After a Schema Update for Windows 2008 R2 on Windows 2012 R2 we had a problem with an older application on Windows 7. But the domain functioning level was unchanged. The application checked with Kerberos whether a user has a certain group membership. Unfortunately, we couldn’t see the source code and thus didn’t know what […]
Active Directory offers you many different ways of authentification. Most common are NTLM and Kerberos. This article is about how to read the Kerberos Token with .Net classes in PowerShell. The script get-sids-from-token.ps1 shows you how this can be done practically. To make it easier to understand, the article starts with an introduction to Kerberos […]
Everyone planning a domain migration probably has to deal with Active Directory SID Filtering sooner or later. While setting up an Active Directory Forest Trust, I came upon an interesting difference.
Updating of DNS records in the Active Directory. Lately, I was asked for advice about why DNS records in Active Directory were not updated with the current IP-address during the reinstallation of PC’s.
- Nesting groups in Active Directory
- Create home directory and grant permissions with PowerShell
- Creating an individual random password with PowerShell
- Retrieve Active Directory subnets with PowerShell
- Editing users of other domains – with PowerShell
- Azure Basics: Connecting with Azure (PowerShell)
- PowerShell Custom Objects
- Logon Script does not start on Windows Server 2012 R2 domain
- IsMember – Check group membership in Active Directory
- Dynamic OU Groups – Assign Permissions to OUs