Active Directory

In Windows environment, each domain and local user, group and other security objects are assigned a unique identifier — Security Identifier or SID. It is an SID, but not the…

By default, when you create a new Active Directory users, they are automatically added to the Domain Users group. In its turn, the Domain Users group is by default added…

In this article, we’ll take a look on how to manage local administrator passwords on a domain joined computers using the official Microsoft tool – LAPS (Local Administrator Password Solution).…

To protect user accounts in the Active Directory domain, an administrator must configure and implement a domain password policy that provides sufficient complexity and length of a password as well…

WMI filters in Group Policy (GPO) allow you to more flexibly apply policies to clients by using different rules. A WMI filter is a set of WMI queries (the WMI…

The easiest way to create a new user object in the Active Directory domain is to use MMC graphical snap-in ADUC (Active Directory Users and Computers). But if you need…

UserAccountControl is one of the most important attributes of user and computer accounts in Active Directory. This attribute determines the status of the account in the AD domain: whether the account…

Let’s look at how to create a simple administrator notification system when someone adds a new user to the important Active Directory security group. For example you want to track…

Most AD administrators use the repadmin (appeared in Windows Server 2003) and replmon (must be copied from Support Tool for WS2003) console tools to monitor and control Active Directory replication.…

GPResult.exe is a console administrative tool designed to analyze and diagnose group policy settings that are applied to a computer and/or user in the Active Directory domain. In particular, GPResult…