Menu Sidebar
Menu

domain

List Domain Admins & Enterprise Admins in a domain

If you want to find out how many domain/ enterprise admins are active/inactive in domain you can use the following PowerShell command to figure out: Get the list of domain admins and check if they are enabled.

Get the list of enterprise admins and check if they are enabled.

 

NSLookup still showing IP of demoted Domain Controller

So had an interesting issue today where a Domain Controller (DC) was demoted yet the IP of the demoted DC was still showing up when running nslookup internaldomain.local Demoted DC: MWDC04 / IP: 10.14.111.111 I had done the metadata cleanup and tried many suggestions when googling the subject. To my surprise none of the solutions I […]

12 dig Command Examples for DNS

dig can we very useful in finding out DNS related issues. To install dig for Window/ Linux/ MacOSX click here. A basic dig command – dig a domain nameIn the most basic of dig commands, you have a domain name like www.microsoft.com, and you want to find information about it, so you issue the following […]

R.I.P. nslookup – Start using dig or host

I have been using nslookup for the longest time I can remember. Although, this may be an older topic to some, it may be a newer topic to most Windows users. Dear Windows users, nslookup has been deprecated. The organization that maintains the code for nslookup, Internet Systems Consortium (ISC), has very clearly stated it in the most […]

How to Generate a Group Policy Report

This may be a noob topic, but it is an important one. Depending on the size of your organization you could have a few Group Policy Objects (GPO) or you could have many. Sometimes it is very hard find out why a workstation or server is acting the way it is. I would say that […]

Active Directory and Kerberos SPNs Made Easy!

What Is an SPN? An SPN is a reference to a specific service, for example, an instance of SQL or a web application run by IIS. Since SPNs are specific, they reference not only what the service is (such as an SQL server), but also which hostname runs the instance and on which port it’s […]

Speed up Active Directory & DNS replication between Sites

Using the standard GUI Microsoft Management Consoles to make the change to speed up Active Directory replication is not possible. The best result of using administrator consoles will be to increase domain replication between domain controllers to 15 minutes. These large time values were instituted into Active Directory at version 1 because inter-site connections during that era of computing and networking were much lower in bandwidth with the most common being frame-relay or […]

The Lazy Way To Do Active Directory Inventory

From time to time admins have to run an inventory of what is running in the AD environment. This is a good practice for audits, inventory, removing decommissioned servers, or any other good reason. The details that are required are like when was computer/ server created, when was it last logged into, what is the […]

PKI CA – Manage certificate templates

Certificate templates are a feature available on enterprise CA. Certificates templates enable to preconfigure certificate settings for enrollment (or auto enrollment). Enrollment is the process to obtain a certificate signed by the CA. The client that has obtained a certificate by enrollment is called the enrollee. I will show you how to create a certificate […]

Lists all users last logon time

As administrators we often want to check which users have not logged in for quite a while, or what accounts recently accessed a system, etc. The following script list all users and their last logon time. With the lastloggeduser.csv we can get fancy with excel to find differences based on age and more.

 

Older Posts

Mohammed Wasay

Dallas based Design Technologist & Hybrid Developer