Deploying the Local Administrator Password Solution Part 2

In this series of three posts, I demonstrate the installation and configuration of Microsoft’s Local Administrator Password Solution (LAPS). This is the second post that covers configuration of Active Directory to support LAPS. Configuring Active Directory for LAPS Extend the AD Schema In the last post, we configured the client installation. While there is no server-side software to run as far […]

Read more

Deploying the Local Administrator Password Solution Part 3

In this series of three posts, I demonstrate the installation and configuration of Microsoft’s Local Administrator Password Solution (LAPS). This is the third and final post that covers the group policy configuration of LAPS, as well as a brief demonstration. Configuring Group Policy We’ve got the software installed, and AD configured, all that’s left is to turn the thing on! Fortunately there’s […]

Read more

Add a computer to an Active Directory domain with PowerShell

A common task many system administrators do is adding computers to an Active Directory domain. Since Active Directory is embedded in so many organizations, nearly every IT professional is probably familiar with the box below. Active Directory domain join This PowerShell snippet above connects remotely to the computer NAMEHERE, attempts to join it to the domain domain.here and then afterward […]

Read more

Add and remove users to AD groups with Group Policy

Group Policy allows you to add and remove users to an Active Directory (AD) group. Using this feature improves security because you can ensure that high-risk security groups only contain the users that you specify via Group Policy. To manage the Domain Admins group, you will need Remote Server Administration Tools(RSAT) installed. After installing that, open up the Group Policy Management […]

Read more

Configuring Password Replication Policy for Read Only Domain Controllers

What is Password Replication Policy? Password Replication Policy (PRP) determines which users’ credentials can be cached on a specific RODC. If PRP allows an RODC to cache a user’s credentials, authentication and service ticket activities of that user can be processed by the RODC. If a user’s credentials cannot be cached on an RODC, authentication and service ticket activities are […]

Read more
1 2 3 4 5 6