Active Directory Archive

Advanced Audit Policy Configuration on Windows Server 2016

Advanced Audit Policy Configuration in Windows Server allows you to collect information about various granular events at the server or AD domain level. In this article, we’ll show you how to enable and use Advanced Security Audit Policy with the Group Policies and auditpol.exe tool in Windows Server 2016.

How to Unlock User Account in Active Directory Domain?

A user account in Active Directory is locked if a user incorrectly typed the password several times in a row. In this article, we will show you how to find and unlock an account of one user or all locked AD domain users at once. The threshold value for

Store BitLocker Recovery Keys using Active Directory

In a domain network, you can store the BitLocker recovery keys for encrypted drives in the Active Directory Domain Services (AD DS). This is one of the coolest features of the BitLocker Drive Encryption technology for corporate users. BitLocker recovery key is a 48 and/or 256-bit sequence, which is

How to Find Active Directory User’s/Computer’s Last Logon Time?

The Active Directory administrator must periodically disable and inactivate objects in AD. In this article, we will show how to get the last logon time for the AD domain user and find accounts that have been inactive for more than 90 days. How to Get Last Logged on User

Import Users Into Active Directory From CSV

If you need to create many new user accounts in a domain at once, it is extremely inefficient to create them all manually from the graphical console Active Directory Users and Computers (ADUC). In this article, we will take a look at a simple PowerShell script that allows you

How to Enable Active Directory Recycle Bin?

The Active Directory Recycle Bin allows a domain administrator to recover any deleted Active Directory object (user, computer, AD security group, etc.). The Active Directory Recycle Bin was first introduced in Windows Server 2008 R2. In this version, you could only manage the Recycle Bin and restore AD objects

Fix: Active Directory Domain Controller Could Not Be Contacted

In this article, we’ll take a look at why it’s not possible to join a new computer to the Active Directory domain with an error Active Directory Domain Controller could not Be contacted. What does Active Directory Domain Controller Could Not be Contacted Error Looks Like? A user or

Installing Active Directory Users and Computers MMC Snap-in on Windows 10

One of the main Active Directory domain management tools is the MMC snap-in Active Directory Users and Computers (ADUC). The ADUC snap-in is used to perform typical domain administration tasks and manage users, groups, computers, and organizational units in the Active Directory domain. By default, the Active Directory Users

Migrating SYSVOL AD Replication from FRS to DFS

The SYSVOL folder on any Active Directory domain controller stores Group Policies settings and templates, scripts, and other objects that the AD or GPO administrator placed there. And each domain controller has its own copy of GPOs, which over time is synchronized with other domain controllers in the domain.

Active Directory LDAP Query Examples

LDAP queries can be used to search for objects (computers, users, groups) in the Active Directory LDAP database according to certain criteria. To perform LDAP query against the AD LDAP catalog, you can use various utilities (for example ldapsearch), PowerShell or VBS scripts, Saved Queries feature in in the