Welcome to The Experts Community! We've created this site so that the general community of Active Directory administrators has a place to ask AD-related questions, as well as questions related to identity management in general. This is also a repository of content, including numerous papers and other resources, and links to other useful Web sites, books, and online materials. We encourage you to participate: Create an account, subscribe to an RSS feed, ask a question, or offer an answer. Thanks for visiting!


Questions
»All Questions · »Ask a Question
Fresh Resources
»All Resources
Latest Article

Active Directory Round Up 3/19/2010

» by JeffHicks on Fri 19 Mar 2010 · No replies

Here's what I found interesting this past week in the AD and Identity management world. Although it was a bit of a slow week, news-wise.First up the DirTeam blog has a handy post about the delegation tab in Active Directory Users and Computers (ADUC). You might want to delegate user credentials with Kerberos for a given account, like a service account. But what is happening when the tab is missing?  How do you handle delegation? Check out the post for the details.The Group Policy Center blog is continues their series of posts on typical user configuration. This week there is a good post about allowing file downloads using Internet Explorer. Check it out along with all their other useful articles.One thing I enjoy about collecting all the news is that I inevitably come across some tidbit I didn't know. This week,  Brian McCann offers a suggestion on how to disable the shake feature of Windows 7. I didn't even know there was such a feature! Personally I kind of like it.  If
...continue reading "Active Directory Round Up 3/19/2010"


More Articles
»All Articles
Announcements

Tell Us Why You Want to Go to TEC 2010! -- Win a Free Conference Pass (No Purchase Necessary)

» by Rich on Thu 18 Feb 2010 · No replies

We are pleased to announce a new contest to hear why you want to attend The Experts Conference 2010 happening April 25-28 in Los Angeles featuring advanced training on Microsoft Directory & Identity, Exchange and SharePoint technologies ... "for the experts, by the experts"
...continue reading "Tell Us Why You Want to Go to TEC 2010! -- Win a Free Conference Pass (No Purchase Necessary)"

»More Announcements

Active Directory Round Up 3/19/2010

» by JeffHicks on Fri 19 Mar 2010 · No replies

Here's what I found interesting this past week in the AD and Identity management world. Although it was a bit of a slow week, news-wise.First up the DirTeam blog has a handy post about the delegation tab in Active Directory Users and Computers (ADUC). You might want to delegate user credentials with Kerberos for a given account, like a service account. But what is happening when the tab is missing?  How do you handle delegation? Check out the post for the details.The Group Policy Center blog is continues their series of posts on typical user configuratio
...continue reading "Active Directory Round Up 3/19/2010"

Get Local Account Password Expiration

» by JeffHicks on Tue 16 Mar 2010 · No replies

Last week I posted a revision to a PowerShell script from the Microsoft AD team on discovering when a user's password was going to expire.  Of course that's only half the battle. You probably still have local user accounts to keep track of like the local Administrator. Wouldn't you like to get the same information? There are no cmdlets for working with local user accounts, so I took a script from my book, Managing Active Directory with Windows PowerShell: TFM (SAPIEN Press 2008) and updated it for PowerShell 2.0. Even though the book is primarly about AD, there are several chapters on working wit
...continue reading "Get Local Account Password Expiration"

Active Directory Round Up 3/12/2010

» by JeffHicks on Fri 12 Mar 2010 · No replies

The end of another week means another round up of Active Directory and Identity related news.First up, several AD bloggers recommended an ebook by Matias Woloski, Claims-Based Identity and Access Control Guide. This is a free PDF covering patterns and practices for service authentication and authorization on the web. Here's the summary from the online version at MSDN.Imagine a world where you don't have to worry about authentication. Imagine instead that all requests to your application already include the information you need to make access co
...continue reading "Active Directory Round Up 3/12/2010"

Lost and Found

» by Anonymous on Fri 12 Mar 2010 · 1 reply

I turned on advanced features in AD Users and Computers on my 2003 DC. I found a folder called Lost and Found. What is this for?  Right now it's empty.  If anything ever shows up should I just delete it?
...continue reading "Lost and Found"

Get AD User Password Expiration

» by JeffHicks on Wed 10 Mar 2010 · No replies

Last week I came across a post on the Microsoft Active Directory team blog about finding when a user password expires. The blog posted a PowerShell script that uses the ActiveDirectory cmdlets. The function takes a user name you pass it, get's password information and lets you know if the password has expired or when it is going to expire. It works and gets the job done. However, I decided to take it a step further. One of my concerns with the original version is that it can't be used in the pipeline. What if you want to get password information for a group of users, but sort them by the password expiration date or onl
...continue reading "Get AD User Password Expiration"

Active Directory Design Guide released 3/1/2010

» by Rick on Tue 09 Mar 2010 · No replies

Microsoft has released a 117 page design guide for Active Directory in a healthcare organization around current best practices. This should be applicable to most organizations.
...continue reading "Active Directory Design Guide released 3/1/2010"

Active Directory Round Up 3/5/2010

» by JeffHicks on Fri 05 Mar 2010 · No replies

I've realized I don't spend nearly enough time on Microsoft Technet related sites.  This week I came across some useful screencasts on Active Directory in Windows Server 2008 R2. The screencasts are short at around 6 minutes but provide enough information to get you going. Since I doubt I'm not the only one who missed out, I figured I'd share what I found.  First, take a look at a preview on the Active Directory Recycle Bin. You might also take a look at the one on the Active Di
...continue reading "Active Directory Round Up 3/5/2010"

Computer Account Passwords

» by Anonymous on Wed 03 Mar 2010 · 1 reply

How often are computer account passwords changed in Active Directory? We have some computers that have been out of touch for 30-45 days - will they be a problem?
...continue reading "Computer Account Passwords"

Search AD users in SBS

» by Anonymous on Tue 02 Mar 2010 · 1 reply

I need to search an active directory for objects created recently, Is there such a way? SBS 2003
...continue reading "Search AD users in SBS"

I am using AD 2003, I want to change other's machine local admin password from AD, how I will do it?

» by Anonymous on Tue 02 Mar 2010 · 2 replies

I am using AD 2003, I want to change other's machine local admin password from AD, how I will do it?
...continue reading "I am using AD 2003, I want to change other's machine local admin password from AD, how I will do it?"