Active Directory: Core Concepts, Architecture and Best Practices

When a domain user logs on to Windows, their credentials are saved on a local computer by default (Cached Credentials: a user name and a password hash). This allows the…

In this article we will look at how to find out the date a user was created in Active Directory; how to use PowerShell to get information from the domain…

The version of Active Directory in Windows Server 2016 introduces an interesting feature that allows you to temporarily add a user to an AD security group. This feature is called…

You can use Managed Service Accounts (MSA) to securely run services, applications, and scheduler tasks on servers and workstations in an Active Directory domain. The MSA is a special type…

The Set-ADUser cmdlet allows to modify user properties (attributes) in Active Directory using PowerShell. Traditionally, a graphic MMC snap-in dsa.msc (Active Directory Users and Computers, ADUC) is used to edit…

You can access the data in an Excel file directly from within PowerShell. Although PowerShell has built-in cmdlets for importing (Import-CSV) and exporting (Export-CSV)  tabular data from/to CSV files, the…

Information security best practices require the computer screen to be locked when the user is inactive (idle) for some time. A Windows user can lock the computer screen themselves (using…

The password policy in an Active Directory domain specifies basic security requirements for user account passwords, such as password complexity, length, frequency of password changes, and so on. A strong…

Shared network folders from file servers can be made available to domain users as network drives using Group Policy. GPO allows configuring flexible rules to automatically map network drives based…

If a trust relationship between a Windows workstation and an Active Directory domain is broken, the computer won’t be able to establish a secure channel with the domain controller, and…