Active Directory Recycle Bin

We can enable active directory recycle bin feature on windows 2008 R2 Domain controller. We can enable this feature in either domain level or forest level. If we are going to enable this feature on forest level the forest functional level should be Windows 2008 R2.

1

Enable-ADOptionalFeature ‘Recycle Bin Feature’ –Scope ForestORConfigurationSet –Target ‘mydomain.lk’

Continue reading “Active Directory Recycle Bin”

Offline domain join

Windows 2008R2 server/computer or Windows 7 computers we can add to the domain without having any of the connectivity of the server(DNS or ActiveDirectory).

For this case we do not to raise any of the functional leval.(Forest or domain).This method is very much usefull when we are reinstalling the operating systems of the pcs on a separate location(Branch Office).Therefore we can use DJOIN.exe tool

1

Continue reading “Offline domain join”

Create bulk users from csvde.exe

This tool we can use for import and export data from the Active directory and store those data in comma separated format(CSV)

For creating csv file that easy to use excel 2010 or excel 2007

2

Figure 1.0

This is the one of the example csv file which has entered some sample data.Once we enter the data we can save this as a csv on a domain controller or additional domain controller

3

Now we can start the import user accounts using csvde.exe

4

5

6

All the user accounts are in disabled mode because we cannot give the password from the csvde

6

Answer file for new domain creation(Primary Domain Controller)

[DCInstall]
ReplicaOrNewDomain=Domain
NewDomain=Forest
NewDomainDNSName=mydomain.lk
ForestLevel=3
DomainNetbiosName=mydomain
DomainLevel=3
InstallDNS=Yes
ConfirmGc=Yes
CreateDNSDelegation=No
DatabasePath="C:\NTDS"
LogPath="C:\NTDS"
SYSVOLPath="C:\SYSVOL"
SafeModeAdminPassword=Passwordfor-dsrm
RebootOnCompletion=Yes

Restrict application using applocker in windows 7-Step by step

In a windows 7 you can restrict application/s for particular user using applocker.

 

1.Here user 1 can open windows calculator

1-user1 run cals

2.login using admin account and type gpedit.msc and press enter.

then go to the computer configuration>Windows settings>security settings>Application Control policy

Click on configure rule enforcement and select configured under executable rules>apply >ok

enforcerules

Continue reading “Restrict application using applocker in windows 7-Step by step”