Renew Active Directory User Password Without Knowing It

Renew Active Directory User Password Without Knowing It

Hello,

Today we’ll how you can renew an Active Directory user password, without knowing it. It can be very convenient when you have a service account with a password expiration but don’t want to change it for whatever reason. It can also save the day when you have one of your VIP user that is in a kind of emergency and need his mailbox access but you can’t change the password be cause he doesn’t have a secure AD access. You can have plenty of reasons to perform that kind of action. Continue reading

Invoke Active Directory SDProp Powershell

Invoke Active Directory SDProp Powershell

Hello,

Active Directory uses an internal process named SDProp for “Security Descriptor Propagation” to apply different ACLs on high privileges users or groups. The process copy the ACL from the AdminSDHolder to protect those users and groups. You can read a lot more information on a previous article of mine. Continue reading

Check Global Address List Compliance PowerShell

Check Global Address List Compliance PowerShell

Hello,

When migrating to Office 365 from various exotic messaging system, you usually hit the fact that Active Directory isn’t a reflect of the situation. Especially when you’re looking at the attributes that are used for building the global address list for Exchange Online and Skype Online. Continue reading

Change Active Directory Copy Behavior

Change Active Directory Copy Behavior

Hello,

Just like the tombstone behavior, the copy behavior can be altered to fir your needs. This is the same concept as before, you just need to change the SearchFlags attribute in your schema. In fact, you can alter a lot of basic functionality of Active Directory this way. Continue reading