Powershell : Count Members of a AD Group

Tuesday, May 31, 2016

Powershell : Count Members of a AD Group As System Administrator, In many cases you need to count members of AD group. The Get-ADGroupMember cmdlet gets the members of an Active Directory group. Members can be users, groups, and computers. Code: $users = Get-ADGroupMember -Identity 'Group Name' $users.count 132

PowerShell: Unlock Active-Directory Users Account

Monday, November 23, 2015

How to: Unlock Active-Directory Users Account via PowerShell First, open PowerShell in administrator right. Import Module Active-Directory    Run command Search-ADAccount - LockedOut If there are any locked accounts, they will be shown like the following example: To unlock account(s), add Unlock-ADAccount parameter to basic command #Examples Search and unlock all account in domain Search-ADAccount -LockedOut | Unlock-ADAccount Limit the search to a specific OU, Search-ADAccount -SearchBase "OU=Users,OU=Skepper,DC=MyDomain,DC=net" -LockedOut | Unlock-ADAccount Limit search to  Users Only Search-ADAccount -UsersOnly -LockedOut | Unlock-ADAccount  
no comments

ERROR: “The join operation was not successful. This could be because an existing computer account having name…”

Monday, August 18, 2014

The join operation was not successful. This could be because an existing computer account having name “<computer name” was previously created using a different set of credentials. Use a different computer name, or contact your administrator to remove any stale conflicting account. The error was: Access is denied. Two Main Points to fix this issue: 1. Ensure no exist computer name in Active Directory - if exist - delete it. 2.  Create a new computer in the relevant UO.
no comments

DSQuery all servers in Active Directory

Monday, July 7, 2014

How to use DSQUERY to find computers in Active Directory ? Intro: Dsquery is a command-line tool that is built into Windows Server 2008. It is available if you have the Active Directory Domain Services (AD DS) server role installed. To use dsquery, you must run the dsquery command from an elevated command prompt. To open an elevated command prompt, click Start, right-click Command Prompt, and then click Run as administrator. Here a few examples; 1. Find all computers: dsquery * -Filter "(&(objectClass=computer)(operatingSystem=*))" -Attr name operatingSystem -limit 100000000   2. Find only Servers: dsquery * -Filter "(&(objectClass=computer)(operatingSystem=Windows Server *))" -Attr name operatingSystem -limit 100000000   3. Find Windows Server 2012: dsquery * -Filter...

Active Directory Replication Registry Entries

Wednesday, July 2, 2014

Active Directory Replication Registry Entries Notice: This article was not written by me, but is very useful. Source The information here is provided as a reference for use in troubleshooting or verifying that the required settings are applied. It is recommended that you do not directly edit the registry unless there is no other alternative. Modifications to the registry are not validated by the registry editor or by Windows before they are applied, and as a result, incorrect values can be stored. This can result in unrecoverable errors in the system. When possible, use Group Policy or other Windows tools, such as...

Netlogon – Error,Type, Event and Description

Tuesday, February 25, 2014

Monitoring Account Lockout Netlogon Log File Error Codes Each event in the Netlogon log contains a corresponding error code. The following table describes these error codes. Netlogon Log Error Codes Logon Events Many different events can be created by various logon and logoff actions. The following table describes each logon event. Logon Event IDs Netlogon Logon Types When many Netlogon logon events are logged, a logon type is also listed in the event details. The following table describes each logon type. Netlogon Logon Types Skepper
no comments

Microsoft Active Directory Topology Diagrammer

Monday, December 30, 2013

Microsoft Active Directory Topology Diagrammer The Microsoft Active Directory Topology Diagrammer reads an Active Directory configuration using LDAP, and then automatically generates a Visio diagram of your Active Directory and /or your Exchange Server topology. The diagramms may include domains, sites, servers, organizational units, DFS-R, administrative groups, routing groups and connectors and can be changed manually in Visio if needed. With the Active Directory Topology Diagrammer tool, you can read your Active Directory structure through LDAP. The Active Directory Topology Diagrammer tool automates Microft Office Visio to draw a diagram of the Active Directory Domain topology, your Active Directory Site topology,...

Register Active Directory Schema Snap-In (dll)

Monday, December 16, 2013

Register Active Directory Schema Snap-In (dll) For the Active Directory Schema snap-in (MMC) we must first register schmmgmt.dll. Here how we register that dll. Step -1 Log-on as administrator. Step-2 click Start , type command prompt , and then right-click Command Prompt when it appears in the Start menu. Next, click Run as administrator , and then click OK . Step-3 Type the following command, and then press ENTER: regsvr32 schmmgmt.dll Step-4 Click Start , click Run , type mmc , and then click OK . On the File menu, click Add/Remove Snap-in. Under Available snap-ins , click Active Directory Schema , click Add , and then click OK . Now you can manage...
tags: ,
no comments

Which domain controller i connected to ?

Which domain controller I'm connected ? (or how to find domain controller) In an environment where there are several domain controllers, sometime we want to know which domain controller our computer is connected . In this post I will show some ways to get the information. Option-1 Using nltest Open command prompt with administrative privileges and run: c:\>nltest /dsgetdc:<domain_name> you need to replace "domain_name" with your domain (domain.local for example). Option-2 the SET command again, open CMD, run SET and Look at the variable called %LOGONSERVER%. c:\> set Tip, you can narrow the results relevant line only by run this command: c:\>set | find "LOGONSERVER"   or c:\>set log Option-3 echo command this command will...
no comments