The directory system agent (DSA) is a collection of services and processes that run on each Windows 2000 Server and later domain controller and provides access to the data store. The data store is the physical store of directory data located on a hard disk. In Active Directory Domain Services, the DSA is part of the local system authority (LSA) subsystem. Clients access the directory using one of the following mechanisms supported by the DSA. This document provides details about Active Directory Directory System Agent implemenation and practical view of the component. DSA is the primary component for Active Directory LDAP operations and helps Administrators to understand the implementation aspects of the component.
Please follow the below link to download the document , hope it helps !
The SSPI in Windows provides a mechanism that carries authentication tokens over the existing communication channel between the client computer and server. When two computers or devices need to be authenticated so that they can communicate securely, the requests for authentication are routed to the SSPI, which completes the authentication process, regardless of the network protocol currently in use.
Windows Security Support Provider Architecture
You might get excited to run the greatest Network Sniffer utility on Windows 8.1 before you hit a show stopper. The show stopper is huge and possible bug or un support feature in Windows 8.1 of not being able to hook to Network Interface.
The installation of Wireshark goes smooth on Windows 8.1 , when you try to associate Network Adapter , you will be presented with the error message
“There are no interfaces on which a capture can be done” and you might try the well known troubleshooting article http://wiki.wireshark.org/CaptureSetup/CapturePrivileges
but you soon realize , you have executed the executable under Administrator privileges , but still you are unable to associate Network Adapter.
Issue: The issue lies with Winpcap.exe component which is currently unsupported on Windows 8.1
File Version: Wireshark 1.12.0 and WinPcap 4.1.3
Resolution: Assuming the fact that, Administrator has already installed Wireshark, follow the below steps
Step1: Uninstall Winpcap.exe from C:\Program Files (x86)\Winpcap\uninstall.exe
Step2: Navigate to C:\Program Files\Wireshark\winpcap.exe and set the Compatibility level to run under Windows 7 as shown below
Step3: Run the WinPcap executable. Upon successful installation, restart Wireshark and Administrator will be able to bind the Network adapter successfully.
If its a new installation on Windows 8.1, Administrator can set the compatibility level for WinPcap and run the file during installation.
One of the tricky situation of an Active Directory Administrator is User Management. Often they are challenged by the scenarios to extract user info , export user data from an OU to other or export User attributes from one Active Directory domain to other. Below sript is targetted to extract user information from an OU.
Export Single User Active Directory Attribute.
ldifde -f UserAttribute.ldf -s <Source DC FQDN> -d “CN=Standard Worker,OU=Research,DC=Innovative,DC=com” -p subtree -r “(&(objectCategory=person)(objectClass=User)(givenname=*))” -o “badPasswordTime,badPwdCount,lastLogoff,lastLogon,logonCount, memberOf,objectGUID,objectSid,primaryGroupID,pwdLastSet,sAMAccountType”
The above script dumps Standard Worker attributes to UserAttribute.ldf. Before exporting the .ldf, Administrators has to perform the following
a) Remove the legacy domain DN and replace with target domain DN . In our example DC=innovative, dc=com should be change to reflect DC=target, dc=com
b)Remove userAccountControl attribute from the export ( userattribute.ldf)
c) Remove Lastlogontimestamp attribute from the export ( userattribute.ldf)
d) Modify the OU path ( if required ) to reflect the user target OU.
Import the dump using
ldifde -i -f <file path> -s <destination AD FDQN>
Applies to: Windows 8.1
The following article is applicable to Windows 8.1 PC configured in Workgroup mode. The procedure would change when Windows 8.1 is configured in Active Directory Domain.
I have published a two part article on Managing User accounts using Advance User accounts control panel on Windows 8.1. This article would give pictorial representation of the examples for managing User accounts. The example demonstrated is on Windows 8.1 configured in Workgroup mode.