PowerShell – Adding/Removing group members ?

https://blogs.msdn.microsoft.com/adpowershell/wp-content/themes/microsoft/js/html5.js Adding/removing members from another forest or domain to groups in Active Directory: https://blogs.msdn.microsoft.com/adpowershell/2010/01/20/addingremoving-members-from-another-forest-or-domain-to-groups-in-active-directory/ Example of powershell script: Write-Host “Loading the Quest.ActiveRoles.ADManagement powershell snap-in” if ( (Get-PSSnapin -Name Quest.ActiveRoles.ADManagement -ErrorAction SilentlyContinue) -eq $null ) { Add-PsSnapin Quest.ActiveRoles.ADManagement } ## VARIABLES Write-Host “” $rootOU = “DC=mydomain,DC=local” $date = Get-Date -Format ddMMyyyy $log = “.\Update-CVS-GroupMembership-$date.txt” $startscript =Continue reading “PowerShell – Adding/Removing group members ?”

AD: How to detect and remove foreign security principals?

How to resolve Foreign security principals with Quest cmdlets for AD? Get-QADObject -ResolveForeignSecurityPrincipals -Type foreignSecurityPrincipal | select Samaccoutname,Type,DN =================================================================================== How to remove the Foreign security principals from groups: $log = New-Item -Path c:\output;txt -ItemType File -Force $group = cmd.exe /c dsquery group “ou=groups,dc=mydomain,dc=com” Foreach ($g in $group){  $members = cmd.exe /c dsget group $g -membersContinue reading “AD: How to detect and remove foreign security principals?”

PowerShell – Several methods to retrieve group membership for users and groups

Several methods to retrieve group membership for user and group: Several methods to retrieve group membership for user and group: Using Powershell: ============ Using powershell – for a user samaccountname: Import-module Activedirectory (Get-ADUser <samaccountname> -Properties MemberOf | Select-Object MemberOf).MemberOf        ; list of groups the user belongs Get-QADUser -SamAccountName <samaccountname> | % {$_.MemberOf } |Continue reading “PowerShell – Several methods to retrieve group membership for users and groups”

Kerberos Token and Max Token Size – Group membership limits

Technical reference about Kerberos: http://technet.microsoft.com/en-us/library/cc739058(WS.10).aspx White paper about Kerberos troubleshooting: http://www.microsoft.com/en-us/download/details.aspx?id=21820 Microsoft has published a tool called Tokensz: http://www.microsoft.com/download/en/details.aspx?id=1448 Microsoft has a detailed document about the token-bloat problem, Addressing Problems Due To Access Token Limitation: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=13749) To step you through remediation on this MS whitepaper, we can read: Several factors can affect the outcome ofContinue reading “Kerberos Token and Max Token Size – Group membership limits”