Intro In this tutorial, we will see how using a group policy, add a registry key. With group policies, it is also possible to delete or modify the value of an existing key Depending on the hive (HKLM / HKCU), the strategy should be placed on the correct OU (Organizational unit) and the correct computer …
Presentation In this tutorial, we will see how to activate automatic session locking after a period of inactivity. This group policy increases the level of security, because many users do not lock their session when they leave their workstation. The parameters that we will configure apply to Users. Activate automatic session lock From a domain …
Presentation of the central store The central store makes it possible to share and synchronize all of the Group Policy Definition (ADMX) files on all of the domain controllers by relying on the SYSVOL folder. By default the ADMX files are in the C:\Windows\PolicyDefinitions folder which is specific to each domain controller. It is also …
Presentation This tutorial follows Exchange migration to Office 365 – minimum hybrid configuration for uninstalling (decommissioning) of Exchange in the local environment Microsoft recommends not to decommission the local Exchange, by doing this you can no longer administer with an interface mailboxes including aliases. This tutorial can also serve as a guide for uninstalling after …
Presentation of authentication policies With Windows Server 2012R2 and the new ADAC (Active Directory Administration Center) administration console, Microsoft has added authentication policies that provide an additional layer of security. In the summary of authentication policies will allow or not to allow a user logs on to a desktop or server, or vice versa control …
Presentation In this tutorial, we will see how to set up a GPO that will execute a logon script. Logon scripts are usually in batch or vbs format, it is also possible to run PowerShell scripts. The use of script in PowerShell requires to authorize the use of remote script (set-executionpolicy), it is also necessary …
In this article, I will explain how to add a domain controller to an existing domain and manage replication links. Below, an illustration of the final architecture: Throughout this tutorial, we will add the controller XXXX-AD1 to the existing domain, which already has two controllers on site A. Prerequisites for XXXX-AD1: When adding the first …
Presentation of FSMO roles In an Active Directory environment, there are 5 Flexible Single Master Operation (FSMO) roles, two roles are unique in the forest and the other three are unique in a domain. A domain controller can have none or more FSMO roles. Domain Naming Master It is unique in the forest, it is …
The Active Directory Schema console is not available natively, it is necessary to register it in order to access it. This console is to be used with great care, improper handling can put the entire Active Directory forest in error. This console gives access to the role FSMO: Schema Master. 1. Open a command prompt …
Introduction In this tutorial, we will see how to create an Active Directory environment using PowerShell, that is to say the creation of the first domain controller which includes: The Active Directory tutorial: installing and configuring a domain controller explains how to do it using the graphical interface. Prerequisites Ideally from a blank server, which …