Tag: Active Directory

3rd September 2016 · Luca Sturlese

Active Directory is awesome, but for it to be effective it needs to be maintained and loved. An important maintenance step is cleanup, which involves removing objects that are no longer in use or required. These include:

  • User Accounts
  • Computer Objects
  • Empty Groups
  • Empty Organizational Units (OU)

Recently I wrote a guest article for Adaxes to cleanup Active Directory using PowerShell. Along with all of the details and how-to I developed a complete PowerShell toolkit that cleans up your Active Directory environment for you automatically. These tools can be scheduled and can be configured to search a certain scope, exclude certain types of objects and you can also choose the type of processing you want to do when you find inactive AD objects. The options available are report, disable and\or delete.

All of the details and links to the PowerShell scripts to get you started to cleanup Active Directory are available in the article on the Adaxes blog. Clicking on the title of this post will get you there.

12th November 2015 · Luca Sturlese

Today we will be discussing a topic that I believe is very important and should be at the forefront of consideration for all medium and large IT shops. The topic I am talking about is Automating User Account Provisioning.

In this article we will be making a case for automation by highlighting the common problems IT teams face when tackling account provisioning manually. We then discuss some of the solutions that are available to IT professionals when looking at automating user account provisioning. These solutions range from the do-it-yourself style all the way through to off-the-shelf products that will take care of all of the hard work for you.

For more information, keep on reading…

Read More “Automating User Account Provisioning”

28th July 2015 · Luca Sturlese

A while back I wrote an article about all of the different Active Directory FSMO roles available, why they are important and on which Domain Controller they should be place in a Windows forest and/or Windows domain.

However, even if you have placed all FSMO roles on the correct DCs, sometimes it is necessary to move them to another server for one reason or another. This article documents how to move Active Directory FSMO roles from one Domain Controller to another.

Read More “Transferring Active Directory FSMO Roles”

19th March 2015 · Luca Sturlese

By default DHCP works via broadcasting on the local subnet and therefore is limited to being able to provide IP addresses for devices on its subnet only. In modern day networks this is a serious limitation as it would mean that for every subnet you would need a DHCP server – imagine the management overhead!

So how can we configure a DHCP server in one subnet to respond and provide IP addresses to clients in multiple other subnets? The answer is to use a DHCP Relay Agent.

The following article explains how to configure a DHCP relay agent for a Cisco SG300 Layer 3 managed switch.

Read More “Cisco SG300 – Configure DHCP Relay to allow DHCP server to support multiple subnets”

6th March 2015 · Luca Sturlese

By default, all domain-joined servers and workstations synchronise their time with the PDC Emulator Domain Controller. However how do you configure Windows Time synchronisation for the PDC Emulator and for non-domain joined machines?

This article explains how to configure Windows Time to synchronise an external time source (NTP server), whether that be internal to your network or an internet NTP server.

Read More “Synchronise Windows Time with NTP Server”

2nd December 2014 · Luca Sturlese

Every new Active Directory forest/domain requires certain FSMO roles to be available in order for it to function successfully. The good news is that these roles are automatically installed by default. Although they are installed automatically, it is still important to understand the purpose of each FSMO role and where best to place them within your environment.

The following article outlines the function of each of the Active Directory FSMO roles, their purpose and more importantly some considerations around their placement.

Read More “Active Directory FSMO Roles”

11th October 2014 · Luca Sturlese

I have decided to build a new test lab at home based on VMware architecture so that I can test and learn new technologies which I don’t always get a chance to play with at work. I have decided to go with a two physical host approach and use my existing Synology DS1813+ NAS for the storage. Because I want to simulate a physical network as much as possible, I am using a Cisco SG300-10 layer 3 switch to perform all of the management of all of the VLANs and the routing between them and my home network.

I am currently in the process of purchasing all of the hardware and building the lab. Below are all of the details of what my final test lab will look and the reasonings behind why I have made the decisions I have….

Read More “Design of my new Test Lab”