Category : active-directory

After adding a user to the local Administrators group… even though the user is in the local group, they still don’t have effective permissions as a desktop Administrator. They have to at least logoff/logon or reboot for the permissions to take effect. I was wondering if there’s a way to do this via command-line in ..

Read more

Hey Guys so I’m trying to gather all the disabled users in our Active Directory and trying to remove the disabled users from all their groups. Mostly for cleanup purposes. I’m a bit stuck on my script. I’m not sure what to put after Remove-ADPrincipalGroupMembership $disabled_users = Get-AdUser -SearchBase "Ou=Users, Ou=test, DC=testdomain, DC=io" -Filter "enabled ..

Read more

Suppose I have two domains with trusted relationshaip between each other. I initialize IDsObjectPicker to select users and I want to see users from both of the domains, but it shows me users only from the domain the local computer is joined to. I.e. under "Entire directory" in "Location" I see only current domain. Which ..

Read more

I have Windows Servers (2016 and 2019, may have more versions in the future) joined to a domain restricted.company.net. The domain has a one-way external trust to corp.company.net so that users in corp can login to the servers using RDP. When users login, the RDP session hangs on waiting for the user profile service for ..

Read more