With Windows Server 2008, Microsoft introduced Fine-Grained Password policies which utilizes a new Active Directory object called Password Settings Object (PSO). These objects allow you to more easily create and assign password policies to subsets of users, albeit with a bit of an unpolished implementation method compared to the old method via group policy (GPO). If…
Read On…
Posts Tagged ‘user’
PowerShell: Compare Membership Of Two Active Directory Groups
At my company we have a web filtering solution (McAfee Web Protection) where we use Active Directory groups assigned to specific web filtering policies. Even though these groups are not supposed to have duplicate user accounts, over time, with multiple people administering them, that is exactly what has occurred. I needed a quick way to compare…
Read On…
Active Directory: Workstation Logon Restrictions (Log On To)
I think the “Log On To” setting within the Account tab of an Active Directory user could easily be overlooked. As simple as this setting is, it’s very easy to forget about it in favor of something more elaborate when attempting to restrict user access to specific computers. Let’s say you want to allow a…
Read On…