Menu Sidebar
Menu

domain

List all SPNs in Active Directory

Ran into a situation where I needed to get all the SPNs that are listed in AD. Find duplicate SPNs Listing duplicate SPNs is fairly easy, just use setspn -X on your command-line and you’ll find out. What is a SPN? An SPN or Service Principal Name is a unique identity for a service, mapped with a specific account (mostly […]

Get All DCs in the Entire Forest

Getting a know a new environment for a new client and I a quickly needed information about all domain controllers in the entire forest. Wrote a small little script to provide me all the information I needed:

 

List Domain Admins & Enterprise Admins in a domain

If you want to find out how many domain/ enterprise admins are active/inactive in domain you can use the following PowerShell command to figure out: Get the list of domain admins and check if they are enabled.

Get the list of enterprise admins and check if they are enabled.

 

NSLookup still showing IP of demoted Domain Controller

So had an interesting issue today where a Domain Controller (DC) was demoted yet the IP of the demoted DC was still showing up when running nslookup internaldomain.local Demoted DC: MWDC04 / IP: 10.14.111.111 I had done the metadata cleanup and tried many suggestions when googling the subject. To my surprise none of the solutions I […]

12 dig Command Examples for DNS

dig can we very useful in finding out DNS related issues. To install dig for Window/ Linux/ MacOSX click here. A basic dig command – dig a domain nameIn the most basic of dig commands, you have a domain name like www.microsoft.com, and you want to find information about it, so you issue the following […]

R.I.P. nslookup – Start using dig or host

I have been using nslookup for the longest time I can remember. Although, this may be an older topic to some, it may be a newer topic to most Windows users. Dear Windows users, nslookup has been deprecated. The organization that maintains the code for nslookup, Internet Systems Consortium (ISC), has very clearly stated it in the most […]

How to Generate a Group Policy Report

This may be a noob topic, but it is an important one. Depending on the size of your organization you could have a few Group Policy Objects (GPO) or you could have many. Sometimes it is very hard find out why a workstation or server is acting the way it is. I would say that […]

Active Directory and Kerberos SPNs Made Easy!

What Is an SPN? An SPN is a reference to a specific service, for example, an instance of SQL or a web application run by IIS. Since SPNs are specific, they reference not only what the service is (such as an SQL server), but also which hostname runs the instance and on which port it’s […]

Speed up Active Directory & DNS replication between Sites

Using the standard GUI Microsoft Management Consoles to make the change to speed up Active Directory replication is not possible. The best result of using administrator consoles will be to increase domain replication between domain controllers to 15 minutes. These large time values were instituted into Active Directory at version 1 because inter-site connections during that era of computing and networking were much lower in bandwidth with the most common being frame-relay or […]

Older Posts

Mohammed Wasay

Dallas based Design Technologist & Hybrid Developer