Fine-Grained Password Policies in Windows Server 2012 R2

Fine-Grained Password Policies in Server 2012 R2

The fine-grained password policies feature was introduced in Windows Server 2008. It allowed organizations to define more than one password and account lockout policy in a single domain, and apply those policies to different sets of users. Prior to Windows Server 2012, you had to use PowerShell, ADSI Edit or the Ldifde command-line utility to create the Password Settings Objects that are used to define fine-grained password policies. But in Server 2012 […]

Posted in Active Directory, Microsoft, Powershell, Windows Server, Windows Server 2012, Windows Server 2012R2 | Tagged , , , , , | Leave a comment

Installing Active Directory on Windows Server 2012 R2

Installing Active Directory on Windows Server 2012R2

This is a step-by-step guide on how to create the first domain controller in a new Windows Server 2012 R2 forest. If you are going to perform a test lab of any kind, involving Windows servers, you will most certainly need an Active Directory Domain. Dcrpomo.exe is deprecated beginning in Windows Server 2012, so the process is slightly different from how it used to be in the 2008 iterations of Windows Server. […]

Posted in Active Directory, Microsoft, Test Labs, Windows Server, Windows Server 2012R2 | Tagged , , , , | Leave a comment

Enabling LDAPS with certificate from a 3rd party CA

LDAP over SSL

Occasionally you will have to install appliances and applications, which will not utilize Kerberos, SASL or NTLM to communicate with Active Directory Domain Services. They will rather use simple BIND, which exposes the users’ credentials in clear text. So anyone with malicious intent, can use network monitoring or packet sniffing tools to capture packets of the communication between the Domain Controller and the client, to view the username and password information in […]

Posted in Active Directory, Microsoft, Windows Server, Windows Server 2008R2, Windows Server 2012 | Tagged , , | 5 Comments

Enabling Printer Location Tracking

Enabling Printer Location Tracking

Adding printers can be cumbersome for non-tech savvy users. Fortunately, you can use the Printer Location Tracking feature to make this process easier for them. When you enable PLT, only printers in the users’ own location will be listed in the Add Printer Wizard by default, when they try to add a network printer. For Printer Location Tracking to work, you need to enable the Group Policy setting related to PLT. You […]

Posted in Active Directory, Microsoft, Windows Clients, Windows Server, Windows Server 2008R2 | Tagged , , , , | Leave a comment

Exporting multivalued attributes with Export-CSV cmdlet

Exporting multivalued attributes with Export-CSV

In the previous blog post we looked at how to retrieve values of user properties/attributes from Active Directory. We briefly even touched on how to retrieve group membership of users, and how to output this information in different formats, such as the distinguished name or the common name of the groups. In this blog post we will look at how to work with multivalued attributes. As was evident in the previous blog […]

Posted in Active Directory, Microsoft, Powershell, Windows Server, Windows Server 2008R2 | Tagged , , , , | 7 Comments

Retrieving User properties from Active Directory

Retrieve User properties from AD

A PowerShell module for Active Directory was released with PowerShell 2.0, the version that shipped with Server 2008 R2. This module includes several cmdlets that let you work directly with Active Directory objects. In this blog post, we will look at retrieving user properties and attributes from Active Directory, with the Get-Aduser cmdlet. We will also look at how to present them in a clean and tidy format in Microsoft Excel. We […]

Posted in Active Directory, Microsoft, Powershell, Windows Server, Windows Server 2008R2 | Tagged , , , , | 3 Comments

Configuring Remote Desktop Services Profile settings for users

Configure RDS User Profile Settings for Users

A user profile describes the configuration for a specific user, including the user’s environment and preference settings. You can specify a Remote Desktop Services-specific profile path and home folder for a user connecting to a Remote Desktop Session Host server. This profile and home folder will obviously only be used, when you connect to a server through Remote Desktop Services. In this blog post we will look at a couple of ways […]

Posted in Active Directory, Microsoft, Powershell, Windows Server, Windows Server 2008R2 | Tagged , , , , | Leave a comment

Mapping Drives with Group Policy Preferences

Mapping Drives with Group Policy Preferences

Group Policy preferences is a feature that was included with Server 2008, and has been a part of Windows Server ever since. In this blog post, we will look at how to map drives through Group Policy Preferences and item-level targeting. The advantage of using Group Policy preferences is that you can target these drive maps to groups for example. Which means that only members of certain group(s) will get these drives mapped […]

Posted in Active Directory, Microsoft, Windows Server, Windows Server 2008R2 | Tagged , , , | 1 Comment

Fine-Grained Password Policies in Windows Server 2008 R2

Fine-Grained Password Policies in Server 2008 R2

Before Windows Server 2008, organizations had to rely on third-party products to define different password and account lockout policies for different sets of users in a domain. In Server 2000 and 2003, there could be only one password and account lockout policy in a domain, and it was specified in the Default Domain Policy, unless third-party products were utilized. In Windows Server 2008 and newer, organizations can define more than one password […]

Posted in Active Directory, Microsoft, Powershell, Windows Server, Windows Server 2008R2 | Tagged , , , , | Leave a comment

Windows 7 Password Expiry Email Notification

Windows 7 Password Expiry Email Notification

In Windows XP, and Windows Server 2003, you would get a notification at logon when (by default) 14 days remained until your Active Directory user’s password expired. In Windows 7 and Windows Server 2008 R2, Microsoft has changed this feature. Now you don’t get this notification at logon, but rather after you have logged on. And the notification is less intrusive, as you only see it for a few seconds in the […]

Posted in Active Directory, Microsoft, Powershell, Windows Clients, Windows Server, Windows Server 2008R2 | Tagged , , , , , | 2 Comments
« Older