Hello all.  Eric here again.  OK, so maybe the title of this blog post isn’t the best, primarily because there could be a ton of reasons why some DC’s might not be able to sync time with the PDCE.  Some obvious examples would be port blockages, connectivity issues, DC’s set to “NoSync”, VM’s syncing to their host, maybe a broken IPSec policy on the DC, and a lot of other reasons.  I ran into what I thought was an interesting scenario today ... [More]

Greetings All. Eric here again. Recently I was doing an ADRAP remediation and one of the High Risk findings that the tool found was "Multiple Copies of a Primary zone Stored in Different Locations". In this environment all of the DC's were Windows Server 2008 R2. I've seen this finding on the ADRAP report a number of other times where the same zone was in the ForestDNSZones, DomainDNSZones, and Domain partitions, among other file based zones across different DC's all at the same time in some pre... [More]