Location: Articles

Articles

Articles

Current Articles | Categories | Search | Syndication
Articles from Active Directory
Sunday, April 15, 2012
Extract GPO Links from AD Snapshot
By Alexei Segundo @ 4:20 AM :: 4233 Views :: :: Active Directory, Group Policy

Here's a short Powershell script that queries an AD snapshot to find the GPOs linked to an OU at a specific point in time.

Read More..

Powershell 2.0 script to bulk create test user accounts

Author: Tony Murray :: Monday, November 09, 2009 10:35 PM

This script uses Powershell 2.0 with the Windows Server 2008 R2 Active Directory service provider and CMDlets.  Use the script to bulk create test user objects in AD.

Read More..

13751 Views :: :: Categories: Active Directory, Scripting, Windows Server

Monday, July 06, 2009
How do I get to my external website when my AD domain internal name is the same as my external name? Or From inside the office, I can't get to http://domain.com, but can using http://www.domain.com after creating an "A" 'www' record.
By Ace Fekay @ 10:51 PM :: 4009 Views :: :: Active Directory, Tips and Tricks, DNS

Is your internal domain name and external domain name the same? If so, it's called a split zone.

This is a common dilemma resulting when the internal AD name and the external public names are the same. Users inside the office, including VPN users connected from an external location to the office, cannot get to their externally hosted website.



 

Read More..

Considerations when using a domain-based service account with AD LDS

Author: Tony Murray :: Monday, April 13, 2009 9:39 PM

When creating an AD LDS instance you are prompted to specify an account to use as the service account. At this point you can specify either the Network Service account or another account. Unless you have a particular need, you should choose the built-in Network Service account. If you opt for a domain-based service account you have to jump through a whole lot of hoops to get things working. Also, you typically end up giving your domain-based service account more permissions than are strictly necessary (as described later in this article). The Network Service account on the other hand provides an easy set up option and is a good choice from a security perspective given that the account has limited access to the local computer.

 
 
 
So why bother to use a domain-based service account at all? Well, if you have a number of services on your server all running under the context of the Network Service account there is potential for security compromise. In this scenario you may want to consider isolating the services from each other using dedicated service accounts.
 
What follows is a discussion of the steps required to configure AD LDS to use a domain-based service account.

Read More..

16602 Views :: :: Categories: Active Directory, Tips and Tricks, Windows Server

Vbscript to determine domain and forest functional levels

Author: Alexei Segundo :: Wednesday, April 08, 2009 7:09 PM

This script was created to help when raising domain and forest functional levels, especially in larger environments. The script uses an authoritative DC to enumerate all the DCs in the forest. Each DC is then contacted in turn to determine what it thinks is the current domain and forest functional level. The goal is to ensure that the information is consistent across DCs before raising the functional level, and to ensure that replication distributes the changes successfully after raising the functional level.

Read More..

8501 Views :: :: Categories: Active Directory, Scripting

The (Almost) Definitive Active Directory Blogroll

Author: Tony Murray :: Saturday, November 01, 2008 8:42 PM

I subscribe to a number of Blogs with Active Directory content. As it took me a while to accumulate the list, I thought I would share it here.

Let me know if I have missed any out there that should be on this list.

Read More..

7847 Views :: :: Categories: Active Directory

LDAP tips #3: Searching for Computers

Author: Tony Murray :: Thursday, September 25, 2008 10:57 PM

This article is the third in a series providing tips for common LDAP searches.

Read More..

14154 Views :: :: Categories: Active Directory, Tips and Tricks

Multiple Domain Forests: Still a Valid Design Model?

Author: Tony Murray :: Monday, July 21, 2008 2:52 PM

On the ActiveDir.org list there has been some good discussion about whether the multi-domain forest is still considered a valid design option. This article attempts to crystallise the discussion for use as a reference for those involved with the design or review of forest models.
 
The general consensus is that single domain forests are now the preferred design option for all but the most marginal cases. Note that this does not preclude the use of multiple forests within a single organisation. For example, the use of the Exchange Resource forest in environments that have a distributed NOS architecture but a centralised messaging architecture is common in larger organisations.

Read More..

24113 Views :: :: Categories: Active Directory, Windows Server

Bulk Updates to Active Directory User Attributes

Author: David Wiseman :: Thursday, June 12, 2008 3:52 PM

Describes how to make bulk updates to Active Directory User Attributes using freeware tools (from WiseSoft.co.uk).

Read More..

34818 Views :: :: Categories: Active Directory

How to Enable, Disable and Maintain OCS 2007 (Office Communications Server) User Attributes using VBScript.

Author: Matty Holland :: Thursday, May 15, 2008 4:51 PM

This script will enable and configure Active Directory users for OCS 2007.  This is an updated version of the re-written LCS reskit script published in article: How to Enable, Disable and Maintain LCS (Live Communications Server) User Attributes using VBScript.

Read More..

19311 Views :: :: Categories: Active Directory, Scripting

Paging - Page: 1 of 3
Previous Page | Next Page
Copyright 2012 ActiveDir.org
Terms Of Use