Having a Samba 4 AD around in my lab was nice for a time, but every now and then things would break after Ubutnu installed the latest Security update or some other unknown cause, and it always seemed to happen when I really wanted to use my Samba server too which made it even more […]Read More JumpCloud and Samba 4
This is a PowerShell script that will send an email notification to Active Directory users when their password will expire in 14, 7, 3, 1, and Zero days. Administrators/helpdesk also get a daily report of passwords that are expired and the users who got an email reminder, a great heads up for your helpdesk. The […]Read More Active Directory Password Expiration Email Notification
I’ve found it’s often helpful to get an email notification when an Active Directory account is locked out. In a previous job we used Account Lockout Examiner from NetWrix for this functionality. A few years and a job or two later and I’ve found a way to do this with the Windows Task Scheduler and […]Read More Active Directory Account Lockout Notifications using PowerShell
I had a need to apply a Group Policy only to VMware virtual machines. One possible option was to filter on the vendor of the network adapter, which can be determined by looking at the MAC address. The public listing of company ID assignments can be found at IEEE OUI Public Listing and is updated […]Read More Group Policy WMI Filter for Virtual Machines
Please don’t do this. The .local TLD is a reserved namespace for MDNS. MDNS is used extensivly by Apple in their Bonjour technology which is built into OS X, and typically finds it’s way on to Windows computers via an iTunes installation. If there is ever the possiblity that Macs will be added to your […]Read More PSA: Do not name your Active Directory domain .local!
Thanks to PCI requirements we recently formalized the the password aging policy in our Active Directory domain and unchecked the Password does not expire flag on all users accounts. I quickly found that I needed a way other than using Active Directory Users and Computers to check to see if a user’s password is expired […]Read More Check status of a user’s password
I like my Active Directory, or at least the OUs in AD that I manage, to not have stale objects hanging around. Over time computers come and go, but they often leave behind their accounts in your Active Directory. I like to automate things as much as possible, so to go through AD and find […]Read More Find and Disable Inactive Computer Objects in Active Directory