# Get ACL Permissions for a specific OU (Get-ACL "AD:$((Get-ADOrganizationalUnit -Identity 'OU=Computers,DC=Test,DC=LOCAL').distinguishedname)").access | Select IdentityReference,AccessControlType,ActiveDirectoryRights.IsInherited #Other examples available from https://www.easy365manager.com/how-to-document-ou-delegation/ https://shellgeek.com/get-ad-ou-permissions-report/
Query Active Directory – Security Script
PowerShell script to query active directory : Identify Accounts with Password expiring is disabled Identify Accounts have not logged on for 30 or 90 days and accounts have never logged…
Office 365 Additional Security, Require MFA to Domain Join Devices in Azure Active Directory
How to enable the feature to prompt for Multi Factor Authentication when joining a device to an Azure Active Directory domain. We would also like to limit the number of…
Office 365 – Configure Users To Reset Non-Administrators Passwords
The support desk will require the function to reset users passwords in your environment. Their is a pre-configured role already available in Office 365. Follow these basic steps to assign…
Office 365 How To Configure External Collaboration Settings with Domain Restrictions
In Office 365, how do you configure external collaboration settings but restrict certain domains from collaboration. This is all configured under Azure Active Directory Admin Center. A few clicks and…
How To Register an Application in Your Office 365 Tenancy
Start in Microsoft 365 Admin Centre and browse to Azure Active Directory Browse all services and click "App Registrations" Click "New Registration" Enter application details and URL
Office 365 Password Protection – Custom Banned Passwords – Greyed Out
So you have decided to increase security by adding a banned password list but the option in Azure Active Directory admin center is greyed out. Problem is licensing. This feature…
In Office 365 Add users automatically to a group based on property
Dynamic membership rules for groups in Azure Active Directory and automatic licensing. Configured in Azure Active Directory Admin Center. Add New Group Select Dynamic User or Device Example Looks…
Task : Output A List Of Home Drive Paths Configured In Active Directory
#DSQuery dsquery user -name "*" -limit 0 | dsget user -samid -hmdir -hmdrv -profile >c:\temp\usersV2.txt #PowerShell # More flexibility # Includes the state of the computer account (Enable or…
List all users in the domain and email addresses
import-module activedirectory #List all users in the domain # Display Name and Email Address get-aduser -Filter * -SearchBase "dc=Test,dc=com" -Properties Displayname,emailaddress | select displayname ,emailaddress | Export-Csv C:\temp\users_and_email.csv