Kreslavsky IT blog » Active Directory

Home » Posts tagged 'Active Directory'

Moving a Group to Another Domain – Using ADMT Apr 01

To move windows group to other domain download ADMT Tool Install Active Directory Migration Tool Open the ADMT MMC snap-in it is located in Administrative Tools. Chose source and destination domains and click Next. On the Group Selection screen, chose the group that you want to migrate and click Next. On the next screen, select Browse and locate the desired OU. On the Group Options screen, select one or more of the following and click Next: Update user rights: Copies any user rights that Read more

Under: Active Directory, Microsoft, Server 2003, Server 2008 Tags: Active Directory, AD move user, ADMT, Move User to Other Domain, windows server 2003, windows server 2008

Create Group Using PowerShell ADUC, dsadd or admod Mar 23

Creating a Group Using a graphical user interface Open the Active Directory Users and Computers . In the left pane, browse to the parent container of the new group, right-click on it, and select New Group. Enter the name of the group and select the group type (global, domain local, or universal) and group type (security or distribution). Click OK. Using dsadd in command-line interface dsadd group "<GroupDN>" -scope <GroupScope> -secgrp yes|no -desc "<GroupDesc>" Where <GroupDN> Read more

Under: Active Directory, Microsoft, Scripts, Server 2003, Server 2008 Tags: Active Directory, Command Line Interface, create group active directory, create group script, Create group via powershell, Directory Users, Dn, Finance Users, Global Distribution Group, Global Domain, Global Security, Graphical User Interface, Group Description, Group Type, Left Pane, Local Security, Numeric Value, Objectclass, Parent Container, Security Group, Universal Distribution, Universal Security

Windows 2008 Identify all AD admins script Mar 20

PowerShell script to find all Active Directory admins in domain

Get-QADUser -ldapFilter ‘(SamAccountName=*.admin)’|export-csv filename.csv

Under: Active Directory, Microsoft, Scripts, Server 2008 Tags: Active Directory, Csv, Domain, powershell, Windows Script

Find user group membership Powershell script Mar 20

Use this script to check user group membership in Windows Domain Active Directory $root=([adsi]"").distinguishedName $ou=[adsi]("LDAP://ou=x,ou=y,ou=z,"+$root) # fill with user CN “Common Name” $user=$ou.psbase.children.find("cn=tartetCN ") $groups = $user.memberof foreach($group in $groups) { $strGroup = $group.split(',')[0] $strGroup = $strGroup.split('=')[1] $strGroup } Read more

Under: Active Directory, Microsoft, Scripts, Server 2008, Vista, Windows 7 Tags: Active Directory, Adsi, Check Domain, Directory Root, Group Membership, Groups, Ldap, powershell, User Group

Migrate Windows 2003 Domain Controler To New Hardware Mar 17

Things to consider before migration to new hardware Are you going to keep same DC host name ? Are you going to use same IP address? If you are changing your name and IP if it will have influence on your network ( Firewall Roles etc..) Is the server DHCP server Is the server root CA? - I'm not sure if you can migrate Enterprise Root CA - May be Restore from Backup Is the server Global Catalog ? Preparation steps Make full Backup of your Active Directory Install new server and join it to Read more

Under: Active Directory, Microsoft, Server 2003 Tags: Active Directory, Changing Your Name, Dcpromo, Dns Records, Domain Controler, Domain Controller, Domain Service, Enterprise, Global Catalog, Host Name, Migrate Windows 2003, Migration, Ms Article, Network Firewall, New Hardware, Preparation Steps, Root Ca, Running, Server Dhcp, Server Root, windows 2003

Find Active Directory Failed Login Users – Power Shell Script Mar 16

The script bellow allows you to locate users with invalid logon attempts $strFilter = "(&(objectCategory=User)(badPwdCount>=0))" $objDomain = New-Object System.DirectoryServices.DirectoryEntry $objSearcher = New-Object System.DirectoryServices.DirectorySearcher $objSearcher.SearchRoot = $objDomain $objSearcher.PageSize = 1000 $objSearcher.Filter = $strFilter $colProplist = "name" foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)} $colResults = $objSearcher.FindAll() foreach Read more

Under: Active Directory, Microsoft, Server 2008, Vista Tags: Active Directory, Amp, Login Script, Login Users, Shell Script

Find Email in Active Directory Domain Using CSVDE/LDIFDE Mar 16

In windows 2003 and later you can use AD saved queries , but for windows 2000 domain the only way is by using CSVDE/LDIFDE The following command should do the work :You will receive file output csvde -f outputfilename.csv -d "dc=domain,dc=com" -r "(&(mailnickname=*)(proxyAddresses=smtp:email@yourdomain.com))" -l name Change "dc=domain,dc=com" to your AD domain name and suffix, and email@yourdomain.com with the email address you're looking for. To find all recipients who have an email address Read more

Under: Active Directory, Exchange 2000, Exchange 2003, Microsoft, Server 2003, Server 2008 Tags: Active Directory, Amp, Csv, Csvde, Directory Domain, Domain Name, Email Address, Email Directory, Email Domain, Find Email, Ldifde, Name Domain, Queries, Smtp Email, Suffix, Wild Card, Windows 2000, Yourdomain

How to delete a protected OU in ADUC Windows 2008 Mar 15

In Windows 2008 Active Directory Users and Computers Microsoft activated new feature "Protect Container from accidential deletion" During OU creation you have the ability to mark OU as protected from accidental deletion , and if you try to delete OU you will receive the following error "You do not have sufficient privileges to delete "OU Name" , or this object is protected from accidential deletion" To unlock OU from accidential deleting protection do the following actions Open Active Directory Read more

Under: Other Tags: Accidental Deletion, Active Directory, Active Directory Users and Computers, Aduc, Computers, Creation, Delete, Directory Users, Microsoft, New Feature, Privileges, Protect object from accidental deletion, Windows 2008

How to apply Windows 2008 gpo when you have 2003 DC’s only Feb 02

Recently I installed 2 2008 terminal servers , and when I started configuring them I realized that I can't use lot of new features that are available only via 2008 Group Policy . The network was 2003 , and adding or upgrading current DC to 2008 domain controller rises project costs ( 2008 CAL's for entire domain ) I had to look for other solution . Since windows 2008 GPO templates changed their format from ADM to ADMX I couldn't import windows 2008 templates to windows 2003 DC. So here how you Read more

Under: Active Directory, GPO, Microsoft, Server 2003, Server 2008, Vista Tags: Active Directory, Adm, Administration Tools, Adprep, Amp Features, Desktop, Domain Controler, Domain Controller, Forestprep, Goodies, Gpo, Infrastructure Operations, New Features, Policy Management Tools, Relevant Feature, Schema, Terminal Servers, Vista X86, Windows Features, Windows Templates

Exchange 2003 Interview questions and answers – part 2 Feb 01

BASIC 01 What is Exchange 2003 Forestprep? Exchange 2003 Forestprep extends the AD schema to include Exchange specific information. 02 What is Exchange 2003 Domainprep? Exchange 2003 Domainprep creates the groups and permissions necessary for Exchange servers to read and modify user attributes. 03 What is a DC? A DC is a Windows 2000 or 2003 Domain Controller that holds active directory partitions for a domain (used for things like user authentication). 04 What is a GC? A GC is a Global Read more

Under: Exchange 2003, Interview, Microsoft Tags: Active Directory, Administrative Group, Dedicated Servers, Domain Controller, Domainprep, Dynamic Dns, Exchange 2000, Exchange 5 5, Exchange Environment, Exchange Organization, Exchange Servers, External Servers, Forestprep, Global Catalog Server, Internal Exchange, Interview Questions And Answers, Mail, Routing Group, Server Records, User Authentication

Older Posts »

Gil Kreslavsky IT Blog:

Categories:

Tag Cloud: