Quite often when creating new Organizational Units (OUs), an Active Directory administrator has to create a structure of nested containers inside a new OU. For example, when a company opens…
In this article, we will show how to install software on user computers in an Active Directory domain using GPO. The built-in Windows GPO features allow you to deploy programs…
In this article, we will look at how to change (reset) the password of one or multiple Active Directory users using the Active Directory Users and Computers graphical snap-in (ADUC),…
Active Directory Users and Computers (ADUC or DSA.msc) is one of the most commonly used tools for managing objects in an Active Directory domain. You can install ADUC on both…
By default, when you create new Active Directory users, they are automatically added to the Domain Users group. In its turn, the Domain Users group is added to the local…
GPO logon scripts allow you to run a BAT or PowerShell script at computer startup or user logon/logoff. In some cases, an administrator wants a particular script (command/program) to be…
The Group Policy Central Store is located in the SYSVOL directory on the domain controllers, replicated between them, and used to store ADMX/ADML GPO template files used to manage Active…
In this article, we’ll look at how to delegate administrative permissions in the Active Directory domain. Delegation allows you to grant the permissions to perform some AD management tasks to…
You can store various useful information in the description of computer objects in Active Directory. For example, information about the computer model, hardware inventory, or the last logged-on username. In…
UserAccountControl is one of the most important attributes of the user and computer objects in Active Directory. This attribute determines the state of the account in the AD domain: whether…