System Error Codes (Windows) Feb. 22, 2017, 4:06 p.m.

The System Error Codes are very broad.

Active Directory Delegation via PowerShell – May I see your ID(entity)? Feb. 22, 2017, 2:42 p.m.

The pseudo code for doing this is pretty simple:

1. Get the current DACL on the object we desire to set permissions on.
2. Append the existing DACL with a new ActiveDirectoryAccessRule.
3. Re-apply the DACL.

Active Directory's Object Specific ACEs and PowerShell Feb. 22, 2017, 2:38 p.m.

Active Directory ACE (access control entries) are different from your regular ACEs (for example, NTFS), because they can be used to grant permissions only on specific types of objects, and to propagate only to specific types of child objects. My question is - how do I replicate this in PowerShell?

Who can add workstation to the domain Feb. 22, 2017, 2:32 p.m.

1) If you have delegated rights on the OU, you can join unlimited computers to the domain. Regardless of what is in the DDC policy. 2) If you do not have delegated rights on the OU, but are listed within the DDC policy, then you can add machines up to the limit of the “ms-DS-MachineAccountQuota” attribute.

Dump a list of all schemaIDGUIDs with PowerShell Feb. 22, 2017, 2:26 p.m.

There are well known methods for setting Access Control Entries (ACEs) on Active Directory objects using Powershell, which rely on you knowing the schemaIDGUID of the schema object classes you are working with (e.g. User, Computer, Group). Unless you know your way around AD it’s not always immediately obvious where to find the schemaIDGUIDs that you need. To help you with this, I’ve thrown together a couple of PowerShell snippets.

Add Object Specific ACEs using Active Directory Powershell Feb. 22, 2017, 2:24 p.m.

In the example below, we are going to create two object specific ACEs with one granting the group “myGroup” the extended right “Reset Password” for all users and the other giving it permission to delete computer objects, all under the organizationUnit “myOU”.

Create new bulk AD delegations with Powershell Feb. 22, 2017, 2:22 p.m.

Here’s a Powershell script I wrote to delegate permissions to a service account to manage user objects within a number of OUs.  The script takes as input a file containing the distinguished names (DNs) of the OUs.  The approach should be reasonably obvious from the comments in the script.  The only complexity comes from having to get the correct System.DirectoryServices syntax for the Access Control Entries (ACEs).

How to configure a firewall for domains and trusts Feb. 15, 2017, 12:08 p.m.

To establish a domain trust or a security channel across a firewall, the following ports must be opened. Be aware that there may be hosts functioning with both client and server roles on both sides of the firewall. Therefore, ports rules may have to be mirrored.

The LastLogonTimeStamp Attribute – What it was designed for and how it works Jan. 18, 2017, 9:44 a.m.

It is important to note that the intended purpose of the lastLogontimeStamp attribute to help identify inactive computer and user accounts. The lastLogon attribute is not designed to provide real time logon information. With default settings in place the lastLogontimeStamp will be 9-14 days behind the current date.

How to Recover from an Active Directory Failure Jan. 13, 2017, 10:49 a.m.

In this article we will look at the different options and approaches available to recover a DC that has a database corruption. In addition, this article outlines, symptoms, causes, and solutions for this scenario.

Cloudcraft – Draw AWS diagrams Jan. 12, 2017, 10:34 a.m.

Design a professional architecture diagram in minutes with the Cloudcraft visual designer, optimized for AWS with smart components

HomeKit Type UUIDs Dec. 30, 2016, 11:10 a.m.

UUID list for HomeKit TransportCategoryTypes, ServiceTypes and CharacteristicsTypes.

Kerberos Explained Dec. 26, 2016, 10 a.m.

The process of authenticating the identity of users during log-in is the first step in gaining system access. For local machines that aren't actively participating in a domain, Windows NT LAN Manager protocol is still utilized to verify a user's name and password before granting system access. However, in domain environments, Microsoft has coupled Active Directory closely with Kerberos. Once access is granted, tickets that permit specific access to other system resources within the domain are exchanged.

AWS Quick Starts Dec. 20, 2016, 4:59 p.m.

The Quick Starts on this page were built by AWS solutions architects based on AWS best practices for security and high availability. These reference deployments implement key technologies automatically on the AWS Cloud, often with a single click and in less than an hour. You can build your test or production environment in a few simple steps, and start using it immediately.

Yoctopuce, USB sensors and actuators Dec. 13, 2016, 11:28 a.m.

Yoctopuce designs, manufactures and sells USB devices to let your computer sit in the real world, not in the cloud. Our USB modules are tiny, easy to install and easy to drive programmatically.

Tapiriik Dec. 12, 2016, 11:13 p.m.

Tapiriik synchronises your fitness activities (including heart rate, cadence, power, and temperature data) between Garmin Connect, Runkeeper, Strava, TrainingPeaks, SportTracks.mobi, Endomondo, RideWithGPS, TrainerRoad, Motivato, Velo Hero, Epson RUNSENSE, Dropbox, and Smashrun

Microsoft Virtual Academy Dec. 11, 2016, 10:44 p.m.

Microsoft Virtual Academy provides free online training by world-class experts for Developers, IT Professionals and Data Scientists.

Custom Made Roman Blinds Dec. 11, 2016, 10:42 p.m.

Easy Blinds make made to measure custom blinds for your windows. We ship throughout New Zealand from our Auckland based premises.

BookStack Dec. 11, 2016, 10:40 p.m.

BookStack is a simple, self-hosted, easy-to-use platform for organising and storing information.

iTextEditors Dec. 7, 2016, 11:01 a.m.

This is a feature comparison of iPhone and iPad text/code editors. The information was compiled by the web community on an open Google spreadsheet.