Category Archives: Uncategorized

Garbage in garbage out

Found this nice quotation in “Governance of IT: An executive guide to ISO / IEC 38500” by A. L. Holt:


On two occasions I have been  asked [by members of Parliament], Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?’ I am not able to comprehend the kind of confusion of ideas that could provoke such a question.

\n(Babbage 1864)

Number of connections for full mesh topology

In full mesh topology the number of connections required per given number of nodes grows as a power of 2. General function for the number of connection in full mesh:


x – number of nodes in the network, f(x) – number of connections

So for 2 nodes you need 1 line, for 3 – 3, for 4 – 6, for 5 – 10 etc.  

DNS: Resource Records

Resourse Records (RRs) used to identify objects within DNS hierarchy / basic lookups within specified domain. Key RRs types are following (7):\n\nSOA (Start of Authority) Records – indicate which server is authoritative for that particular zone. Indicate authoritative server for zone which also in charge for processing zone updates. Also contains some critical zone information like TTL interval, contact responsible for DNS etc. Created automatically when DNS is installed for AD DS.\n\nHost (A) Records – most widely used RR type, simply contains name of the host & its IP address. Used to identify IP address of objects.\n\nName Server (NS) Records – identify which computers are name servers for a particular zone (i.e. DNS servers). There can be only one SOA record for a zone but multiple NS records indicating computers against which you may run DNS queries. NS RRs don’t contain IP but simply point to a server A record.\n\nService (SRV) Records – indicate which resources perform particular service. E.g. DCs referenced by SRV records which define specific services like GC, LDAP, Kerberos. SRV records did not exist in original DNS standard, so don’t supported by some old DNS implementations (like UNIX BIND 4.1.x or NT 4.0 DNS). BIND 8.1.2+ supports SRV records.\n\nMail Exchanger (MX) records – indicates resources available for SMTP reception, so that mail send to particular domain forwarded to server/servers indicated by the MX record.\n\nPointer (PTR) RRs – for reverse queries (i.e. lookup for names by IP), stored in reverse lookup zones.\n\nCanonical name (CNAME) Records – server alias, to refer server by multiple names. E.g. friendly name for mail server in addition to its complex name following some naming convention.\n\nLess commonly used RRs:\n\nAAAA – IPv6 A record\n\nISDN – maps DNS name to ISDN phone number\n\nKEY – stores public key used for encryption in particular domain\n\nRP – specifies responsible person for domain\n\nWKS – designates a particular Well-Known Service\n\nMB – indicates host which contains a specific mailbox

AD DS: Tombstone Lifetime

What is it?\n\nThombstone interval is a preconfigured period for AD objects since their last validation of being active. Default value in Windows Server 2008 R2 – 60 days.\n\nFull list of default values:\n\nWindows Version Default TSL\n—————————————-\nWindows Server 2000 – 60 days\nWindows Server 2003 – 60 days\nWindows Server 2003 SP1 – 180 days\nWindows Server 2003 R2 – 60 days\nWindows Server 2003 R2 SP2 – 180 days\nWindows Server 2008 – 180 days\nWindows Server 2008 R2 – 180 days\nWindows Server 2012 – 180 days\nWindows Server 2012 R2 – 180 days (not confirmed)\n\n(thanks for this data goes to Mathias R. Jessen, see his answer to this question on\n\nHow to check current setting?\n\nYou can do it with dsquery command:\n\ndsquery * "cn=directory service,cn=windows nt,cn=services,cn=configuration,dc=" –scope base –attr tombstonelifetime\n\nHow to change?\n\nUse ADSI edit and change tombstoneLifetime value of Directory Service object. Directory Service object reside in configuration partition of AD forest (CN=Configuration,CN=Directory Service, CN=Windows NT, CN=Services, CN=Configuration, DC=domain, DC=com).\n\nWhy shoud I care?\n\nThis interval is used to prevent introduction of lingering objects into your AD DS when you perfroming restore. If you need to restore global catalog then time of your backup should not exceed tombstone interval for successful restore. So if you need to do a restore of AD objects older than 60 days, you should change your tombstone interval setting accordingly.

Windows Server Backup 2008 vs 2008 R2

Just a quick note on differences / improvements in Windows Server Backup in Windows Server 2008 R2. Following are new in R2:

– Ability to back up/exclude individual files and to include/exclude file types and paths from a volume (instead of just full volumes before).

– Improved performance and use of incremental backups

You can now store backups created using a scheduled backup on a remote shared folder or volume. If you store backups on a remote shared folder, only one version of your backup will be maintained. You can also store backups on virtual hard disks.

– Improved options and performance for system state backups and recoveries. Server Backup MMC can be used to perform system state recoveries. Single backup can be used both for system state & data.

– Expanded CLI (wbadmin command) & PowerShell support.

Related TN article: What’s New in Windows Server Backup