By default, only members of the Domain Admins group have the remote RDP access to the Active Directory domain controllers‘ desktop. In this post we’ll show how you to grant…
CoreyApril 26, 2021
You can use Group Policy to add Active Directory users and groups to the local Administrators group on domain-joined servers and workstations. This allows you to grant local admin privileges…
CoreyFebruary 15, 2021
Using Group Policies, you can create a shortcut to a specific app on the desktops of all (or certain) domain users. GPO allows you to…
CoreyJanuary 25, 2021
In this post we’ll show how you to restore a Active Directory domain controller from a System State backup created earlier (see the post Active Directory…
CoreyJanuary 18, 2021
I have at time noticed some strange things when trying to access SYSVOL and NETLOGON folders in the domain from Windows 10/Windows Server 2016. When I tried to access…
CoreyJanuary 13, 2021
In this post I’ll talk about Active Directory domain controller backup and we'll learn how to configure automatic AD backup using PowerShell and built-in Windows…
CoreyNovember 18, 2020
In this post, I’ll show you how to track user account lockout events on Active Directory domain controllers, determine from which computer and program the…
CoreyNovember 11, 2020
All Windows admins know that after a computer or a user is added to an Active Directory security group, new permissions to access domain resources…
CoreyOctober 28, 2020
You can use the Get-ADDomainController PowerShell cmdlet to get information about the domain controllers in Active Directory. This cmdlet is a part of PowerShell Active Directory module and requires…
CoreySeptember 30, 2020
The Active Directory Attribute Editor is a built-in graphical tool to manage the properties of AD objects (users, computers, groups). It is the Attribute Editor…
CoreySeptember 23, 2020
In this post we’ll consider how to find domain controllers with FSMO roles in Active Directory, how to transfer one or more FSMO roles to…
CoreySeptember 2, 2020
In one of the previous posts we showed how to use the Set-ADComputer cmdlet in a GPO logon script to save the current logged in user info to the…
CoreyAugust 31, 2020
The Set-ADComputer cmdlet allows you to change the attributes of a computer account object in Active Directory. In this post, we’ll show how to add current logged-in…
CoreyAugust 24, 2020
The Active Directory for Windows PowerShell module is one of the main tools to administer domain, manage objects in Active Directory and get different information about AD…
CoreyAugust 5, 2020
When creating new user accounts in Active Directory, an administrator sets a unique initial password for each account and tells it to a user (usually…
CoreyJuly 20, 2020
Get-ADUser is one of the basic PowerShell cmdlets that can be used to get information about Active Directory domain users and their properties. You can use…
CoreyApril 15, 2020
Let’s look at how to automatically install and connect printers to specific users, computers and groups in an Active Directory domain using Group Policy (GPO).…
CoreyMarch 30, 2020
When managing user access permissions to various resources in an Active Directory domain, an administrator may have to create dynamic AD user groups. Dynamic groups make…
CoreyMarch 4, 2020
In this post I will cover typical reasons why a Group Policy object (GPO) may not be applied to an organizational unit (OU), specific computer…
CoreyFebruary 26, 2020
In this article we’ll cover the Chrome Group Policy administrative templates (admx), provided by Google, that allow you to centrally manage browser settings in an…
CoreyFebruary 19, 2020
NTLM (NT LAN Manager) has been used as the basic Microsoft authentication protocol for quite a long time: since Windows NT. Although Microsoft introduced a more…
CoreyFebruary 3, 2020
In this article we’ll consider how to delegate administrative privileges in the Active Directory domain. Delegation allows you to provide some AD management tasks to…
CoreyJanuary 13, 2020
In this article we’ll consider how to change (or reset) a users’ Active Directory passwords using the PowerShell cmdlet Set-ADAccountPassword. Most administrators usually change (reset) AD…
CoreyJanuary 3, 2020
Let’s consider how to deploy the same desktop background image (wallpaper) on all Windows workstations in the Active Directory domain using Group Policies. As a…
CoreyJanuary 1, 2020
You can use the PowerShell cmdlet Get-ADComputer to get various information about computer account objects (servers and workstations) from Active Directory domain. This is one of the…
CoreyDecember 27, 2019
Windows Firewall allows to restrict inbound/outbound network traffic for a certain application, protocol or a TCP/IP port. This is an easy way to restrict network…
CoreyDecember 25, 2019
Let’s look on how to centrally deploy an SSL certificate on domain computers and add it to the Trusted Root Certification Authorities using Group Policy. After the certificate is deployed,…
CoreyDecember 18, 2019
In this article, we will look at how to use Group Policy (GPO) to centrally create, modify, import and delete any registry keys on domain-joined…
CoreyDecember 13, 2019
In Windows environment, each domain and local user, group and other security objects are assigned a unique identifier — Security Identifier or SID. It is an SID, but…
CoreyOctober 30, 2019
In this article, we’ll look at how to manage local administrator passwords on a domain joined computers using the official Microsoft tool – LAPS (Local Administrator Password…
CoreyJune 26, 2019
WMI filters in Group Policy (GPO) allow you to more flexibly apply policies to clients by using different rules. A WMI filter is a set…
CoreyMay 15, 2019