Export User List to CSV File from Active Directory using PowerShell
Here is a one liner to allow you to do this: Image Attribution: CHUTTERSNAP
Active Directory
Check if two domain controllers are in-sync
PROBLEM: You need to check if two domain controllers are in sync with each other. SOLUTION: To do this you need to understand a bit about how Active Directory reports if a domain controller replication is in sync. There is something called a UTDV up-to-dateness vector that is basically a number representing what the domain … Read more
Getting a specific attribute about each AD User using PowerShell
Using powershell you can get the value of a specific attribute of a user. To do this run the below, this will get all the user objects in the OU called “Users” and display the samAccountName and extensionAttribute10 attribute.
Set a specific AD attribute with PowerShell
So here is an example you want to set all the users in the OU called “Users” to have the extensionAttribute10 with the value “student” to do this you can run the below script:
Tracking Down Cause of Locked Active Directory Account
With the prevalence of mobile devices this is becoming more of a problem, you have a user who comes in every day and swears blind nothing has the wrong password, but something is locking them out. Here is how to fix it: Firstly you must ensure that you are logging the stuff correctly on your … Read more
Active Directory – How to Find Failed Logon Requests
So to find any failed logon requests for a user you can use one of the two following XML queries, the first just shows all successes and failures for that user. The second shows just the failures only for that user. 1. Open the event viewer, and click on the “Security” log on the left … Read more
Microsoft Windows 2008 R2 Domain Controller with DNS Server Fails to Resolve Some External Domains
Upon the setup of the new Windows 2008 R2 DNS servers there is a problem that the DNS lookups for external domain fail; internal domain name resolution is unaffected. Restarting the DNS server (or the whole server) resolve the problem, as does clearing the cache. When the problem is happening, an nslookup command issued for … Read more
“Access Denied” Error when Depromoting a Domain Controller
When depromoting a domain controller I started to get this error: “The operation failed because Active Directory could not configure the computer account <COMPUTERNAME>$, on the remote domain controller <COMPUTERNAME>$ “Access is denied.” What I did to try and fix it: · Verified the “protect from accidental deletion” tick box not … Read more
Active Directory Disappearing Permissions
A odd problem with Active Directory that I came across this week; a user object keep on “losing” its permissions. When adding the “Send As” permissions for Exchange on a AD user object all seemed to go okay, then about 20 minutes or so later the permission would just vanish! After much rumaging around I … Read more
Configuring and Troubleshooting Active Directory Replication
While setting up my new domain controllers, came across this site, looks to offer some good tips about AD. http://www.tech-faq.com/configuring-and-troubleshooting-active-directory-replication.shtml