Posts

Showing posts with the label IT KBase

Find AD Users who never logged on using Powershell

We can use the Active Directory powershell cmdlet   Get-ADUser   to query users from AD. We can find and get a list of AD users who never logged in at least one time by checking the AD attribute value   lastlogontimestamp .   The below command lists all users who never logged on. Get-ADUser -Filter {(lastlogontimestamp -notlike "*")} | Select Name,DistinguishedName If you want to list only enabled ad users, you can add one more check in the above filter.   Get-ADUser -Filter {(lastlogontimestamp -notlike "*") -and (enabled -eq $true)} | Select Name,DistinguishedName If you are familiar with LDAP filter you can also find never logged in users by using ldap filter.   Get-ADUser -ldapfilter '(&(!lastlogontimestamp=*)(!useraccountcontrol:1.2.840.113556.1.4.803:=2))' | Select Name,DistinguishedName In most cases, we may want to find AD users who created in last certain days or months and not logged in their system. To achieve this, we need to fi...

Changes in Windows 2008 Active Directory

Active Directory Domain Services Active Directory Domain Services (AD DS), formerly known as Active Directory Directory Services, is the central location for configuration information, authentication requests, and information about all of the objects that are stored within your forest. Using Active Directory, you can efficiently manage users, computers, groups, printers, applications, and other directory-enabled objects from one secure, centralized location. Auditing.  Changes made to Active Directory objects can be recorded so that you know what was changed on the object, as well as the previous and current values for the changed attributes. Fine-Grained Passwords.  Password policies can be configured for distinct groups within the domain. No longer does every account have to use the same password policy within the domain. Read-Only Domain Controller.  A domain controller with a read-only version of the Active Directory database can be deployed in environments where th...

Port Numbers

 25 SMTP  53 DNS  80 HTTP  88 Kerberos  102 X.400  110 POP3  3389 RDP   119 NNTP  135 RPC  137 – NetBIOS Session Service  139 – NetBIOS Name Service  143 IMAP4  379 LDAP (SRS)  389 LDAP  21  ftp  443 HTTP (SSL)  445 – NetBIOS over TCP  465 SMTP (SSL)  563 NNTP (SSL)  636 LDAP (SSL)  691 LSA  993 IMAP4 (SSL)  994 IRC (SSL)  995 POP3 (SSL)  1503 T.120  1720 H.323  1731 Audio conferencing  1863 – MSN IM  3268 GC  3269 GC (SSL)  6001 Rpc/HTTP Exchange Store  6002 HTTP Exchange Directory Referral service  6004 Rpc/HTTP NSPI Exchange Directory Proxy service/Global Catalog  6667 IRC/IRCX  6891 – 6900 – MSN IM File transfer  6901 – MSN IM Voice  7801 – 7825 – MSN IM Voice

Implementing DFS Namespaces

Image
DFS (Distributed File System) was first introduced in Windows 2000 as a way of managing shared disk resources across a network and making it easier for users to find and access these resources. Unfortunately DFS in Windows 2000 was somewhat limited in its capabilities, especially in regard to providing high availability in distributed multi-site environments but also in efficiently replicating shared resources over slow WAN links. These limitations made DFS in Windows 2000 something of a pain to work with, and Windows Server 2003 offered little in terms of improvements. With the release of Windows Server 2003 R2 however, a fresh release based on Windows Server 2003 Service Pack 1, DFS has been significantly enhanced in several ways. In this article and several following on WindowsNetworking.com, I’ll describe these enhancements and show how to implement them in various enterprise scenarios. Installing DFS What used to be DFS in Windows 2000 and Windows Server 2003 is now two separate ...

Configuring and Using DFS Replication

Image
Configuring DFS Replication In the previous article we used DFS Replication to provide fault-tolerance for \\r2.local\Accounting\Billing\Invoices, a folder within the \\r2.local\Accounting namespace in the r2.local domain. This folder originally had only one folder target, the shared folder \\BOX163\Invoices, and to make this folder redundant we had to do two things: Add a second folder target, namely the shared folder \\BOX162\Invoices, so that if the first folder target was unavailable, client machines could obtain a referral from the namespace server so they could connect to the second target instead. Replicate the contents of the first folder target (\\BOX163\Invoices) to the second folder target (\\BOX162\Invoices) and keep the contents of these two shared folders in sync so that if one of them becomes unavailable, clients can still access the files stored in this namespace folder.  Using the Replicate Folder Wizard, we saw how easy this task is to perform. Let's spend a mo...