Active Directory

UserAccountControl is one of the most important attributes of user and computer accounts in Active Directory. This attribute determines the status of the account in the AD domain: whether the account…

Let’s look at how to create a simple administrator notification system when someone adds a new user to the important Active Directory security group. For example you want to track…

Most AD administrators use the repadmin (appeared in Windows Server 2003) and replmon (must be copied from Support Tool for WS2003) console tools to monitor and control Active Directory replication.…

GPResult.exe is a console administrative tool designed to analyze and diagnose group policy settings that are applied to a computer and/or user in the Active Directory domain. In particular, GPResult…

In this article, we’ll look at PowerShell features to manage Active Directory domain groups. We’ll see how to create a new group in AD, add users to it and remove…

We continue to study useful PowerShell cmdlets to retrieve information from Active Directory. In one of the previous articles, we talked about Get-AD User cmdlet, which allows you to get…

In this article, we’ll look at how to configure Kerberos authentication for different browsers in a Windows domain to enable transparent and secure authentication on web servers without the need…

Let’s see how to track who reset the password of the particular user account in Active Directory using domain controllers security logs.

For the first time the functionality of read-only domain controller (RODC) was introduced in Windows Server 2008. The main task of the RODC technology is the secure installation of the…

The task of finding a user or group name in Active Directory using wildcard, regular expression or pattern is not as evident as it seems. The matter is that by…