Azure & Active Directory Center

ENow Software's Azure & Active Directory blog built by Microsoft MVPs for IT/Sys Admins.

Posts about:

Powershell

Weak Password and how Active Directory can help

How to Prevent Users from Using Weak Passwords

Image of Jaap Wesselius
Jaap Wesselius

Previously, MVP Nicolas Blank wrote an interesting article "Having an Identity Crisis" and it talked about all kinds of attacks on your environment. One such attack is on user email.  Users tend to choose a password that is easy for them to remember and this makes the password weak and easy to guess by others.  Even with some social engineering, user passwords are easy to retrieve, as can be seen on this YouTube clip What is your password?

Read More
Path to Success

Powershell: Validating Powershell Advanced Function Parameters Part I

Image of ENow Software
ENow Software

Powershell functions can be created as advanced functions. These functions behave very similarly to built-in Powershell cmdlets. Because I can't do without the ability to add a -Verbose or -Debug parameter to my functions now nowadays, these are the only kind of functions I build. Advanced functions, just like "dumb" functions, have parameters. The parameters are the values that are passed into the function from your script.

Read More
Path to Success

Upping your Parameter Validation Game with Dynamic Parameters Part II

Image of ENow Software
ENow Software

Now that you've got an understanding of Powershell's advanced functions and the ValidateSet() parameter validation method in the first part of this blog, “Validating Powershell Advanced Function Parameters” you can begin Part #2 of this small post series. Part 2 of this series goes deeper by demonstrating how to dynamically create your sets for ValidateSet() so they aren't hardcoded in. This is essential when dealing with values that may constantly change or even if you just want to practice writing good scripting and have no static references.

So now that I've dazzled you with the magic tab-completion of parameter attributes with ValidateSet() in my last post let's take it one step farther. In that simple instance, I only had 2 values to filter on; True and False. Simply typing them out is easy enough but what if the values you'd like to use aren't so cut and dry? Let me give you another real-world example I just finished today.

I had a need to create a function around the Set-Acl cmdlet. I needed the ability to easily change permissions on files and folders. I found a great example but I needed to set permissions on a ton of files/folders. Also, I really didn't want to have to remember the entire the 4 lines it took to get this done so I decided to create an advanced function to help me out. In my new function I just wanted to type Set-MyFileSystemAcl and add a few parameters like the username and what kind of access I'd like that username to have.

Read More
Settings Edit pop up

AD FS Claims Rules and Modern Authentication

Image of Vasil Michev MVP
Vasil Michev MVP

Modern authentication has been around for a while now, and it’s great. It brought support for the latest and greatest in authentication and authorization protocols and made new scenarios available. It gave us simple, unified experience across devices and platforms and improvements to the Alternate Login ID feature. On top of all that, it enabled proper support for two-factor authentication for all clients and put an end to the Office 2013 RTM fiasco (bye-bye rich clients, rest in peace app passwords!).

Read More
AD flowchart

Building an Exchange 2013 LAB Environment using Windows Server 2012

Image of Andy Grogan
Andy Grogan

In the previous two parts of this series I took you through building a Windows 2012 server on Hyper-V Server and then in the second part took you through the process of installing Active Directory Domain Services. 

In this part of the series I would like to take you through the process of installing and configuring Microsoft Active Directory Certificate Services on your domain controller. By then end of this article; our test lab will be one fourth complete – and looks like the following schematic:

Read More
Exchange Lab listing image

Exchange 2013 Lab Tutorial: Part 2: AD Domain Controller and Installation

Image of Andy Grogan
Andy Grogan

 

In the previous part of this series (Part 1) I took you through to the point where you now have a basic Hyper-V guest which can be used as the domain controller for your Exchange 2013 Test Lab. In this part I would like to take you through how you can install Active Directory on that guest machine.

Now it is important to note that the process of installing AD on Windows Server 2012 is very different to previous versions of Windows. In versions of Windows from 2000 through to 2008R2 it was as simple as dropping to a command line and typing “DCPROMO” – but in Windows 2012 DCPROMO has been depreciated. You can type it in – but you will be told to use the Server Manager to perform an install of Active Directory Domain Services.

You can use the Server Manager to install Active Directory (but where is the fun in that?) – so, you guessed it – you can also use PowerShell.

So for the purposes of this article in the series I decided to write an Powershell automation script for the installation of Active Directory on the domain controller in our LAB.

Read More
Sander-AD-Book-2nd edition copy

Want to learn more about Active Directory?

Active Directory Administration Cookbook, 2nd Edition

In this book, Microsoft MVP & Technical Editor of ENow's Azure & Active Directory Center, Sander Berkouwer will share the intricacies of managing Azure AD, Azure AD Connect as well as Active Directory for administration in the cloud and on Windows Server 2022.