You are here: Windows OS HubActive Directory (Page 2)

Archive for the 'Active Directory' Category

Get-ADUser: Getting Active Directory Users Data via Powershell

Posted on August 21st, 2015 · Posted in Active Directory, Powershell
get-aduser table view

It’s no secret that from the first PowerShell version, Microsoft tries to make it the main administrative tool in Windows. And it mostly succeeds! Using simple examples, we’ll demonstrate PowerShell features to get different information about Active Directory users and their attributes.

Manage Local Administrator Passwords with LAPS

Posted on August 14th, 2015 · Posted in Active Directory
Local admin password store in Active Directory

The issue of managing built-in accounts on the domain computers is one of the most important security aspects requiring attention of a system administrator. Indeed, you shouldn’t allow using the same local administrator passwords on all computers. There are a lot of approaches to the management of local administrator accounts.. read more

Using LDAP Saved Queries in Active Directory

Posted on June 24th, 2015 · Posted in Active Directory
aduc-with-additional-fields

The Saved Queries in Active Directory Users and Computers (ADUC) console allow to create simple and complex LDAP queries by samples of Active Directory objects. These queries can be saved, edited and transferred to other computers. Using the Saved Queries, you can deal with search and sampling of AD objects.. read more

Allow non-administrators RDP Access to Domain Controller

Posted on June 4th, 2015 · Posted in Active Directory
you need remote desktop services rights

By default, only the members of Domain Admins group have the remote RDP access to the domain controllers. In this article we’ll show how to grant domain users  RDP access to the domain controllers.

Configuring Network Devices Authentication using Active Directory

Posted on May 14th, 2015 · Posted in Active Directory
New RADIUS client

When servicing large networks, system administrators often face authentication problems on the network devices. In particular, it is quite hard to arrange normal work of several network administrators under individual accounts on a large amount of equipment (you have to support and keep up to date the database of the.. read more

Using GPResult to Diagnose Group Policies Issues

Posted on November 6th, 2014 · Posted in Active Directory
Genereate GPResult html report

GPResult.exe is a console utility that allows to analyze settings and diagnose group policies that applied to a computer and/or user. In particular, GPResult helps to obtain the Resultant Set of Policy (RSOP), the list of the applied domain policies (GPO), their settings and the detailed information on the errors.. read more

Additional Account Info Tab in AD Users And Computers Console

Posted on August 13th, 2014 · Posted in Active Directory
Additional Account Info tab on ADUC windows 2012 r2 x64

Many administrators are familiar with Additional Account Info tab since there have been AD domains based on Windows Server 2003. It is to be reminded that the Additional Account Info tab to appear in the User Properties of Active Directory Users and Computers (ADUC) console, you had to download Windows.. read more

Troubleshooting: Identify Source of Active Directory Account Lockouts

Posted on June 25th, 2014 · Posted in Active Directory
Active Directory Account Lockout Policies

An account security policy in most businesses requires mandatory Active Directory user account lockout if the password has been entered incorrectly n times. Usually an account is locked for several minutes (5-30), when a user can’t log in the system. In some time defined by the security policies, the account.. read more

Java Settings Management with Group Policies

Posted on June 20th, 2014 · Posted in Active Directory
java security level: very high

Today we’ll deal with the configuration peculiarities of Java SE centralized security settings on corporate computers using Windows group policies (GPO). These policies should prevent downloading and running untrusted Java applets and ActiveX objects on corporate computers.

Password Security with Group Policy Preferences

Posted on May 14th, 2014 · Posted in Active Directory
32 byte AES key for encrypt passwords in GPP

Group Policy Preferences (GPP) is a powerful Windows group policy extension that makes setting and management of the park of computers easier and is a sort of substitution to different scripts in GPO. One of the GPP opportunities is to manage passwords of local and service accounts widely used by.. read more