Step 1: Backup Windows Server 2008 R2 certificate authority database and its configuration Log in to Windows 2008 R2 Server…
Category: Active Directory
Join Computer to Domain with Desired Computer Name and OU
Step #1: This is the simplest method to add a computer to a domain. In this example you will be…
Move disabled user accounts with a PowerShell
Move disabled user accounts with a PowerShell
Active Directory Cleanup Best Practices
Best practice #1: remove disabled accounts A crucial part of Active Directory cleanup is monitoring for disabled user and computer…
Domain Controller Role Queries and Synchronization Relationship Queries
netdom query fsmo 查询五大角色 dsquery server 显示所有域控 查看架构主机角色 dsquery.exe server -hasfsmo schema 查看域命名主机角色 dsquery.exe server -hasfsmo name 查看RID 主机角色 dsquery.exe…
Get users who haven’t logged in longer than X days (LastLogonDate)
This script might be useful in getting users that haven’t logged for a longer amount of time. It is checking…
Difference between Disabled, Expired and Locked Account
Disabled accounts If an organization has a provisioning process in place for governing (automatically) the enabling and disabling of account…
GPO – Apply to a specific Users/Group
On the domain controller, open the group policy management tool. Create a new group policy.
What are the different Windows Logon Types that can show up in the Windows event log?
Logon Types are logged in the Logon Type field of logon events (event IDs 528 and 540 for successful logons,…