Active Directory Disaster Recovery Essentials 

Men, you're the best, I can reproduce your content In 1.5 Speed and still understand perfectlly. Amazing!!

Thank you for the video, it was nostalgic to revisit the topic on AD disaster recovery. Just a note on RID master. The RID master in the domain allocates 500 RIDs to each domain controller to enable user creation on any domain controller. Once the DC consumes 250 RIDs, the RID master renews the pool. So the absence of RID master does not immediately effect user creation.

Your content is awesome Andy. Thank you. I appreciate you.

Hi Andy, Thanks for giving the quick response of my questions. It will be helpful to me in my current implementation. You are doing great job for us keep going.

Just as I'm preparing for sc-900 - that is a nice deep-dive. Cheers from Poland.

Really liked this one as DCs are a Tier-0 focus point for us, so getting a better understanding of FSMO Roles was really helpful. One thing I would love you to a walkthrough for if possible, is how to create a basic KQL query in Sentinel, (this much I am fine with) but then create a alert that can then trigger a basic playbook that will be for sending an email to certain teams, like Infra or the SOC team. That way I can use the Playbook for other alerts that I want to be prioritised should they be triggered. Doing this in Advanced Hunting in Defender for Endpoint is made really simple, but not so much in Sentinel. Creating Playbooks is one thing that I am very weak on so would love to have you do an ELI5 type walkthrough for this.

Thanks for making such a valuable content and covering all the topics. would mind sharing the links or where can i find you more videos on Infrastructure and sites that would really helps me alot.

Excellent VDOs Andy, Could you possibly do something on ADRES, if not already done. Thank you. Nadeem

Thanks so much. Can you please show me where you talked about LDAP?

We are having single forest multiple domain infrastructure in our environment

Hi Andy, I have just been tasked with upgrading a very small office network (only four Windows 10 client PCs) plus an sbs2011 DC. As email was migrated to Microsoft 365 (Business Standard) some time ago, ADDS is now the only thing left to migrate. I had initially considered an on-prem (or perhaps hybrid) setup of server 2022 consisting of two DCs (physical + VM). However after watching your videos and realising Azure AD is already somewhat included in the subscription, it seems it would be fairly straightforward to switch to Azure AD. My only concern is that the users won’t be able to log on if the internet connection is down. It would be interesting to hear your thoughts, and if you could also kindly answer the following questions: 1. User’s domain profiles are currently stored on client PCs. Each user has their own main PC on which their ‘master profile’ is saved. However as they have occasionally logged on to each other’s PC’s, separate profiles were created on each PC. Could that potentially cause any issues whereby the server isn’t aware which profile is the ‘master profile’ and would this be determined by whichever profile the user logs in to first (after being changed to a roaming profile in AD). 2. How would the profiles be migrated to Azure AD without losing anything (would a third party tool such as ForensiT be required)? 3. If using Azure AD with user documents stored in OneDrive, would it be possible for each user to also have a home directory, for example stored on a NAS? 4. Is there an add on to the Business Standard licence which would enable endpoint manager in Azure AD? If not which licence would be required? P.S. Thanks for the very informative and well explained videos. I’m looking forward to seeing many more!

Can the Regsvr32 schmmgmt.dll be registered from a workstation? Must it be done from a DC?

Hey Andy, Thanks for your great videos. can u tell me how can i have a demo like lab to try office 365 without payment? i need to learn but it is so expensive.

can you do a windows server installation and active directory set up?

I am having issue with login issue for the users not able to login to other domain

You’d description of the pdc was a little odd to be honest. It’s the most important role and has a lot of functions. Windows recycle bin should only be turned on if you have done your domain functional level upgrade and don’t need to revert back to 2012 for example otherwise your screwed. Considering most people are off 2008 for DCs these days or even 2012 I would not expect this will not wppl6 to a lot