Great article “Best Practice: Group Policy for WSUS” by Alan Burchill. Also see his two part AD/Group Policy series: Best Practice: Active Directory Structure Guidelines – Part 1 Best Practice: Group Policy Design Guidelines – Part 2
Blog Archives
LastLogonTimeStamp
The one post of mine that has garnered the most hits had to do with LastLogonTimeStamp. A post from Ask the Directory Services Team entitled “The LastLogonTimeStamp Attribute” – “What it was designed for and how it works” provides a…
Links for November 11, 2008
Veterans Day is the day set aside to thank and honor ALL those who served honorably in the military – in wartime or peacetime. In fact, Veterans Day is largely intended to thank LIVING veterans for their service, to acknowledge…
Links for October 29, 2008
Account auditing for group membership changes Six minute video by Dana Epps will show you how to quickly configure account auditing using the domain security policy and then use free Microsoft tools like EventCombMT to quickly query across all your…
Posted in Active Directory, Altiris, Auditing, Blog, Information Security, IT Security, logging, logs, Microsoft, Security, Symantec, syslog, Technology, Windows
Domain User Logon and Logoff Events
I had the need a few weeks ago to determine the logon and logoff times of users of our system. Fortunately we have the Windows server event logs captured. They are sent to a syslog server using NTsyslog and we created a basic…
Posted in Active Directory, Information Security, IT Security, Log Management, logging, Microsoft, Security, syslog, Windows
Windows Encrypted File System (EFS)
Two recent editions of TechNet Magazine included excellent articles on Deploying EFS. Part 1 is here and Part 2 is here. I recently came across the article Prevent data theft with Windows Vista’s Encrypted File System (EFS) and BitLocker which…
UserAccountControl Flags
Many of the scripts I use to produce reports on active directory accounts utilize the UserAccountControl flag. Microsoft KB article 305144 documents how to use the UserAccountControl flags to manipulate user account propertiess to manipulate user account properties. You can…
JOEWARE
My research that lead me to the lastLogonTimestamp attribute also lead me to http://www.joeware.net/win/free/all.htm and the OldCmp utility. There are a number of potentially useful utilities but I’ve just used OldCmp (http://www.joeware.net/win/free/tools/oldcmp.htm). Using the utility I found a number of…
Posted in Active Directory, Blog, IT Management, LDAP, Microsoft, Security, Software, Technology, Windows
lastLogonTimestamp
While doing some research on determining the last time a user logged in to a domain, I came across the lastLogonTimestamp attribute: Prior to Windows Server 2003, determining the last time a user logged on to the domain was somewhat…
Active Directory LDAP Searches
I have had occasion recently to run scripts to query Microsoft Server 2003 Active Directory to determine which accounts have “password never expires”, “user can’t change password”, and the like. I dabble in scripting off and on and tend to…
- What To Ask Candidates In Job Interviews (Without Being Insulting And Wasting Your Time)
- Best Practice: Group Policy for WSUS
- My Thoughts on IBM Connect 2013
- A Compilation of Links to IBM Connect 2013 Information and Resources
- Only 10% of Email Legitimate
- Harmon.ie Mobile
- Coping with Email Overload
- Sametime Meetings for iPad
- Reflections on My First Lotusphere
- My Lotusphere Agenda
Steve Mullen's Old Blog 