Posted in News

Desired State Configuration via Powershell

At TechEd North America 2013 the Powershell team have showcased a new under the covers feature with Windows 8.1 and Server 2012 R2 call Desired State Configuration via Powershell. While you may recognise this feature name as something out of that is in System Center Configuration Manager the technology is somewhat different and has no SCCM requirements. Simply put DCS…

Continue Reading...
Posted in News Security

Out Now: Security Compliance Manager v2.5 Beta

Microsoft has just released Security Compliance Manager v2.5 beta https://connect.microsoft.com/site715/program2682 along with a heap of new security baseline for you to use to compare against your environment. In case you are not familiar with SCM then it is a great product from Microsoft that consolidates all the best practice for their software with in-depth explanation for each setting. Notably this…

Continue Reading...
Posted in Tip

How to fix AD PowerShell error “Unable to find a default server with Active Directory Web Services running.”

Today I experienced Serendipity with the error “Unable to find a default server with Active Directory Web Services running.” in PowerShell with Windows 7. This message was occurring when trying to create some new OU’s using the New-ADOrganizationalUnit command. Initially I thought it was due to not having the required Active Directory Powershell commands installed but then I realised that…

Continue Reading...
Posted in Tip

Get-GPOBackup

Jeffery Hicks (PowerShell MVP) has just recently written a power shell command call Get-GPOBackup to address and issues with managing GPO backups. The GroupPolicy module from Microsoft offers a great deal of functionality from a command line. In terms of regular maintenance or administration it is pretty hard to beat, especially if you have 100s or 1000s of GPOs. When…

Continue Reading...
Posted in Video

TechNet Video: Configuring Fine-Grained Password Policies using PowerShell

Fine Grained Password Polices (FGPP) allow IT administrator to apply password and account lockout policies to different users or groups of users in you domain. The major pain about FGPP is that you cant just  use Group Policy to use them instead you have to use ADSIEDIT to make the changes… Major PITA. But lucky some of the pain about…

Continue Reading...
Posted in Best Practice Tutorials

How to delegate AD permission to Organisational Units using the PowerShell command Add-QADPermission

Recently, I have been working a lot with PowerShell to automate the creation of a full AD site OU structure (with Group Policy and all) along with all the necessary delegated permissions. One of the limitation of the out of the box AD PowerShell commands is there is no easy way (but apparently there is a really hard way) to…

Continue Reading...