Cleanup Active Directory groups with PowerShell

Taking care for local Active Directory (if it is still present) is one of the most important tasks, so you may need also cleanup disabled users from groups. Sometimes you don’t want to delete users but only removing them from AD groups is required (often for licensing issues etc.) I’ve had that case and wrote …

Azure AD Connect V1 retiring – Upgrade NOW!

In september 2021 another big announcement was published by Microsoft. Azure AD Connect Version 1x is retired and will not work anymore in August 2022. So please update your Azure AD Connect Version! On August 31 2022 all old versions of Azure AD Connect Ver. 1.x won’t work. Resulting this announcement there are some consequences. …

Active Directory bugs / vulnerability november 2021 CVE-2021-42287

I thought my holidays already started, but there is a very critical sercurity vulnerability included in Microsoft Active Directory. More precisely there are two vulnerabilities, CVE-2021-42287 and CVE-2021-42278 . Vulnerability CVE-2021-42278 contains an attack which is also known as sAMAccountName spoofing or impersonation. It is possible to rename Computer Accounts of DomainController to impersonate them. …

Windows Server DomainController find LDAP binds

Some time ago Microsoft announced the changing of default domain controller behavior for ldap and ldap signing. See LINK.This affects every supported version of Windows Server (from 2008R2 till 2019). There is another LINK ADV190023 with detailed explanation. I think there should be no discussion to change your domaincontroller to ldap signing only. But what …

Bulk change SIP address for special active directory users

Lot of customers in small and medium businesses are using CTI Software for calling and connecting their PC with telephone. In most cases the software is connected to active directory and it’s using or maybe adding the SIP attribute to “proxyaddresses” attribute. Sometimes these software copies UPN (userprincipalname), but often this is not the same …