You are here: Windows OS HubActive Directory

Archive for the 'Active Directory' Category

Allow non-administrators RDP Access to Domain Controller

Posted on March 15th, 2018 · Posted in Active Directory
you need remote desktop services rights

By default, only the members of Domain Admins group have the remote RDP access to the Active Directory domain controllers‘ desktop. In this article we’ll show how to grant domain users (non-admin user accounts) RDP access to the domain controllers without granting administrative privileges.

Finding the Source of Account Lockouts in Active Directory domain

Posted on March 2nd, 2018 · Posted in Active Directory
The referenced account is currently locked out and may not be logged on to ….

In this article, we’ll describe how to monitor the events of repeated locks of user accounts on Active Directory domain controllers and determine from which computer and program a lock is being performed. We’ll show some examples of using PowerShell scripts and Windows security events to identify the source of.. read more

Get-ADUser: Getting Active Directory Users Data via Powershell

Posted on February 14th, 2018 · Posted in Active Directory, Powershell
get-aduser table view

It’s no secret that from the first PowerShell version, Microsoft tries to make it the main administrative tool in Windows. And it mostly succeeds! Using simple examples, we’ll demonstrate PowerShell features of the Get-ADuser cmdlet to search for specific user objects in Active Directory domain and get different information about.. read more

Getting AD Accounts Created in the Last 24 Hours

Posted on October 31st, 2017 · Posted in Active Directory, Powershell
getting list of recently created accounts in the active directory

The IT security department asked to develop the simplest audit system that will make up the daily statistics on Active Directory accounts created in the last 24 hours, and the information about who created these accounts in the domain. [contents h2] A PowerShell Script to Get the List of Recently.. read more

How to Find Blocked, Disabled or Inactive Objects in AD Using Search-ADAccount

Posted on September 6th, 2017 · Posted in Active Directory, Powershell
Search-ADAccount out-gridview

Quite an often task of an Active Directory administrator is to make a list of disabled or inactive accounts and computers, or a list of accounts with expired passwords. To do it, you can use either the saved LDAP queries in the ADUC console, or already familiar PowerShell cmdlets, like.. read more

Generating Outlook 2010/2013 Signature Using AD Information

Posted on May 11th, 2017 · Posted in Active Directory, Outlook
Outlook 2010 - generated signature

In this article we’ll show how to automatically create a user signature in Outlook 2010/2013 based on data from  Active Directory. The following scenario will be considered: the first time a new domain user is logged on to the workstation, the PowerShell script automatically generates an Outlook user signature file with.. read more

Fine-Grained Password Policy in Windows Server 2012 R2

Posted on May 5th, 2017 · Posted in Active Directory, Windows Server 2012 R2
Fine Grained Password Policy for domain admins

In Active Directory version introduced in Windows Server 2000, you could create only one password policy for the entire domain. This policy was configured within the standard Default Domain Policy. If the administrator assigned a new GPO with other password settings to the OU, CSE (Client Side Extensions) would ignore.. read more

Temporary Membership in Active Directory Groups

Posted on December 28th, 2016 · Posted in Active Directory, Windows Server 2016
Get-ADGroup ShowMemberTimeToLive

The version of Active Directory in Windows Server 2016 has a number of interesting changes. Today we’ll consider the opportunity to provide users with temporary membership in Active Directory groups. This feature can be used when you need to give specific privileges based on the membership in AD security group.. read more

How to Set Windows User Account Picture From Active Directory

Posted on November 30th, 2016 · Posted in Active Directory, Windows 10
windows account picture from ad thumbnailPhoto

In this article we’ll show how to get a user photo from Active Directory and use it as user account picture in Windows  (displayed on logon and the lock screen, in the start menu, etc.) The algorithm should work as follows: during user logon, the system must receive a user.. read more

How to Import User Photo to Active Directory Using PowerShell

Posted on November 18th, 2016 · Posted in Active Directory, Powershell
import user photo to ad

Among user attributes starting from the version of Active Directory schema in Windows Server 2000, there is a special attribute thumbnailPhoto, in which a user photo (or any other images) can be stored as binary data. Outlook since 2010, Lync, SharePoint (and other applications) can use the data contained in.. read more