Active Directory Archive
Advanced Audit Policy Configuration in Windows Server allows you to collect information about various granular events at the server or AD domain level. In this article, we’ll show you how to enable and use Advanced Security Audit Policy with the Group Policies and auditpol.exe tool in Windows Server 2016.
A user account in Active Directory is locked if a user incorrectly typed the password several times in a row. In this article, we will show you how to find and unlock an account of one user or all locked AD domain users at once. The threshold value for
In a domain network, you can store the BitLocker recovery keys for encrypted drives in the Active Directory Domain Services (AD DS). This is one of the coolest features of the BitLocker Drive Encryption technology for corporate users. BitLocker recovery key is a 48 and/or 256-bit sequence, which is
The Active Directory administrator must periodically disable and inactivate objects in AD. In this article, we will show how to get the last logon time for the AD domain user and find accounts that have been inactive for more than 90 days. How to Get Last Logged on User
If you need to create many new user accounts in a domain at once, it is extremely inefficient to create them all manually from the graphical console Active Directory Users and Computers (ADUC). In this article, we will take a look at a simple PowerShell script that allows you
The Active Directory Recycle Bin allows a domain administrator to recover any deleted Active Directory object (user, computer, AD security group, etc.). The Active Directory Recycle Bin was first introduced in Windows Server 2008 R2. In this version, you could only manage the Recycle Bin and restore AD objects
In this article, we’ll take a look at why it’s not possible to join a new computer to the Active Directory domain with an error Active Directory Domain Controller could not Be contacted. What does Active Directory Domain Controller Could Not be Contacted Error Looks Like? A user or
One of the main Active Directory domain management tools is the MMC snap-in Active Directory Users and Computers (ADUC). The ADUC snap-in is used to perform typical domain administration tasks and manage users, groups, computers, and organizational units in the Active Directory domain. By default, the Active Directory Users
The SYSVOL folder on any Active Directory domain controller stores Group Policies settings and templates, scripts, and other objects that the AD or GPO administrator placed there. And each domain controller has its own copy of GPOs, which over time is synchronized with other domain controllers in the domain.
LDAP queries can be used to search for objects (computers, users, groups) in the Active Directory LDAP database according to certain criteria. To perform LDAP query against the AD LDAP catalog, you can use various utilities (for example ldapsearch), PowerShell or VBS scripts, Saved Queries feature in in the