Windows LAPS (Local Administrator Password Solution) allows you to centrally manage the passwords for the local administrators on the computers in your AD domain. The current local administrator password is…| Windows OS Hub
This guide shows how to install, configure, and maintain a terminal server farm based on the Remote Desktop Services (RDS) role on Windows Server. The article will help you to…| Windows OS Hub
When a user closes the RDP/RDS session window in a terminal client (mstsc.exe, RDCMan or Remote Desktop HTML5 web client) by simply clicking the cross in the top right corner…| Windows OS Hub
In this article, we will look at several ways to manage non-admin user permissions to restart or shutdown Windows workstations or servers. By default, non-privileged users can only reboot and…| Windows OS Hub
Remote Desktop Gateway is a Remote Desktop Services role on Windows Server that is used to provide secure access to remote desktops and published RemoteApps from the Internet via an…| Windows OS Hub
Any Windows user can run a program in his current session on behalf of another user using RunAs. This allows you to run a script (.bat, .cmd, .vbs, .ps1), an…| Windows OS Hub
After you add a computer or a user account to an Active Directory security group, the new access permissions or the new GPOs are not applied immediately. To update the…| Windows OS Hub
In this short article, we will show you how to properly change an Active Directory domain name from test.com to resource.loc. In fact, it is not the best idea to…| Windows OS Hub
It can be difficult to track exactly who made certain changes when the Active Directory domain infrastructure is managed by multiple administrators (added or removed a user from a security…| Windows OS Hub
In this article, we’ll look at how to create new users in an Active Directory domain. You can create new user accounts in your domain using the graphical MMC snap-ins (…| Windows OS Hub
The task of searching for objects in Active Directory (users, groups, or computers) by name using some pattern, regular expression, or wildcard is not as obvious as it seems. The…| Windows OS Hub
If a trust relationship between a Windows workstation and an Active Directory domain is broken, the computer won’t be able to establish a secure channel with the domain controller, and…| Windows OS Hub
Quite often when creating new Organizational Units (OUs), an Active Directory administrator has to create a structure of nested containers inside a new OU. For example, when a company opens…| Windows OS Hub
You can use Group Policies (GPOs) to install and connect shared printers to specific users, computers, and groups in an Active Directory domain. In this article, we’ll look at how…| Windows OS Hub
Remote Desktop Connection Broker (RDCB) is a component of the Remote Desktop Services (RDS) role in Windows Server. RD Connection Broker allows you to load-balance the RDS farm servers (when…| Windows OS Hub
In this GPO troubleshooting guide, I’ll try to tell you about the typical reasons why a certain Group Policy Object (GPO) might not apply to an organizational unit (OU) or…| Windows OS Hub
You can use the Get-ADComputer PowerShell cmdlet to get various information about computer account objects (servers and workstations) in an Active Directory domain. This is one of the most useful…| Windows OS Hub
In this article, we’ll show you how to track user account lockout events on Active Directory domain controllers, and find out from which computer, device, and program the account is…| Windows OS Hub
SID (Security IDentifier) is a unique identifier that is assigned to users, groups, computers, or other security objects when they are created in Windows, an Active Directory domain, or an…| Windows OS Hub
The read-only domain controller (RODC) feature was first introduced in Windows Server 2008. The main purpose of the RODC is the secure installation of the own domain controller in remote…| Windows OS Hub
You can use Managed Service Accounts (MSA) to securely run services, applications, and scheduler tasks on servers and workstations in an Active Directory domain. The MSA is a special type…| Windows OS Hub
The Saved Queries in Active Directory Users and Computers (ADUC) MMC console allow you to create complex LDAP filters to select Active Directory objects. These queries can be saved, edited,…| Windows OS Hub
A separate account of type Computer is created for a computer when you join it to an Active Directory domain. A computer object in AD has several mandatory attributes: sAMAccountName,…| Windows OS Hub
Domain users can change their password either via the Windows Security menu after logging in, or directly from the Windows login screen if their password has expired. If a user…| Windows OS Hub
Every Windows system administrator should be able to use not only graphical AD snap-ins (usually it is ADUC, Active Directory Users and Computers), but also PowerShell cmdlets to perform everyday…| Windows OS Hub
The Remote Server Administration Tools (RSAT) allow you to remotely manage roles and features on Windows Server hosts from a Windows workstation. RSAT includes graphical MMC snap-ins, command line tools,…| Windows OS Hub
Active Directory user accounts have a special thumbnailPhoto attribute that can be used to store a user’s photo. These photos can be displayed as user avatars in apps such as…| Windows OS Hub
The Get-ADUser is the most commonly used PowerShell cmdlet for retrieving Active Directory user information, including attributes like usernames, email addresses, account activity, group memberships, contact details, job titles, organizational…| Windows OS Hub
UserAccountControl is one of the most important attributes of the user and computer objects in Active Directory. This attribute determines the state of the account in the AD domain: whether…| Windows OS Hub
You can use Group Policies to copy specific files and folders to user computers in the Active Directory domain. You can place files on the Desktop, in a particular user…| Windows OS Hub
In this article, we’ll look at what UPN (UserPrincipalName) suffixes in Active Directory are, how to add alternative suffixes in an AD forest and change UPN suffixes of Active Directory…| Windows OS Hub
The Active Directory Attribute Editor is a built-in graphical tool to manage the properties of AD objects (users, computers, groups). It is the Attribute Editor where you can view and…| Windows OS Hub
In this article, we’ll look at how to delegate administrative permissions in the Active Directory domain. Delegation allows you to grant the permissions to perform some AD management tasks to…| Windows OS Hub
Once you have installed Windows Server or a Windows 10 desktop machine, you will need to change the default name of the computer (hostname). It is usually recommended to include…| Windows OS Hub
This article describes how to join a Windows 10/11 or Windows Server 2022/2019/2016 computer to an on-premises Active Directory domain. Contents: Before You Join Windows to an AD Domain Add…| Windows OS Hub
