Export AD users to CSV using the three-cmdlet pipeline (Get-ADUser, Select-Object, Export-Csv). Covers scope selection (-Filter, -SearchBase, -SearchScope), the computed-property pattern for columns like Manager-DN-to-name and clean OU paths, a reusable function with parameters, and common variations (disabled accounts, stale logons, group membership exports).
Drive Windows Update from a single PowerShell window using the PSWindowsUpdate module. Covers installing the module from the PowerShell Gallery, querying and installing updates on local and remote machines, looping over a hard-coded computer list, and patching every member of an Active Directory OU dynamically with Get-ADComputer -SearchBase.
Get-ADInfo.ps1 is a single PowerShell script that prints ten Active Directory facts in one output: computer/workstation/server/user/group counts, forest and domain functional levels, schema version translated to a Windows Server release name, and all five FSMO role owners. The right script to run before a migration, an audit, or a tier-zero handover.
Bulk-create AD users from a CSV in seconds instead of clicking the ADUC wizard for hours. Covers designing the CSV template, generating strong passwords, finding the target OU's distinguishedName, importing the file with Import-Csv, and the Add-NewUsers.ps1 script that splats parameters into New-ADUser with a duplicate check and try/catch error handling.
Audit and harden Active Directory against breached passwords using Lithnet Password Protection and the Have I Been Pwned compromised hash list. Covers installing Lithnet PP on a Domain Controller, syncing the HIBP store, running the Audit-Passwords.ps1 script to find pwned accounts, and configuring the GPO that rejects new pwned passwords on every set/change.
Three reliable ways to check FSMO role holders in Active Directory: the netdom query FSMO command, the Get-ADForest/Get-ADDomain PowerShell cmdlets (and the Get-ADInfo.ps1 script), and the GUI walkthrough across Active Directory Schema, Active Directory Domains and Trusts, and Active Directory Users and Computers.
Step-by-step guide to enabling the Active Directory Recycle Bin forest-wide using Active Directory Administrative Center. Covers prerequisites, the irreversible nature of the change, GUI and PowerShell verification, restoring deleted objects with Restore-ADObject, and follow-up hardening like Protect from accidental deletion.
Step-by-step guide to installing the Active Directory Domain Services (AD DS) role on Windows Server and promoting the machine to the first Domain Controller in a new forest. Covers the Add Roles and Features wizard, the Configuration Wizard, DSRM password, DNS delegation warning, paths, the auto-generated PowerShell script, and post-promotion verification.
Learn how to implement DHCP high availability on Windows Server using DHCP failover. This guide covers Load Balance and Hot Standby failover modes, preparing and authorizing the secondary DHCP server, running the Configure Failover Wizard to set relationship name, MCLT, mode, and shared secret, verifying scope synchronization on the secondary server, testing failover behavior, managing Replicate Scope and Replicate Relationship operations, and configuring firewall rules for TCP port 647.
Learn how to implement and configure the DHCP Server role on Windows Server. This step-by-step guide covers installing the DHCP role, setting a static IP address, completing the Post-Installation Configuration Wizard, authorizing the server in Active Directory (including DHCP Administrators and DHCP Users security groups), verifying authorization with green arrows, and creating a scope to begin issuing IP addresses.
Learn how to implement and manage IPAM (IP Address Management) on Windows Server. This step-by-step guide covers installing the IPAM feature, provisioning with Group Policy-based provisioning, configuring server discovery, setting servers to Managed status, applying IPAM GPOs with Invoke-IpamGpoProvisioning, retrieving data, and using the IP address space, DHCP scope, and DNS zone management capabilities.
Learn how to configure DNS forwarding in Windows Server DNS Manager. This step-by-step guide covers regular forwarding (offloading all external queries to public DNS servers like 8.8.8.8) and conditional forwarding (routing domain-specific queries to designated DNS servers), including the DNS resolution order and Active Directory replication for conditional forwarders.
