logo
November 1, 2024 | Dirk Schrader

Navigating User Account Management for Enhanced Windows Security

Importance of User Account Management for Windows Computers Your network is comprised of devices and users, and both require proper management. For a user to access a device and its hosted assets, that user requires a user account that has access to the computer. The allocation and management...
April 21, 2023 | Joe Dibley

Securing Account Credentials to Protect Your Organization

Compromising the credentials of Active Directory accounts remains a primary way for adversaries to gain a foothold in an organization’s IT ecosystem. They use a range of tactics, including credential stuffing, password spraying, phishing and brute-force attacks This blog post details key best...
July 30, 2018 | Russell Smith

How to lock, unlock, enable and disable AD accounts with PowerShell

The Active Directory GUI management tools, like Active Directory Users and Computers (ADUC), are fine for performing operations against single accounts. But when you need to deal with multiple AD accounts, PowerShell is a more flexible tool. In this post, I’ll show you how to use PowerShell to...
December 15, 2016 | Russell Smith

Security Tip: Detect Permission Changes in Active Directory

In this tip, I will show you how to enable auditing for changes to permissions on Active Directory objects. The following changes will log Event ID 5136 whenever someone successfully delegates or changes permissions on an object in Active Directory. Handpicked related content: [Free...
October 27, 2016 | Matt Hopton

Detecting Delegated Permissions in Active Directory

Security permissions in Active Directory can be a tricky topic. Not only does Microsoft hide them from you by default in Users and Computers, there is also no built-in tool to get an overall picture of how permissions have been applied to AD. In this article, I’ll take you through the basics...
April 8, 2016 | Troy Thompson

Group Policy for Password Monitoring

As an administrator, you have to ensure that your network is secure.  A big part of that includes deciding on a password strategy for user accounts and administrator accounts.  You can educate your users on best practices for password creation but you can also enable policies that force users to...
October 21, 2015 | Jeff Melnick

How Should IT Handle User Termination

Employment termination, as well as taking aboard the new hires, is an ongoing process for every organization. People get fired, quit/resign, replacements are found – it’s a never-ending story. IT departments, among others, have to handle account deletions and other actions related to employee...
June 3, 2015 | Russell Smith

Manage Local Administrator Account Passwords using LAPS

Active Directory is a centralized directory service that manages domain computer and user accounts, and device configuration using Group Policy. But with the exception of domain controllers (DCs), devices joined to a domain retain local user accounts. In a domain environment, local administrator...
April 15, 2015 | Adam Bertram

Local Administrator Group Changes: Get Notified with PowerShell

Picture this.  You work at a company that prides itself on it’s security practices.  They’ve got firewalls, IDS/IPS systems, routinely perform security audits, keep patches up to date and have a really expensive SIEM product that generates alerts the moment something fishy goes on. A very...
March 17, 2015 | Russell Smith

How to Disable Inactive User Accounts Using PowerShell

Inactive Active Directory (AD) user accounts can pose a security risk to organizations, in situations such as when former employees still have active accounts months after leaving the company because HR failed to inform IT, or accounts might be created for a particular purpose but never deleted...
Show more articles
...