In this article, we’ll show how to enable DNS logging for all user queries on a DNS server running Windows Server, how to parse and analyze DNS logs. I faced this task when I had to decommission an old Active Directory domain controller in a branch office and I needed to understand which devices were still using the DNS server. After enabling a DNS log and analyzing it, I was able to find the devices and reconfigure them to use other DNS servers. Also, this method will help you to find hosts with suspicious activity in your Active Directory network (accessing malicious URLs, botnet hosts, etc.).
- Active DirectoryPowerShellWindows Server 2019Windows Server 2022
Install and Configure a Read-Only Domain Controller (RODC) on Windows Server 2019/2022
March 15, 2024The read-only domain controller (RODC) feature was first introduced in Windows Server 2008. The main purpose of the RODC is the secure installation of the own domain controller in remote…
Windows automatically assigns a drive letter to any connected HDD/SSD disk, USB flash drive, SD card if it recognizes the file system on its partitions. But sometimes it doesn’t work.…
Current Windows versions collect information about the health of hard drives in your computer via SMART and may notify a user in case of any problems. Let’s see what a…
The task of searching for objects in Active Directory (users, groups, or computers) by name using some pattern, regular expression, or wildcard is not as obvious as it seems. The…
- PowerShellWindows 10Windows Server 2019
Run a Script (Program) When a Specific Program Opens/Closes in Windows
March 13, 2024In this article, we will show how to track an event of launching a certain program (process) in Windows and perform an action (run a script, command, program, send an…
- Active DirectoryWindows Server 2016Windows Server 2019
How to Rename an Active Directory Domain
July 3, 2024In this short article, we will show you how to properly change an Active Directory domain name from test.com to resource.loc. In fact, it is not the best idea to…
- PowerShellWindows 10Windows Server 2019
Using Out-GridView to View and Select Table Data in PowerShell
March 16, 2024The Out-GridView cmdlet allows displaying data as an interactive graphical table that can be filtered or sorted based on different criteria. You can use the Out-Gridview cmdlet in scripts where…
- Group PoliciesWindows 10Windows 11Windows Server 2019
Prevent Users from Changing Proxy Settings in Windows
February 27, 2023In a previous article, we showed how to configure proxy settings in Windows via GPO. However, even non-admin users can manually change the proxy settings on their computers. In this…
- Group PoliciesPowerShellWindows 10Windows 11
How to Disable Automatic Driver Updates on Windows
January 24, 2025In addition to operating system security updates and patches, Windows Update provides driver updates for most certified devices. When Windows Update scans your computer and finds that a newer driver…