Tags » Active Directory

Active Directory Scripting Highlight: Identify and Move Active Directory Operations Master Roles with PowerShell

Getting your bearings and knowing everything you can about a Forest/Domain you are migrating is key.  Which domain controllers in the Forest and Domains hold the Operation Masters roles is one of those important details as you modify or decommission domain controllers.   221 more words

PowerShell

Active Directory Script Highlight: Simple HTML Export of all Group Policy Object Details

So once you have cleaned up your group policies like I outlined in my last two Active Directory Scripts Highlights,  what’s next? In this article I have a couple of variations of  scripts using the Get-GPOReport cmdlet that will allow you to export all of your Group Policy settings into HTML pages, just like you would see from the Settings tab from within Group Policy Manager. 186 more words

PowerShell

Remove Users and Computers

  • Create CSV file
  • Import CSV file content
  • Splash parameters with hashtables
  • Build script.

If you still manage users and computers in active directory manually, there are two options, maybe you manage a very small infrastructure, or, you must continue reading this!

379 more words
Tool Making

Automate Import of Active Directory Records into SQL Server

Previously we detailed how to query Active Directory with the help of a linked server in SQL Server. Now let’s take it a step further by automating the process of retrieving the records from Active Directory and storing them in a SQL Server database using a job schedule. 614 more words

Sql Server

DCShadow

The DCShadow is an attack which tries to modify existing data in the Active Directory by using legitimate API’s which are used by domain controllers. This technique can be used in a workstation as a post-domain compromise tactic for establishing domain persistence bypassing most SIEM solutions. 460 more words

Red Team

Sending Email Alerts When Active Directory Groups Change

It’s obviously a good idea to monitor certain Active Directory groups for membership changes. An example of a group that should be monitored is the Domain Admins group. 464 more words

Python