MS: AD: Defining primary group membership with Powershell

NOTE: Be sure to change the Temp user/group entries in $NewGroup and $BaseOU to your required distinguished names. # The current Domain $DomainNC = ([ADSI]"LDAP://RootDSE").DefaultNamingContext # The Primary Group Token for Domain Users and Guests will always be # the same value (no matter the forest). Used as a demonstration of # how the value … Continue reading MS: AD: Defining primary group membership with Powershell

MS: AD: Adding users to local security groups using Group Policy

In this example, we will add all domain users to the local computers' Power Users group for all computers in the domain. Open the Group Policy Management Console Edit the Default Domain Policy Navigate to Computer Configuration > Policies > Windows Settings > Security Settings > Restricted Groups Right-click Restricted Groups and select Add Group... … Continue reading MS: AD: Adding users to local security groups using Group Policy

MS: AD: Powershell script to disable and delete user accounts in a specific OU

####################################################################################### ##DisabledUserCleanup.ps1 ##This script is designed to poll AD for any disabled user accounts that are over 30 days old and deletes them. ##The results are put into a file and then emailed to IT staff. ####################################################################################### #load AD module import-module activedirectory $oldDate = [DateTime]::Today.AddDays(-0) $AMSearchBase = "OU=Users,DC=domain,DC=local" $ShortRegion = "AM" $Region = "AM Region" … Continue reading MS: AD: Powershell script to disable and delete user accounts in a specific OU