Category: Active Directory 101
Get Email Address From SAMACCOUNTNAME
This Active Directory PowerShell Module code will show you how to the primary SMTP address of users using their SAMACCOUNTNAME. In this scenario, You have a list of users’ SAMACCOUNT name login details and you want to know \ get their email address. In this case, My Users.txt file has a list of users with which looks like this: User1 […]
Read moreHow to Delegate Control on Active Directory Windows Server 2016
In this article, I’ll show you how to delegate Control In Active Directory and all a specific user to only reset passwords to users. In this case, My client asked me to delegate control In AD to a staff member that will allow him to reset the password to users that locked their AD account. Lucky, Active Directory allows us […]
Read moreAdd a computer to an Active Directory domain with PowerShell
A common task many system administrators do is adding computers to an Active Directory domain. Since Active Directory is embedded in so many organizations, nearly every IT professional is probably familiar with the box below. Active Directory domain join This PowerShell snippet above connects remotely to the computer NAMEHERE, attempts to join it to the domain domain.here and then afterward […]
Read moreAdd and remove users to AD groups with Group Policy
Group Policy allows you to add and remove users to an Active Directory (AD) group. Using this feature improves security because you can ensure that high-risk security groups only contain the users that you specify via Group Policy. To manage the Domain Admins group, you will need Remote Server Administration Tools(RSAT) installed. After installing that, open up the Group Policy Management […]
Read moreConfiguring Password Replication Policy for Read Only Domain Controllers
What is Password Replication Policy? Password Replication Policy (PRP) determines which users’ credentials can be cached on a specific RODC. If PRP allows an RODC to cache a user’s credentials, authentication and service ticket activities of that user can be processed by the RODC. If a user’s credentials cannot be cached on an RODC, authentication and service ticket activities are […]
Read morePowershell – Remove Members from AD Groups in bulk
Now there are several ways that you can remove members from a group. The simplest of all is by using Remove-ADGroupMember. Let us see the examples associated with this cmdlet. Get-Help Remove-ADGroupMember -Examples As you can see in the Examples, we need to know the Members that are part of the group in order to remove them from the group. […]
Read morePowershell – How to change AD user description field
In this article we will be using Powershell to perform this. But be aware that we can do this from Active Directory Users and Computers as well. Let us say that we have a user Ronnie and the description provided for the user is “Ronnie is from the Marketing Team” You can see the below from the Active Directory Users […]
Read moreComponents of Active Directory Certificate Services
Today we will be seeing the different components of the Active Directory Certificate Services. Each of the components have a specific task to be done and they will be used under various different scenarios. If you have ever installed the Active Directory Certificate Services role, then you must know that there are six different components that are available which are: […]
Read moreFind Expired Accounts in Active Directory using Powershell
We all know, people join organizations and leave organizations at regular intervals. And we as System Administrators have to create and manage their user accounts in Active Directory. As a best practice, we all set an expiration date to the user account that is created. But do we delete those accounts if they are no longer in use? Its hard […]
Read more