Active Directoy
Active Directory Auditing Tool
https://www.manageengine.com/products/active-directory-audit/account-management-events/event-id-4...
Active Directory: Add a Domain Controller to PowerShell
https://247-it.io/en/active-directory-add-a-domain-controller-to-powershell/#:~:text=Domain%20Con...
Add a domain to the Active Directory
https://lazyadmin.nl/it/add-a-domain-to-the-active-directory/ How to add a domain to the Active ...
Add a Mapped Drive to a User Profile Using GPO
Log into the Group Policy Management console Create a new group policy and link it to the OU a...
Add all users in OU to security group
While working on figuring out how to add all of RS domestic to a security group quickly, develope...
Add Extension Attribute to User
Description This article will detail how to add an extension attribute to a user that will...
ADSI Purge
(&(Name=WHCC-01-VSRV03*)) (&(Name=LAFAD01*)) Clean Up ...
Change Windows Desktop Background Using Group Policy
How to Change Windows Desktop Background Using Group Policy This demonstration is using a Window...
Checking Active Directory Domain Controller Health and Replication
https://woshub.com/check-active-directory-health-and-replication/ How to Check AD Domain Control...
Clean Up Server Metadata
This is the guide to use when a Domain Controller (DC) crashes and cannot be removed from the dom...
CONFIGURE NTP TIME SYNC USING GROUP POLICY
https://theitbros.com/configure-ntp-time-sync-group-policy/#:~:text=Configure%20Client%20Time%20S...
Create a Group to Assign Permissions to Access Files
Best practice is to always create a security group, and assign that security group file permissio...
Create WMI Filters for the GPO
Applies To: Windows Server 2012 To make sure that each GPO associated with a group can only be a...
Cross Forest Resource Security
Cross-forest resource security To grant access to resources from one forest to another: ...
Demote or Promote Domain Controller
Both of these commands need to be ran under credentials that have authority to demote the server....
Determine AD forest and domain level
Get-ADDomain | select domainMode, DistinguishedName Get-ADForest | select forestMode From...
Disable "These files might be harmful to your computer" warning?
https://superuser.com/questions/149056/disable-these-files-might-be-harmful-to-your-computer-warn...
Disabling and Enabling Outbound Replication
Disabling and Enabling Outbound Replication Last Updated: July 7, 2024 Disabling and En...
Domain Controller DNS Best Practice
It is best practice when using multiple domain controllers with the DNS role to set the servers a...
Domain Trust
Periodically we will get a call where the person cannot log into their computer and they get an e...
Force reinstall of applications deployed by software GPO after uninstall
https://social.technet.microsoft.com/Forums/ie/en-US/82f1e144-78a3-4446-8aaf-18843c890cdc/force-r...
Get Password Info
DSQUERY // ADComputer Get listing of all accounts with info: Get-ADUser -filter * -...
How To Add Local Administrators via GPO (Group Policy)
https://thesysadminchannel.com/add-local-administrators-via-gpo-group-policy/ In every organizat...
How to Audit User Account Changes in Active Directory
https://www.lepide.com/how-to/audit-user-account-changes-in-active-directory.html#:~:text=To%20tr...
How to Change the Default Lock Screen Image using GPO
Step-by-step: How to Change the Default Lock Screen Image using GPO This example below will demo...
How to create and manage the Central Store for Group Policy Administrative Templates in Windows
https://learn.microsoft.com/en-us/troubleshoot/windows-client/group-policy/create-and-manage-cent...
How to Disable NTLM Authentication in Windows Domain
https://woshub.com/disable-ntlm-authentication-windows/ The key NTLMv1 problems: weak encrypt...
How to Export Active Directory Users to CSV and Build Reports
https://adamtheautomator.com/export-active-directory-users-to-csv/ For many Active Directory (AD...
How to find the source of failed logon attempts
Step 1: Enable 'Audit Logon Events' policy Open 'Server Manager' on your Windows server ...
How To Fix Group Policy: Error Windows could not determine if the user and computer accounts are in the same forest
If you have an issue where the User Policy doesn’t get updated and gives you an error about the...
How to install and configure Microsoft LAPS
https://4sysops.com/archives/how-to-install-and-configure-microsoft-laps/ Download LAPS LAPS co...
How to Remove (Demote) a Domain Controller in Active Directory
Removing an Active Directory Domain Controller and ADDS Role (Step-by-Step) If you are going to ...
How to Remove (Demote) a Domain Controller in Active Directory
https://woshub.com/remove-domain-controller-active-directory/ Removing an Active Directory Domai...
How to store BitLocker keys in Active Directory
https://coady.tech/store-bitlocker-keys-in-ad/ BitLocker is a fantastic way to protect the d...
Joining Active Directory Error
https://www.truenas.com/community/threads/joining-active-directory-error.97316/ Hi...
Keytab file
A keytab is a file that contains the encrypted password for a user and should allow for joining t...
LAPS_OperationsGuide
Local Administrator Password Management Detailed Technical Specification Published: June ...
Migrate user domain profile from one domain to another domain
https://community.spiceworks.com/how_to/145014-migrate-user-domain-profile-from-one-domain-to-ano...
Modify Group Policy's refresh interval
https://www.itprotoday.com/compute-engines/how-can-i-modify-group-policys-refresh-interval A. By...
Move FSMO Roles
Move-ADDirectoryServerOperationMasterRole -Identity CM-01-HVSRV16 -OperationMasterRole Infrastruc...
Move-ADDirectoryServerOperationMasterRole
https://learn.microsoft.com/en-us/powershell/module/activedirectory/move-addirectoryserveroperati...
Netlogon Logging
To enable NetLogon Logging, use the following command on a domain controller: nltest /dbflag:0x...
Powershell export AD users in OU to CSV
########################################################### # AUTHOR : Victor Ashiedu # WEBS...
Rejoining an "untrusted" workstation and primary domain
Test-ComputerSecureChannel -Repair is all you need to do on the client Reset-ComputerMachinePass...
Rename Domain
Found this article which looks like it is very good http://www.rebeladmin.com/2015/05/step-b...
repadmin
This command syncs all DC to this one repadmin /syncall RHSC-00-VSRV18 /d /e repadmin /sy...
Repairing Broken Trust Relationship Between Workstation and AD Domain
https://woshub.com/repair-trust-relationship-workstation-with-ad-domain/ In this article we’ll s...
Restore Default Domain Policy
Examples Restore the Default Domain Policy GPO to its original state. You will lose any changes...
Securing Active Directory: Who can add computers to the domain? Only the domain admin?
https://sid-500.com/2017/09/09/securing-active-directory-who-can-add-computers-to-the-domain-only...
Security Groups
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-groups...
Step-By-Step: Manually Removing A Domain Controller Server
https://techcommunity.microsoft.com/t5/itops-talk-blog/step-by-step-manually-removing-a-domain-co...
USER PROFILES AND USER FOLDERS REDIRECTION USING GPO
http://dalaris.com/user-profiles-and-user-folders-redirection-using-gpo/ Assume that you have a ...
Using NTDSUTIL Metada Cleanup to Remove a Failed/Offline Domain Controller Object.
https://chinnychukwudozie.com/2014/01/27/using-ntdsutil-metada-cleanup-to-remove-a-failedoffline-...
Wrong error message for missing .adml files
Symptoms SR symptoms: EN-US Domain Controller tries to create a settings report for a GPO. Th...
Transferring/Seizing FSMO Roles to Another Domain Controller
https://woshub.com/transfer-seize-fsmo-roles-in-active-directory/ Transferring/Seizing FSMO Role...
Raise domain and forest functional levels in Active Directory Domain Services
Raise domain and forest functional levels in Active Directory Domain Services Article 11/01...