Bitlocker : store recovery password in Active Directory

Presentation In this tutorial, we will see how to store the Bitlocker recovery password in the Active Directrory. The recovery password is requested when the user forgets his pin code or when he wishes to access the hard disk on another computer when the TPM module has been used. Viewing passwords is done using the …

Read more



GPO: add a registry key

Intro In this tutorial, we will see how using a group policy, add a registry key. With group policies, it is also possible to delete or modify the value of an existing key Depending on the hive (HKLM / HKCU), the strategy should be placed on the correct OU (Organizational unit) and the correct computer …

Read more



Security: prevent local logon on Windows servers

Intro In this tutorial, we will see how to prevent local logon on Windows servers. What you should know is that by default all users are allowed to log on locally to Windows except for domain controllers. For servers in Workgroup, the problem is less posed but for servers members of a domain, all users …

Read more



Admin Center: installation in gateway mode

Intro In this tutorial, we will see how to install the Admin Center in gateway mode. As a reminder, the Admin Center is a Web interface that allows the administration of Windows servers using WinRM. From the Admin Center, it is almost possible the same as with the graphical interface: Monitor a set of servers …

Read more



GPO: Central store

Vérification via l'éditeur de l'utilisation du magasin central

Presentation of the central store The central store makes it possible to share and synchronize all of the Group Policy Definition (ADMX) files on all of the domain controllers by relying on the SYSVOL folder. By default the ADMX files are in the C:\Windows\PolicyDefinitions folder which is specific to each domain controller. It is also …

Read more



Active Directory: authentication policy

Presentation of authentication policies With Windows Server 2012R2 and the new ADAC (Active Directory Administration Center) administration console, Microsoft has added authentication policies that provide an additional layer of security. In the summary of authentication policies will allow or not to allow a user logs on to a desktop or server, or vice versa control …

Read more



Add an AD DS domain controller to an existing domain

Schéma multi AD

In this article, I will explain how to add a domain controller to an existing domain and manage replication links. Below, an illustration of the final architecture: Throughout this tutorial, we will add the controller XXXX-AD1 to the existing domain, which already has two controllers on site A. Prerequisites for XXXX-AD1: When adding the first …

Read more



GLPI link with an Active Directory

In this article, we will see how to configure GLPI with an Active Directory so that users can identify with their Windows session name and password. Configuration of the Active Directory in GLPI From the navigation menu go to Configuration 1 > Authentications 2. In the External Authentications list, click LDAP Directories 1. Click on …

Read more



Active Directory: access the Active Directory Schema console

The Active Directory Schema console is not available natively, it is necessary to register it in order to access it. This console is to be used with great care, improper handling can put the entire Active Directory forest in error. This console gives access to the role FSMO: Schema Master. 1. Open a command prompt …

Read more