PowerShell: Active Directory Optimization

The Netwrix blog is famous for its series of blog posts that provide IT pros with powerful PowerShell commands for Active Directory. Using these helpful cmdlets, you can easily collect the required information without spending too much time on scripting. Sounds good, doesn’t it? Today, we compiled a list of all these blog posts so … Continued

How to Collect AD Site Information Using PowerShell

A good old PowerShell will help you in case you wish to collect AD site information such as Active Directory site location, site options configured, ISTG assigned to the site, Site links and bridgehead servers. Below PowerShell Script uses New-Object function to connect to Directory Context and then get all Active Directory sites. All Active … Continued

How to Get a List of AD Users Whose Passwords Never Expire Using PowerShell

You might have created Active Directory user accounts for which the passwords never expire. For example, you would always set the Password Never Expire attribute for user accounts that are utilized as service accounts, but you need to make sure that unwanted user accounts do not have the Password Never Expire attribute set. This is … Continued

How to Get a List of Expired User Accounts in AD Using PowerShell

One of the most important tasks that an Active Directory administrator performs is ensuring that expired user accounts are reported in a timely manner and that action is taken to immediately remove or disable them. Note that user accounts for which you set an expiration date are only created temporarily. For example, you might have … Continued

How to Find Locked Out User Accounts in Active Directory Using PowerShell

It isn’t difficult to find locked-out user account information from Active Directory as long as you use PowerShell. The PowerShell cmdlet Search-ADAccount can provide you with a list of user accounts that have been locked out of the system, as is shown in the following PowerShell command: Search-ADAccount -LockedOut -UsersOnly -ResultPageSize 2000 -resultSetSize $null | … Continued

How to Find Inactive Computers in Active Directory Using PowerShell

If you wish to collect stale computer accounts from Active Directory, you can always use the Get-ADComputer PowerShell cmdlet. As the name suggests, Get-ADComputer targets only computer accounts. Get-ADComputer does not provide any parameter that allows you to specifically collect stale computer accounts; however, it does feature a “-Filter” switch, which lets you specify a … Continued

SysAdmin Magazine: May the PowerShell Be with You

All the brave Jedi who face the everyday challenge of mastering Active Directory, We came to help you. The June issue of Sysadmin magazine brings you a lightsaber of IT security world —sacred PowerShell cmdlets that will move your IT infrastructure security to an intergalactic level. Contents: Discover New Users in Active Directory and Email Their … Continued

PowerShell: Find Disabled or Inactive Users and Computers in AD

PowerShell is becoming increasingly more popular and is the first choice for Windows administrators to collect information from target systems. Every Windows role ships with its own PowerShell modules. Active Directory ships with more than 450 PowerShell cmdlets that you can use to collect information about every object in Active Directory, such as disabled computer … Continued

Office 365: Configuring User Passwords to Never Expire

One of the questions that we are most frequently asked is regarding users or administrators who subscribe to Office 365 but who are tired of receiving Office 365 password expiration notifications. These users might not be used to the service’s default password expiration policy, especially if they are coming from in-house systems that had more … Continued

PowerShell Script: Discover New Users in Active Directory

When new employees join a company, IT technicians have to create their accounts in Active Directory. Later, the IT specialist welcomes each newcomer and helps them log in to the domain. In this article, I’ll show you how to automate this procedure with the help of PowerShell scripting. Feel free to edit this script to … Continued

Create AD Users in Bulk and Email Their Credentials Using PowerShell

Every year, educational institutions enroll hundreds of students. As a result, the institutions’ system engineers require extra time and effort to create an AD account for each student and then to manually inform the students about their usernames and passwords. This step-by-step guide will make system engineers’ lives a little easier with the help of … Continued

Visibility Tips: Who Has Access to Mailbox?

Most organizations with more than 10 or 20 people on staff that are running either Exchange Server on premises or Office 365 in the cloud have mailboxes that are shared on some level. These scenarios could include the following: An executive or manager that generally handles his own tasks but offers delegated access to his … Continued

5 Free Exchange Security Tools You Probably Don’t Know About

Exchange email security is a huge front to defend. There are now so many attack surfaces that it can be hard to decide how to start. Here are a few things that you might want to consider when thinking about your Exchange infrastructure security setup. This is by no means a full list. 1. Full Access … Continued

How to Get Notified of an Expired Password in Active Directory with PowerShell

This article will go over how to write a script to read all users’ last expired password and detect the time it will expire. It will then send an email. Passwords aren’t the most secure way to protect information these days but still are used nearly everywhere you look. IT professionals in the enterprise sector … Continued

Advanced Event Log Filtering Using PowerShell

In a previous blog post, Monitoring Event Logs with PowerShell, I showed you how to use Get-WinEvent to perform basic event log monitoring using PowerShell. In this article, I want to demonstrate how Get-WinEvent can be used to run more complex queries using the –FilterHashtable parameter. Let’s start by returning the last 50 events in … Continued