Navigation

    ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. ad
    Log in to post

    • How to Assess the Security of Your Active Directory
      Starwind • active directory ad cyber security pingcastle • • Oksana  

      1
      1
      Votes
      1
      Posts
      23
      Views

      No one has replied

    • PowerShell - Using Variables to Delete SMTP Proxy Addresses in AD
      IT Discussion • windows powershell active directory ad get-aduser • • wrx7m  

      11
      1
      Votes
      11
      Posts
      932
      Views

      @flaxking said in PowerShell - Using Variables to Delete SMTP Proxy Addresses in AD: if they do not have previous experience with objects Describes me. lol
    • P

      How does name resolution work in AD?
      IT Discussion • windows dns ad • • Pete.S  

      15
      0
      Votes
      15
      Posts
      156
      Views

      @Pete-S said in How does name resolution work in AD?: @Dashrender said in How does name resolution work in AD?: @scottalanmiller said in How does name resolution work in AD?: @Pete-S said in How does name resolution work in AD?: I was wondering how it works because we see a problem where a couple of Win 10 clients can resolve all the internal Windows servers names, but not the statically assigned names of linux servers. I thought if the name resolution works over different mechanisms and uses different ports it could be an firewall or L3 switch somewhere that has been misconfigured. This is common in situations where Linux is not given an opportunity to auto-update the DNS entries, no one makes them manually, and they are not joined to AD. Exactly - have you or anyone else added these servers to AD's DNS? They have been added manually. The name of the service is also not the name as the server. So if a webserver is abc001.company.com the name in the DNS that will send you to that server might be logistics.company.com. if you're being sent to logistics, that's the entry that must be in DNS.. you can have as many entries as are needed for a single server. each name is it's own entry.
    • Any Way to Automate Adding a New Computer to an AD Group?
      IT Discussion • windows 10 powershell active directory windows server gpo ad pdq deploy ps mdt ou task sequence • • wrx7m  

      32
      0
      Votes
      32
      Posts
      1549
      Views

      F

      @marcinozga said in Any Way to Automate Adding a New Computer to an AD Group?: @flaxking said in Any Way to Automate Adding a New Computer to an AD Group?: @marcinozga said in Any Way to Automate Adding a New Computer to an AD Group?: Ansible can do that. https://docs.ansible.com/ansible/latest/modules/win_domain_group_membership_module.html#win-domain-group-membership-module You can add new PCs to domain, and change their group membership, you just need to know computer names in advance. Which is just a layer on top of Powershell. The Active Directory Powershell module is still required. It's not required, or that module is included already in Windows 10 by default. Because I haven't had to install it on any machine I managed with Ansible. "win_domain_group_membership requires the ActiveDirectory PS module to be installed" https://github.com/ansible/ansible/blob/devel/lib/ansible/modules/windows/win_domain_group_membership.ps1 They have it in the documentation as well "This must be run on a host that has the ActiveDirectory powershell module installed." https://docs.ansible.com/ansible/latest/modules/win_domain_group_module.html
    • UNSOLVED Managing Fedora 30 with SMB share for 100 users
      IT Discussion • fedora management ad permissions smb share • • JaredBusch  

      7
      0
      Votes
      7
      Posts
      231
      Views

      @JaredBusch I have a couple clients using Synology for their auth needs and it's been working extremely well.
    • PowerShell - Off-boarding Script
      IT Discussion • microsoft powershell office 365 active directory windows server scripting script ad password password reset • • wrx7m  

      12
      1
      Votes
      12
      Posts
      1387
      Views

      @wrx7m said in PowerShell - Off-boarding Script: @dafyre said in PowerShell - Off-boarding Script: @wrx7m said in PowerShell - Off-boarding Script: @dafyre I think I found where you got it - https://www.powershelladmin.com/wiki/Powershell_prompt_for_password_convert_securestring_to_plain_text Anyway, I am not sure where, in my script, I should place that function. You'd put the actual function at the top of your script, and then just $myPassword=convertFrom-SecureToPlain -securepassword $MySecurePassword Wherever you need the password in plain text form. Thanks. It mostly works. The only problem is that it isn't actually using the password I specify at the top. It is somehow generating its own and then writing it at the end. I put in write-host "Plain Text Says: $plainText" and it shows the password that I typed in for the secure variable at the beginning, followed by the one that it generated. Plain Text Says: $#@%4#@177 Jof91348 Works fine for me here.... Check and make sure you don't have an extra write-host or anything somewhere.
    • Where do I start with replacing the whole MS AD stack
      Water Closet • microsoft active directory dns ad dhcp • • JaredBusch  

      104
      3
      Votes
      104
      Posts
      1454
      Views

      @Donahue said in Where do I start with replacing the whole MS AD stack: sing reservations. I think your knowledge of FG is not allowing you to do this, just create a new interface with the desired subnet and leave or tick DHCP option. And they you can do it what you want with it. Create an IPv4 policy to give access to internet to the new interface.
    • PowerShell - Create New AD User Using Prompts and Variables
      IT Discussion • windows powershell ad • • wrx7m  

      26
      2
      Votes
      26
      Posts
      1152
      Views

      @wrx7m said in PowerShell - Create New AD User Using Prompts and Variables: If I get rid of the attempt to combine the 2 existing variables into a 3rd, I get this error. New-ADUser : A positional parameter cannot be found that accepts argument '+'. At \\FP02\it\Scripts\AD\AD-InitialUserCreationVariables.ps1:5 char:1 + New-ADUser -Name "$GivenName $Surname" ` + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (:) [New-ADUser], ParameterBindingException + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.NewADUser Like this I think: New-ADUser -Name "$($GivenName) $($Surname)"` From: https://blogs.technet.microsoft.com/stefan_stranger/2013/09/25/powershell-sub-expressions/
    • Handling DNS in a Single Active Directory Domain Controller Environment
      IT Discussion • windows windows server dns ad ad dc • • scottalanmiller  

      242
      0
      Votes
      242
      Posts
      8284
      Views

      @obsolesce said in Handling DNS in a Single Active Directory Domain Controller Environment: @scottalanmiller said in Handling DNS in a Single Active Directory Domain Controller Environment: @obsolesce said in Handling DNS in a Single Active Directory Domain Controller Environment: @stuartjordan said in Handling DNS in a Single Active Directory Domain Controller Environment: I believe the forest level with Samba can only be 2008R2 though. If you're not using Windows AD, what's it matter? If he's merging in DFS, it might. It's rare to do, but could matter. Oh I see, so Windows AD and other services were involved at some point. Depending on what you want to do, sometimes AD has to support it.
    • Microsoft Hello for Business: What is your opinion?
      IT Discussion • windows server 2016 ad windows server 2008 r2 microsoft hello microsoft hello for business mhfb • • NerdyDad  

      5
      0
      Votes
      5
      Posts
      421
      Views

      @nerdydad - Yes, you do get a skimped down version of Azure AD with the O365 license. The prerequisites mention using Azure AD, but don't say which one, except where they say that the Premium version is optional for auto enrollment with intune. Although, they have several plans/tiers, including 2 premium tiers.
    • Microsoft Certificate Server, the relief from the self-signed certificates
      Starwind • microsoft active directory ad adcs • • Oksana  

      1
      4
      Votes
      1
      Posts
      413
      Views

      No one has replied

    • Be smart, automate boring stuff like Microsoft Hyper-V Live Migration: handy PowerShell scripts and tips
      Starwind • microsoft powershell hyper-v ad activedirectory livemigration • • Oksana  

      1
      2
      Votes
      1
      Posts
      385
      Views

      No one has replied

    • Instead of creating users manually, just join VMware vCenter to Microsoft AD
      Starwind • microsoft vmware active directory vcenter ad vcsa vmware vcenter • • Oksana  

      1
      2
      Votes
      1
      Posts
      394
      Views

      No one has replied

    • Deploy SQL Server 2016 Basic Availability Groups without Active Directory
      Starwind • active directory database sql server starwind blog ad failover cluster sql server 2016 mirroring basic availability groups availability groups database mirroring ag wsfc bag • • Oksana  

      1
      1
      Votes
      1
      Posts
      914
      Views

      No one has replied

    • Powershell - Count AD users
      IT Discussion • powershell ad count • • gjacobse  

      13
      2
      Votes
      13
      Posts
      2382
      Views

      J

      You can try the following command: (get-aduser -filter *).count For only Enabled User Accounts (get-aduser -filter *|where {$_.enabled -eq "True"}).count For only Disabled User Accounts (get-aduser -filter *|where {$_.enabled -ne "False"}).count
    • ADUC: Clear 'dead' computers
      IT Discussion • powershell active directory ad aduc computers • • gjacobse  

      13
      2
      Votes
      13
      Posts
      1486
      Views

      Another example taken from another script: import-module activedirectory $domain = "domain.mydom.com" $DaysInactive = 90 $time = (Get-Date).Adddays(-($DaysInactive)) # Get all AD computers with lastLogonTimestamp less than our time Get-ADComputer -Filter {LastLogonTimeStamp -lt $time} -Properties LastLogonTimeStamp | # Output hostname and lastLogonTimestamp into CSV select-object Name,@{Name="Stamp"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}} | export-csv OLD_Computer.csv -notypeinformation
    • LAPS - Using on Remote Laptops?
      IT Discussion • microsoft windows desktop ad laps • • wrx7m  

      2
      0
      Votes
      2
      Posts
      611
      Views

      Have not used it, I'm afraid.
    • AD User Tool: Bulk AD User
      IT Discussion • security active directory ad password server 2012 r2 domain password reset active directory domain • • gjacobse  

      15
      1
      Votes
      15
      Posts
      2783
      Views

      @dbeato said in AD User Tool: Bulk AD User: @Dashrender Then, he needs to force it with Powershell no just a GUI.... Agreed.
    • How to patch WannaCry using SaltStack ! (AD alternative)
      IT Discussion • active directory saltstack salt ad wannacry • • Emad R  

      3
      6
      Votes
      3
      Posts
      2232
      Views

      I'll add a note for clarity given the title... SaltStack does not do authentication like AD does. AD does not do patching of any sort like Salt does. Salt is an alternative to common myths about AD functionality, but not to actual AD functionality. But you can use Salt to do distributed local authentication management, which does replace the need for AD, but is very different than what is being discussed here. In this case Salt is replacing GPO, not AD.
    • SOLVED Beginner SaltStack Question: Can minions be placed in folders or groups ? (Coming from AD perspective)
      IT Discussion • active directory saltstack salt ad minions • • Emad R  

      7
      0
      Votes
      7
      Posts
      1367
      Views

      @msff-amman-Itofficer said in Beginner SaltStack Question: Can minions be placed in folders or groups ? (Coming from AD perspective): @scottalanmiller ohh shit, how did that get passed me... Great, thanks again.
    • Useful hints on setting up Microsoft Active Directory Domain Controllers
      Starwind • microsoft starwind active directory server network ad fault tolerance domain controllers • • Oksana  

      1
      3
      Votes
      1
      Posts
      648
      Views

      No one has replied

    • How to configure Ubuntu Linux server as a Domain Controller
      News • linux ubuntu active directory samba ad domain controller samba 4 ad dc techrepublic samba-tool • • mlnews  

      2
      2
      Votes
      2
      Posts
      889
      Views

      @mlnews said in How to configure Ubuntu Linux server as a Domain Controller: http://www.techrepublic.com/article/how-to-configure-ubuntu-linux-server-as-a-domain-controller-with-samba-tool/ Samba 4 and samba-tool make getting up and running with AD on Linux pretty quick and easy. Sounds nice, I'll need to make time to look at this.
    • AD on top of something that depends on it
      IT Discussion • virtualization active directory hypervisor ad dependency chain • • JaredBusch  

      10
      0
      Votes
      10
      Posts
      1119
      Views

      @JaredBusch said in AD on top of something that depends on it: No, JB would say, FFS stop conflating shit. A hypervisor is not a server or desktop OS. LOL same difference
    • ZeroTier + Active Directory Authentication
      IT Discussion • active directory zerotier ad authentication work in progress • • JaredBusch  

      111
      5
      Votes
      111
      Posts
      37206
      Views

      K

      @JaredBusch how did you setup your NIC for the workstation that had to remote into the AD via ZeroTier? I'm still trying to figure out exactly what was statically assigned as your post wasn't too clear for me (this is new to me).