Healthy Replication is a must for active directory environment. SYSVOL folder in domain controllers contain policies and log on scripts. It is replicated between domain controllers to maintain up to date config (consistency). Before windows server 2008, it used FRS (File Replication Service) to replicate sysvol content among domain controllers. With Windows server 2008 FRS was deprecated and…
In AD environment, we can use password policy to define passwords security requirements. These settings are located under Computer Configuration | Policies | Windows Settings | Security Settings | Account Policies
Before Windows server 2008, only one password policy can apply to the users. But in an environment, based on user roles it may require additional protection. As an example, for sales…
In Active Directory environment users have to update their passwords when its expire. In some occasions, it is important to know when user password will expire.
For user account, the value for the next password change is saved under the attribute msDS-UserPasswordExpiryTimeComputed
We can view this value for a user account using a PowerShell command like following,
Get-ADuser R564441…
Multifactor authentication (MFA) is commonly use to protect applications, web services which is publish to internet. It helps to verify the authenticity of the authentication requests. There are many multifactor service providers. Some are cloud based and some are required on-premises installations.
Azure MFA first was introduced to use with Azure services and later developed further to…