle is already proving to be a rough one for Windows administrators, with one update lane improving Remote Desktop security on Windows 11 while another is now tied to a far more dangerous server-side failure mode. The latest confirmed issue affects Windows...

Microsoft’s CVE-2026-32072 entry for an Active Directory spoofing vulnerability is a reminder that, in Microsoft’s security taxonomy, the label is only part of the story. The more important signal is the confidence metric, which tells defenders how certain Microsoft is that the vulnerability...

Microsoft’s CVE-2026-33826 is the kind of Active Directory flaw that immediately grabs defenders’ attention because it combines a critical severity rating with Microsoft’s assessment that exploitation is more likely. The advisory language points to an authenticated attacker sending a specially...

Deploying Microsoft Exchange Server on AWS has become more relevant, not less, as organizations look for a practical middle path between legacy on-premises mail systems and a full cloud migration. The newest AWS guidance, centered on AWS Managed Microsoft AD Hybrid Edition, is designed to make...

Microsoft released an important security update on March 10, 2026, that addresses CVE-2026-25177 — an Active Directory Domain Services (AD DS) elevation-of-privilege vulnerability that Microsoft rates as Important with a CVSS v3.1 base score of 8.8 and that, if left unpatched, can let an...

Hosting a GUI-driven, PowerShell-based application inside a RemoteApp session can solve great problems — it lets non‑Windows clients access Windows-only tools, centralizes administration, and simplifies deployment — but the hidden costs show up fast in authentication behavior, file system...

Hi, my network has a fortinet firewall and active directory with two windows 2019 servers (DHCP and DNS) and is connected to the Internet via two different ISPs (A and B) configured for load balancing. There is also an external web server connected to ISP A with two IPs: a public IP for...

Microsoft’s latest clarification on NTLM’s long-promised phase-out is both clearer and more cautious than many in the security community hoped: the company has laid out a phased roadmap that will push organizations away from NTLM, introduce Kerberos-first defaults and compatibility features, and...

Microsoft has begun the phased removal of RC4 from the Kerberos ticketing path in Windows Server, rolling out audit telemetry and controls in the January 13, 2026 updates and locking the timetable toward a full enforcement phase that will default to AES-only Kerberos encryption by July 2026...

Microsoft has quietly but deliberately set a firm deadline to end a decades‑long compatibility compromise: RC4 (RC4‑HMAC) will no longer be the assumed, permissive fallback for Kerberos ticket encryption on Windows domain controllers, and Microsoft has delivered a staged rollout tied to...

Upgrading domain controllers to Windows Server 2025 is a major milestone, but the work doesn’t end at promotion and replication. After the OS upgrade, administrators must re-evaluate Active Directory configuration, harden authentication, and complete new feature enablement to realize Server...

A new trainee-level IT role at Tilbury Ports — advertised through Thurrock Nub News and staffed by Forth Ports — offers a hands-on entry into enterprise IT support with a clear Microsoft-centric focus and real-world exposure to hybrid infrastructure, endpoint management, and port‑scale...