In August 2020, Microsoft released an update to fix a critical Windows Server vulnerability in Active Directory — CVE-2020-1472 (more known as Zerologon) . This update was successfully…
Using Group Policies, you can automatically copy specific files or folders to all domain computers. You can place files to the Desktop, a user profile folder…
Using local accounts (including the local administrator) to access another computer over network in Active Directory environments is not recommended on a number of reasons.…
By default, only members of the Domain Admins group have the remote RDP access to the Active Directory domain controllers‘ desktop. In this post we’ll show how you to grant…
Active Directory user accounts have a special thumbnailPhoto attribute in which a user’s photo can be stored as binary data. Outlook, OWA, Lync/Skype for Business, SharePoint (and…
You can use Group Policy to add Active Directory users and groups to the local Administrators group on domain-joined servers and workstations. This allows you to grant local admin privileges…
In this post we’ll show how you to restore a Active Directory domain controller from a System State backup created earlier (see the post Active Directory…
I have at time noticed some strange things when trying to access SYSVOL and NETLOGON folders in the domain from Windows 10/Windows Server 2016. When I tried to access…
In this post I’ll talk about Active Directory domain controller backup and we'll learn how to configure automatic AD backup using PowerShell and built-in Windows…
In this post, I’ll show you how to track user account lockout events on Active Directory domain controllers, determine from which computer and program the…
You can use the Get-ADDomainController PowerShell cmdlet to get information about the domain controllers in Active Directory. This cmdlet is a part of PowerShell Active Directory module and requires…
The Active Directory Attribute Editor is a built-in graphical tool to manage the properties of AD objects (users, computers, groups). It is the Attribute Editor…
The Set-ADComputer cmdlet allows you to change the attributes of a computer account object in Active Directory. In this post, we’ll show how to add current logged-in…
The Active Directory for Windows PowerShell module is one of the main tools to administer domain, manage objects in Active Directory and get different information about AD…
Get-ADUser is one of the basic PowerShell cmdlets that can be used to get information about Active Directory domain users and their properties. You can use…
Let’s look at how to automatically install and connect printers to specific users, computers and groups in an Active Directory domain using Group Policy (GPO).…
When managing user access permissions to various resources in an Active Directory domain, an administrator may have to create dynamic AD user groups. Dynamic groups make…
In this article we’ll cover the Chrome Group Policy administrative templates (admx), provided by Google, that allow you to centrally manage browser settings in an…
NTLM (NT LAN Manager) has been used as the basic Microsoft authentication protocol for quite a long time: since Windows NT. Although Microsoft introduced a more…
In this article we’ll consider how to delegate administrative privileges in the Active Directory domain. Delegation allows you to provide some AD management tasks to…
In this article we’ll consider how to change (or reset) a users’ Active Directory passwords using the PowerShell cmdlet Set-ADAccountPassword. Most administrators usually change (reset) AD…
Let’s consider how to deploy the same desktop background image (wallpaper) on all Windows workstations in the Active Directory domain using Group Policies. As a…
You can use the PowerShell cmdlet Get-ADComputer to get various information about computer account objects (servers and workstations) from Active Directory domain. This is one of the…
Windows Firewall allows to restrict inbound/outbound network traffic for a certain application, protocol or a TCP/IP port. This is an easy way to restrict network…
Let’s look on how to centrally deploy an SSL certificate on domain computers and add it to the Trusted Root Certification Authorities using Group Policy. After the certificate is deployed,…
In Windows environment, each domain and local user, group and other security objects are assigned a unique identifier — Security Identifier or SID. It is an SID, but…
In this article, we’ll look at how to manage local administrator passwords on a domain joined computers using the official Microsoft tool – LAPS (Local Administrator Password…
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are ok with this.AcceptPrivacy Policy