Active Directory – Page 2 – 梦想照进现实

Step-By-Step: Migrating The Active Directory Certificate Service From Windows Server 2008 R2 to 2019

Step 1: Backup Windows Server 2008 R2 certificate authority database and its configuration Log in to Windows 2008 R2 Server as member of local administrator group Go to Start > Administrative Tools > Certificate Authority

Join Computer to Domain with Desired Computer Name and OU

Step #1: This is the simplest method to add a computer to a domain. In this example you will be prompted for credentials followed by the required reboot. Add-Computer -DomainName “your.domain.here” Restart-Computer Step #2: If

Move disabled user accounts with a PowerShell

Active Directory Cleanup Best Practices

Best practice #1: remove disabled accounts A crucial part of Active Directory cleanup is monitoring for disabled user and computer accounts, and removing them when appropriate. When employees go on extended leave or leave an

Domain Controller Role Queries and Synchronization Relationship Queries

netdom query fsmo 查询五大角色 dsquery server 显示所有域控查看架构主机角色 dsquery.exe server -hasfsmo schema 查看域命名主机角色 dsquery.exe server -hasfsmo name 查看RID 主机角色 dsquery.exe server -hasfsmo rid 查看PDC 模拟主机角色 dsquery.exe server -hasfsmo pdc 查看基础架构主机角色 dsquery.exe server -hasfsmo infr whoami

Get users who haven’t logged in longer than X days (LastLogonDate)

This script might be useful in getting users that haven’t logged for a longer amount of time. It is checking lastlogondate property: Please be aware that it gets a date only from the specified Domain

Difference between Disabled, Expired and Locked Account

Disabled accounts If an organization has a provisioning process in place for governing (automatically) the enabling and disabling of account status and (or) there is a good frequency of guest / vendor engagement, this process

GPO – Apply to a specific Users/Group

On the domain controller, open the group policy management tool. Create a new group policy.

What are the different Windows Logon Types that can show up in the Windows event log?

Logon Types are logged in the Logon Type field of logon events (event IDs 528 and 540 for successful logons, and 529-537 and 539 for failed logons). Windows supports the following logon types and associated

Latest

梦想照进现实

Category: Active Directory

Step-By-Step: Migrating The Active Directory Certificate Service From Windows Server 2008 R2 to 2019

Join Computer to Domain with Desired Computer Name and OU

Move disabled user accounts with a PowerShell

Active Directory Cleanup Best Practices

Domain Controller Role Queries and Synchronization Relationship Queries

Get users who haven’t logged in longer than X days (LastLogonDate)

Difference between Disabled, Expired and Locked Account

GPO – Apply to a specific Users/Group

What are the different Windows Logon Types that can show up in the Windows event log?