AD Groups with Low Member Count

When I was a Systems Administrator, it was often tough to find time to be proactive and housekeep. However, this is a key part of the role. What I used to do is dedicate time each week to expanding my arsenal of scripts. These little beauties performed the many mundane, but necessary, Active Directory housekeeping…


Security Focus: Orphaned AdminCount -eq 1 AD Users

AdminSDHolder and AdminCount have appeared in a few recent posts. In fact, in addition to this post, I’ve got another one on this topic lined up. It’ll be the last (for now), I promise! Anyway, to business… It’s long been known that objects that have been marked as AdminCount = 1 can become orphaned.   Consider…


Security Focus: sIDHistory / sID Filtering Sanity Check – Part 1 – aka Post #100!

 100 posts! Who’d have thought it? I started out wanting to evangelise PowerShell. 100 posts later, that desire is as strong as ever! Along the way, it seems that I have helped some folks out, made others laugh, confused some, talked about PoSh chickens… and had a jolly good time of it, too! Anyway, enough…


Use PowerShell and Repadmin to Check for Updates to High Privileged Groups

To compliment their AD object auditing, one of my customers asked for a script sample to demonstrate an immediate analysis of membership updates to high privileged groups. Before I embarked upon a nice bit of scripting, I had a quick look to see if anyone had already produced something along those lines. My search quickly turned up this…


Verify Active Directory Group Naming Standards

I love the stuff customers ask me! This week one of the chaps relatively new to PowerShell wanted some code to check for deviations from the organisation's group naming standards. A simple enough task, I thought, one he could accomplish with some pointers from me. My metaphorical gauntlet was thrown…   In the meantime, I'd write a little something myself….