Active Directory

Most AD administrators use the repadmin (appeared in Windows Server 2003) and replmon (must be copied from Support Tool for WS2003) console tools to monitor and control Active Directory replication.…

GPResult.exe is a console administrative tool designed to analyze and diagnose group policy settings that are applied to a computer and/or user in the Active Directory domain. In particular, GPResult…

In this article, we’ll look at PowerShell features to manage Active Directory domain groups. We’ll see how to create a new group in AD, add users to it and remove…

We continue to study useful PowerShell cmdlets to retrieve information from Active Directory. In one of the previous articles, we talked about Get-AD User cmdlet, which allows you to get…

In this article, we’ll look at how to configure Kerberos authentication for different browsers in a Windows domain to enable transparent and secure authentication on web servers without the need…

Let’s see how to track who reset the password of the particular user account in Active Directory using domain controllers security logs.

For the first time the functionality of read-only domain controller (RODC) was introduced in Windows Server 2008. The main task of the RODC technology is the secure installation of the…

The task of finding a user or group name in Active Directory using wildcard, regular expression or pattern is not as evident as it seems. The matter is that by…

In this article, I have tried to collect all major organizational and technical rules of using privileged / administrative accounts in the organization to improve security in the Windows network.…

By default, only the members of Domain Admins group have the remote RDP access to the Active Directory domain controllers‘ desktop. In this article we’ll show how to grant domain…