Fine-Grained Password Policies (FGPP) allow you to create multiple password policies for specific users or groups. Multiple password policies are available starting with the Windows Server 2008 version of Active…
You can use Active Directory to securely store backups of BitLocker recovery keys (passwords) from client computers. It is very convenient if you have multiple users using BitLocker to encrypt…
Recently I’ve faced quite an interesting problem when some users are unable to authenticate on some domain services due to exceeding the maximum size of the Kerberos ticket. In this…
Active Directory is a reliable yet critical service, and the functionality of the entire enterprise network depends on its proper operation. The proper functioning of Active Directory requires constant monitoring…
Windows Server Core is a good platform to host the Active Directory domain controller role due to fewer resource requirements, increased stability and security (due to less code and updates).…
Group Policy Administrative Templates contain settings that allow administrators to conveniently configure various Windows settings, components, and third-party software. In this article, we will look at how to install new…
Windows saves (caches) domain user credentials locally so users can log in without domain access if needed. This feature enables users to log on to their computers even when AD…
In this article we will look at how to find out the date a user was created in Active Directory; how to use PowerShell to get information from the domain…
The version of Active Directory in Windows Server 2016 introduces an interesting feature that allows you to temporarily add a user to an AD security group. This feature is called…
You can use Managed Service Accounts (MSA) to securely run services, applications, and scheduler tasks on servers and workstations in an Active Directory domain. The MSA is a special type…