You are here: Windows OS HubActive Directory (Page 2)

Archive for the 'Active Directory' Category

How to Refresh AD Groups Membership Without User Logoff

Posted on September 21st, 2016 · Posted in Active Directory
klist -lh 0 -li 0x3e7 purge

 All administrators know that after a computer or a user is added to an Active Directory group the computer has to be reboot (if the computer account has been added to the domain group) or a user has to be logged off and on again to update group membership or.. read more

Get-ADComputer: Getting Active Directory Computers Info via Powershell

Posted on December 9th, 2015 · Posted in Active Directory, Powershell
All AD computer properties

We go on studying useful PowerShell cmdlets to interact with Active Directory. In our last article, we told about Get-AD User cmdlet that allowed to get any information about AD user accounts. Today we’ll discuss Get-ADComputer cmdlet and its use to get information about computer accounts in Active Directory.

How Automatically Fill Computer Description Field in Active Directory

Posted on September 18th, 2015 · Posted in Active Directory, Powershell
populated computer description fileld in active directory

In this article we’ll demonstrate how to fill the computer information in Active Directory using PowerShell. As an example, we’ll show how to save the information about the computer model in the description field of a computer objects in Active Directory.

Kerberos Token Size and Issues of Its Growth

Posted on August 28th, 2015 · Posted in Active Directory
Large Kerberos token size

Recently I’ve faced a quite interesting problem when some users are unable to authenticate on some domain services due to the Kerberos token oversize. In this article, we’ll try to consider the peculiarities of building the Kerberos token, how a user can define its size and how to extend the.. read more

Get-ADUser: Getting Active Directory Users Data via Powershell

Posted on August 21st, 2015 · Posted in Active Directory, Powershell
get-aduser table view

It’s no secret that from the first PowerShell version, Microsoft tries to make it the main administrative tool in Windows. And it mostly succeeds! Using simple examples, we’ll demonstrate PowerShell features to get different information about Active Directory users and their attributes.

Manage Local Administrator Passwords with LAPS

Posted on August 14th, 2015 · Posted in Active Directory
Local admin password store in Active Directory

The issue of managing built-in accounts on the domain computers is one of the most important security aspects requiring attention of a system administrator. Indeed, you shouldn’t allow using the same local administrator passwords on all computers. There are a lot of approaches to the management of local administrator accounts.. read more

Using LDAP Saved Queries in Active Directory

Posted on June 24th, 2015 · Posted in Active Directory
aduc-with-additional-fields

The Saved Queries in Active Directory Users and Computers (ADUC) console allow to create simple and complex LDAP queries by samples of Active Directory objects. These queries can be saved, edited and transferred to other computers. Using the Saved Queries, you can deal with search and sampling of AD objects.. read more

Allow non-administrators RDP Access to Domain Controller

Posted on June 4th, 2015 · Posted in Active Directory
you need remote desktop services rights

By default, only the members of Domain Admins group have the remote RDP access to the domain controllers. In this article we’ll show how to grant domain users  RDP access to the domain controllers.

Configuring Network Devices Authentication using Active Directory

Posted on May 14th, 2015 · Posted in Active Directory
New RADIUS client

When servicing large networks, system administrators often face authentication problems on the network devices. In particular, it is quite hard to arrange normal work of several network administrators under individual accounts on a large amount of equipment (you have to support and keep up to date the database of the.. read more

Using GPResult to Diagnose Group Policies Issues

Posted on November 6th, 2014 · Posted in Active Directory
Genereate GPResult html report

GPResult.exe is a console utility that allows to analyze settings and diagnose group policies that applied to a computer and/or user. In particular, GPResult helps to obtain the Resultant Set of Policy (RSOP), the list of the applied domain policies (GPO), their settings and the detailed information on the errors.. read more