Reading the fine print on the Protected Users Group

Hi all – This is Jerry Devore back again with a quick post on the “Protected Users” group.  As a PFE, I work with several enterprise customers who have a global presence, and have become very focused on protecting highly privileged accounts.  The major concern that’s at the top of their list is “How do… Read more

Secure Administrative Workstations

Hi All. This Jerry Devore a Midwest PFE back after a long hiatus from blogging. If you thumb through the owner’s manual of your car you will find a maintenance schedule section.  There you can see how often the manufacture suggests you should change your engine oil, flush your radiator fluid and replace various filters. … Read more

Active Directory Password Policies – when does a password policy change affect a user?

I’m back! Dougga here again with yet ANOTHER password policy post. You would think I was done with this topic – hopefully the last on this topic for a while. MarkMoro, you may know from this blogasphere, conveyed a question to me from one of our readers that is related to password policy application and… Read more

Fine Grain Password Policy for Active Directory 2008 Domain Does not Apply

Hi, Dougga here again and I just can’t leave password policies alone. So, are you ready for another password policy issue? I saw the hand up in the back, so let’s give it a shot. Previously, I had a post on Fun and Games with Active Directory Password Policies. I would like to call this… Read more

Too Many Admins in Your Domain: Expose the Problem(s) and Find a Solution. (Don’t forget PowerShell)

In my role as a transactional PFE, I have the privilege of visiting 40-50 customers per year. Often I’m called in to perform an Assessment of the Active Directory Infrastructure. Without a doubt, one of the biggest challenges most customers face is managing the membership of the privileged groups in their domain. The challenge manifests… Read more