Performing an Offline Domain Join

Sometimes it is necessary to perform an Offline Domain join of a computer. This is usually for a remote computer with no immediate access to the domain network. You can use DJOIN to perform and offline domain join and force the machine to apply group policies that would normally be applied whilst connected to the… Read More

Advertisements

Resetting Office 365 Password using Powershell

To reset an office 365 user’s password you need the Windows Azure Active Directory Module installed http://msdn.microsoft.com/en-us/library/azure/jj151815.aspx Open the console and enter Connect-MsolService Press Enter, enter your admin Office 365 account username and password in the logon box Then issue this command Set-MsolUserPassword -UserPrincipalName cphillip@domain.com -NewPassword London1234 -ForceChangePassword $false

Resetting User’s Password in Active Directory Using Powershell

This command and script was created for ease of convenience, simplicity and speed during a recent job   Set-ADAccountPassword <username> -Reset -NewPassword (ConvertTo-SecureString -AsPlainText <password> -Force) And to prevent them from changing or changing at logon Set-AdUser -Identity <username> -CannotChangePassword:$true -ChangePasswordAtLogon:$false

Adding Pictures to Active Directory

I came across this challenge when installing Lync 2013 where a customer did not have Exchange 2013 and therefore unable to us HD pictures in Lync and Exchange. Prior to Exchange 2013 the only way to import pictures is to use Active Directory to store the image. Storing images in AD have specific requirements. The… Read More

Emailing Users when Password is about to Expire

I had one request from a customer recently that asked if it was possible to email users before the their active directory passwords expire as it was causing issues with remote users. I created a PowerShell script which I added as a scheduled task on one domain controller that runs once  a day. The script… Read More

Precreate 2012 R2 RODC computer object in Active Directory

To pre-create a Read Only Domain Controller account in Active directory using PowerShell perform the following steps Create a Domain User Account called RODCADMIN and set Password Create a Security Group called Allowed Prepopulating and add in users you want to allow to cache credentials on a RODC, e.g Domain users and Domain Computers Run… Read More

Performing an Authoritative Synchronisation of SYSVOL using DFSR

I came across a scenario the other week where newly promoted 2012 R2 domain controller would not complete it’s initial SYSVOL replication and in doing so was failing to advertise properly as an available authentication server. The only way I was able to resolve this issue was to perform an authoritative synchronisation of the SYSVOL… Read More