Tag Archives: Windows Server 2012

PowerShell: How to use Get-ADUser to list all recently created accounts (and recently changed accounts)

PowerShell

For the next couple of posts I’ll be looking into AD security and auditing. In this article we’ll look at how to use Get-ADUser to list all recently created accounts.

With the increasing number of cyber attacks, security is at the top of most IT departments agenda. There are many checks you can perform to make sure AD is safe and secure, and that only valid or approved modifications have been made to user accounts. I’ll look at AD auditing in a future post, but this will be a handy snippet of PowerShell to help you identify recently created AD accounts, and a bonus bit of code to identify recently modified accounts!

Continue reading

PowerShell: Get-ADUser to retrieve disabled user accounts

PowerShell

I’ve written about Get-ADUser several times before because it is a pretty essential cmdlet for any Active Directory administrator, but I haven’t written about it in a while.

Recently I had a need to list all disabled accounts in a domain, so here is how to do it using Get-ADUser.

Continue reading

PowerShell: Get-ADComputer to retrieve computer last logon date (and disable them) – part 2

PowerShell

In this article we’ll look at using Get-ADComputer and Set-ADComputer to list computer accounts which haven’t logged in for xx days, and then automatically disable them.

In part 1 we looked at how to use Get-ADComputer to list computers by name and sort them by their last logon date with the premise that we can use the information to remove historic computer accounts from the domain.

Now we know the computer accounts we want to work with we will look at modifying the PowerShell command to automatically disable them.

Continue reading

PowerShell: Get-ADComputer to retrieve computer last logon date – part 1

PowerShellI’ve written about Get-ADUser several times already to find out Active Directory user information, but in this post we’ll be using Get-ADComputer to find out the last logon date for the computers in Active Directory.

As computers are retired or fail and are replaced how often do admins remember to remove the computer accounts from Active Directory?

You can use the command we are going to create below to enumerate the last login date for all the computer accounts in your domain, so that you can safely disable and remove them after they have been inactive for a period of time. Continue reading

PowerShell: Get-ADUser to retrieve password last set and expiry information

PowerShell

I’ve written about Get-ADUser before here and here where we used it to create a list of all users and display their homedrive, homedirectory and scriptpath properties.

In this post we’ll look retrieving password information to find out when a user last changed their password and if it is set to never expire. Continue reading

Windows Server 2012 R2 and Windows Server 2012 R2 Essentials Preview now available

Windows Server 2012

Microsoft have released Windows Server 2012 R2 Preview, Windows Server 2012 R2 Essentials and Hyper-V Server 2012 R2 Preview today.

They can be downloaded from the following links:

Windows Server 2012 R2 Preview

http://technet.microsoft.com/en-US/evalcenter/dn205286?WT.mc_id=Social_TW_OutgoingEvents_20130625_25202_windowsserver

Windows Server 2012 R2 Essential Preview

http://technet.microsoft.com/en-US/evalcenter/dn205288?WT.mc_id=Social_TW_OutgoingEvents_20130625_25350_windowsserver

Microsoft Hyper-V  Server 2012 R2 Preview

http://technet.microsoft.com/en-US/evalcenter/dn205299?WT.mc_id=Social_TW_OutgoingEvents_20130625_25353_windowsserver

The other noteable release is the Remote Server Administration Tools for Windows 8.1 Preview

http://www.microsoft.com/en-us/download/details.aspx?id=39296

With Windows 8.1 scheduled for tomorrow it’s going to be a busy week….