Active Directory

Installing, Configuring, Securing and Using MDT Webservices – Part 3

June 28, 2019

In Part 1 we walked through the installation and configuration of Deployment Webservices. In Part 2 we walked through securing the Webservice. In this part I will demonstrate how to use the Webservice via a PowerShell script to securely move a computer object during the operating system deployment (OSD) task sequence using Microsoft Deployment Toolkit […]

Read the full article →

Installing, Configuring, Securing and Using MDT Webservices – Part 2

December 22, 2016

In Part 1 we walked through the installation and configuration of Deployment Webservices. In this part we will focus on securing the Webservice. There are five (5) main areas that I focus on to lock down the Webservice, and I’ll include two (2) optional areas for consideration: Use Request Filtering, which is basically what the old […]

Read the full article →

Installing, Configuring, Securing and Using MDT Webservices – Part 1

December 12, 2016

This will be a three part article on installing, configuring, securing and using Maik Koster’s Deployment Webservice. Part 1 – Installing and Configuring Deployment Webservices Part 2 – Securing Deployment Webservices Part 3 – Using Deployment Webservices I’m a massive fan of Microsoft Deployment Toolkit (MDT) and use it for all customer deployments that don’t already have […]

Read the full article →

Script to modify the defaultSecurityDescriptor attribute on the Group-Policy-Container schema class object

June 29, 2016

Last week I published an article about the changes in the behavior of Group Policy processing after the deployment of security update MS16-072 under KB3163622. It included a script to assist with the remediation of Group Policy permissions: Script to report on and remediate the Group Policy security change in MS16-072. Of course that’s not where it […]

Read the full article →

Script to report on and remediate the Group Policy security change in MS16-072

June 22, 2016

On June 14th 2016 Microsoft released security update MS16-072 under KB3163622 that changes the behavior of Group Policy processing so that user group policies are now retrieved by using the machine’s security context instead of the user’s security context. This is a by-design behavior change from Microsoft to protect computers from a security vulnerability. Update 23/06/2016: Microsoft […]

Read the full article →

Netlogon parser for Message Analyzer

January 25, 2015

The Microsoft Message Analyzer is a very cool tool which helps us read and analyse a number of different log and trace file formats. In fact Message Analyzer is the replacement for the old Network Monitor (AKA Netmon) tool. Brandon Wilson from Microsoft wrote a parser for the NetLogon.log files. Here are the references to Brandon’s TechNet blogs: […]

Read the full article →

Script to Create a Summary Overview and Full Report of all Contact Objects in a Domain

January 2, 2015

This PowerShell script is one of the most comprehensive you will find that provides a thorough overview and full report of all contact objects in a domain. It is the culmination of many Active Directory audit and reviews and therefore contains valuable input from many customers. A lot of thought has been put into the logic […]

Read the full article →

Script to Create an Overview and Full Report of all Group Objects in a Domain

January 2, 2015

This PowerShell script is one of the most comprehensive you will find that provides a thorough overview and full report of all group objects in a domain. It is the culmination of many Active Directory audit and reviews and therefore contains valuable input from many customers. A lot of thought has been put into the logic within […]

Read the full article →

Script to Create an Active Directory Schema Update Report

June 22, 2014

This PowerShell script was written by the awesome Ashley McGlone (AKA Goatee PFE) and published to the TechNet Script Center. It was also blogged on the Scriting Guy TechNet site. However, it did need some updates to keep up with the newer schema updates as well as adding the SCCM (ConfigMgr) versions. As Ashley has […]

Read the full article →

Script to Create an Overview of all Computer Objects in a Domain

June 22, 2014

This PowerShell script will provide an overview and count of all computer objects in a domain based on Operating System and Service Pack. It helps an organisation to understand the number of stale and active computers against the different types of operating systems deployed in their environment. Computer objects are filtered into 4 categories: Windows Servers […]

Read the full article →

← Previous Entries