Search This Blog

Tuesday, October 25, 2005

Finally at home, and what do I do.... Part 2

Ok, I started the installations and couldn't decide what to install so I installed this:
-4 DCs, SMS, MOM, Exchange, ISA, SPS, MIIS, SQL, Storage and a bunch of clients.
Well, you're right the clients are not that interesting - but you need to have them for a reality check (more info on this further down). Totally there is 12 servers with a connected "home-SAN" + clients.

To be honest I'm not done yet... I think.... Why?
Well, since I'm rarely at home with Carola (girlfriend) I was feeling guilty after a while... Come on! You know how it is, right? In regards of "reality check" I mean that I haven't fully tested all functionality yet, but trust me, if there is something wrong that will cause the clients to fail I will have a "support call" pretty soon! Yep, you guessed it, the laptop that Carola is using is part of this network, and she will go online any minute now :)

If you're interested in the procedure to do a full forest recovery search here. The reason I just post a URL is that if I would write a step-by-step, I wouldn't have time to finish my wine in this "oh-so-boring-hotel-bar" until it's time to go back to Sweden... :)

Saturday, October 22, 2005

Finally at home, and what do I do....

Ok, woke up this morning and thought... Wouldn't it be fun to do a forest recovery again? Well, kind of fun, but since I do a forest recover every other month I need to make it harder this time.
How can I make it harder? Well, first I backed up my vital data of course, totally redesign my network, installed a bunch of servers I don't need, you know SMS, Exchange, MIIS, SPPS and other more or less fun systems from MS...
I'll be done in a couple of hours and then I will break it in a major way :)

So, if you ever feel like you have too much time on your hands, this will certainly kill a couple of hours! :)

I'll post the results when I'm done...

Thursday, October 20, 2005

Windows and Linux

Most people that discuss Windows vs. Linux should get the facts straight.... The discussions tends to be more like "mine-is-better-than-yours" type of thing, and I'm sick of it!

If you're interested in more than just b*tch about it, then read this!

Port D3D in Windows - Decimal to Binary to Hex...

Ok, I usually say port D3D when I talk about Windows Terminal Services. This often gets me into discussions about hex conversions, again.... :) The reason I use D3D is because I think it's easier to remember than the actual port number, and yes I'm talking about RDP and port 3389 if you don't want to read it all ;)

So how did 3389 become D3D?

-- 1. Convert the decimal number 3389 into binary, 3389 = 110100111101 in binary.

-- 2. Convert the binary number into hex, 110100111101 = D3D in hex.

If you want me to break it down in detail, this is how I did:

-- 1. Created a table in order to convert 3389 into binary:


This is the same as 2048+1024+256+32+16+8+4+1 which gives us 3389.

-- 2. I then took 110100111101 and broke it down into three clusters:
1101 – 0011 – 1101 which is equal to 13 - 3 - 13 in decimal.

-- 3. Then I convert each cluster into hex:
13 = D, 3 = 3, 13 = D which gives us D3D!

Isn’t math beautiful! :)

Monday, October 17, 2005

Great Italian food in Stockholm

After the UG meeting I took Jesper Johansson, Michael Anderberg, Fia (aka Fido) Lindström and my girlfriend Carola Mattsson out for dinner at Bohemia by Mancini. I just love this restaurant, all the staff and their food can be summed up in one word; FANTASTIC!

Well, if you ever have been out eating with me in Stockholm, you know that this is the place to go. It’s absolutely my favorite place; some people call it my home since I try to go there as much as possible when I’m at home in Sweden.

So what would I recommend?
Ask them if you can visit the wine cellar, they have some really good ones – But they might be spoken for since I have my own rack in their cellar :)
Then be sure to have enough time when you go back to the restaurant, since I recommend the tasting menu. Trust me; it will give the word “dinner” a whole new meaning...

So, what did we do then?
Well, read above...... :)

Carola and Fido (aka Fia) were a bit concerned that the “dinner discussions” would be too geeky and all about bits and bytes... Well, to be honest every “normal” human would.... Me and Jesper (both likes to discuss SDDL as an example) at the same table.... Then add Michael and you should be very concerned.... BUT we actually managed to keep ourselves from getting too technical (or the word geeky might be a better choice...)

To sum it up:
  • Great wine

  • Great food

  • Fun discussions

  • Lovely company - hey, I’m talking about the girls here... ;)

Usergroup meeting

Now this UG (no name yet) is born!

We decided to create a mailinglist, Sharepoint site and have a meeting once a month to start with. We will keep this UG informal and use it as a forum to discuss ideas about infrastructure, mostly Microsoft but also other vendors. Why? Because that’s real-life!

It was really fun and we had some great discussions with Jesper Johansson about security and other fun things as SDDL and the undocumented stuff ;)
Of course I will blog about SDDL as the true geek I am – but I just haven’t found time to do it yet….

What if I would like to join this UG?
  • Sorry, there is not yet an official site (or whatever) to sign up. BUT keep an eye on this blog and I’ll post information as soon as it is available.

Thanks to all of you that took time on a Saturday and showed up at the meeting!

Tuesday, October 11, 2005

My AD troubleshooting course is now available as an open course!

This course provides students with the knowledge and skills necessary to troubleshoot a Microsoft Active Directory infrastructure in an enterprise environment.
This course is intended for senior support professionals, architects, engineers and consultants responsible for maintaining a Microsoft Active Directory environment.
This course requires that students meet the following prerequisites:

  • MOC course 2279 - Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

  • Hands-on experience of troubleshooting Microsoft Active Directory environments.
Trainer and Training Center Qualification
Only trainers and training centers authorized in writing by Quality Advice AB may deliver this course. If the trainer and/or training center can’t prove authorization in writing, please contact Quality Advice AB at, as the course materials are being used illegally.

The course is designed by Jimmy Andersson, Principal Advisor at Quality Advice AB. More information about courses and consultancy, please contact Quality Advice AB at

Overview of course material

Module 1
  • Active Directory Data Store

  • DSA

  • Database Layer

  • ESE

  • Data Store Protocols

  • Data Store Physical Structure

  • Security Descriptor

  • Database Issues

  • Database and Log File Tasks

  • Database Integrity
Module 2
  • Object Deletions

  • Lingering Objects

  • Tools
Module 3
  • Account Lockout Troubleshooting

  • Monitoring Account Lockout

  • Analyzing Information

  • Account Lockout Tools
Module 4
  • FRS Architecture

  • FRS Physical Structure

  • FRS Objects in Active Directory

  • FRS Troubleshooting
Module 5
  • DFS-Related Architecture on DCs

  • DFS Physical Structures and Caches on DCs

  • DFS Troubleshooting

Module 6
  • Replication Architecture

  • Replication Subsystem

  • Replication Model

  • Replication Sequence

  • Data Updates

  • Identifying Replication Partners
Module 7
  • Replication Monitoring Tools

  • Replication Troubleshooting
Module 8
  • FSMO

  • FSMO Failures
Module 9
  • PDC Load Management

  • PDC Emulator Load Reduction

  • Symptoms of Overload

  • Steps to Optimize PDC

  • Load Reduction Techniques (DNS)

  • Load Reduction Techniques (WINS)

  • Block Enumeration
Module 10
  • Non-Authoritative Restore

  • Authoritative Restore

  • Forest Recovery

MVP status

Yep, it's now official. I got awarded Microsoft MVP for Directory Services this year again! :)

My MVP profile:

Monday, October 10, 2005

Binary to Hex values for dummies...

Binary to Hex values for dummies...

I tend to get questions about Hex pretty often. So I thought – why not write something short to get people to understand more about hex?
Since I’m stuck at the hotel bar, now would be the perfect time to do it! :)

Prereq – you should know how binary values work.

You all know that hex uses letters (A-F), which is mind-boggling in itself. But if you think about it, it’s rather simple:
A = 10
B = 11
C = 12
D = 13
E = 14
F = 15

Since hex will use four bits and give it a value it only goes up to F, why? Cause 1111 in binary equals 15 (8+4+2+1). Now you might think – Hey, that’s simple! What’s all the fuzz about? Well, as everything fun in life – there are exceptions. But I will not go into that now, just accept that and read on ;)

Ok, how can I use hex to make binary easier (shorter)?
Let’s take an example, if I want to write the binary number 1010 in hex I simply convert it to decimal which is 10 thus is the binary number 1010 the same as A in hex.

Let’s make it more interesting, lets say I have this binary number 00111101. So first we break it down into this 0011 – 1101 which gives us 3 and 13 converted to hex that would be 3d, starting to get the idea?

So now the final imaginary example:
1111011001110001100011001111 – once again I break it down into clusters:
1111 = F, 0110 = 6, 0111 = 7, 0001 = 1, 1000 = 8, 1100 = C, 1111 = F so the answer would be:

So, now you know how to take binary values and convert them into hex values. End of lesson 1 :)

Ps. You can also do it in reverse order if you want. And if you want to be a real geek, then use the ASCII table to write words ;) Ds.


AD and LDAP compliance

I often get the question if Active Directory is LDAP compliant. Well, I could start ranting here but I won't. Instead I'll just direct you to the Active Directory LDAP Compliance paper:

This paper discuss the following:
- What is LDAP?
- What does it mean to be LDAP compliant?
- AD's LDAP compliance
- Compliance misconceptions
- Directory Interoperability

So, if you want to learn more about LDAP compliance I recommend to start with this paper. If you're a geek like me :) there's always a bunch of RFCs to read...

Mr. Andersson you are delaying the flight.....

Yep, they said it again!

For those of you who know me, I really s*ck when it comes to be on time at the airport. I was supposed to be up at 5am this morning, but what happens..... The cab driver called and woke my girlfriend and she woke me up, so as usual I threw some clothes in the bag, grabbed my laptops (yes, it's laptopS) and told the driver:
"Hurry up - I'll pay any speeding ticket, just get me there asap"....

Got to check-in, I was too late so they had to call the gate and ask them to wait for me. After security check I had to run like my a** was on fire, and heard "Mr. Andersson, please hurry to the gate. You are delaying the flight!" over and over on the PA.

Ok, I made the flight. Landed in Helsinki, Finland just to realize I took the wrong currency with me.... No biggie, just change from USD to Euro. Got into the cab when I realized that I didn't know which office to go to, HP have two offices in Helsinki but no one told me that....
Told the cabbie, go to the closest one and I can go in and ask. Yep, you're right - of course it was the wrong office....

But I made it eventually, and now I'm here to start my consultant gig where I'm helping HP with a migration/company split. So it looks like I will spend most of my time in Finland the rest of the year. :)

Saturday, October 08, 2005


I've started a new UG in Sweden! So far the interest have been good, we are now a core team of about 20 people which include Microsoft staff and people from different companies.

The first meeting will take place on the 15th of October at Humandata's office in Stockholm ( Since this is the first meeting we will discuss how to proceed, maybe set up a Sharepoint site for members and so on... And I'm glad to say that the first guest speaker will be Jesper Johansson from Microsoft Security Business Unit (or at least that is what it used to be called before the reorg) in Redmond.

I've already secured speakers from the UK and US for the next meeting! :)

I will post a URL where people can sign up for the usergroup as soon as we have finalized how to proceed.

My first post!


This is my first blog ever. Still haven't figured out what to write about, but it'll come to me eventually....

So who am I? Well I'm a Microsoft Directory Services and Security MVP based in Sweden, when I say based I mean that I live there, but since I'm almost always on the road and my new nickname according to Sean O'Driscoll at Microsoft is now "Jimmy The Global Swede" I leave it at that.

So, expect to be reading about conferences, bad airlines/hotels and technology on this site. :)