Category: Active Directory

Active Directory (AD) is a directory service that Microsoft developed for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was only in charge of centralized domain management. Starting with Windows Server 2008, however, Active Directory became an umbrella title for a broad range of directory-based identity-related services

The Metaverse needs to be open-source and community-driven

Ulv BjørnssonLeave a comment

The metaverse is coming, and it should be open source. The metaverse is a virtual world that will include all kinds of virtual reality (VR) applications. You can think of it as the internet for VR, but with an emphasis on user-generated content that’s augmented by AI and machine learning technologies. It’s still early days, but this future has been imagined by sci-fi writers for decades—we’re finally getting close to seeing what they were talking about come to life.

The metaverse has been talked about for decades, but now it is finally happening. This is a good thing: the world is becoming increasingly decentralized and open-source, and we should embrace that shift by embracing an open-source metaverse. Open source enables greater diversity of ideas, creativity, and innovation because anyone can contribute to it. It also allows interoperability between systems while avoiding vendor lock-in (where you are stuck with whatever your service provider offers).

For example, if someone comes up with a great idea for a new virtual reality game or social network inside the metaverse then others won’t have to wait for permission from some centralized authority before being able to adopt this new technology into their own systems within the metaverse—they can just take it from them directly as long as they give credit where credit is due!

What it could look like in the future

The metaverse as we want it has a decentralized identity layer, but the challenge is that it is still too centralized in terms of the application layer. In order for VR to become truly open-source, there needs to be interoperability between different applications. The way this can be achieved is by creating an open source standard that all developers must comply to when building their applications. This will ensure that your data won’t be trapped within certain platforms.

Read More »

Powershell: Move objects from OU to target OU

Ulv BjørnssonLeave a comment

Simple way to move computers from one OU to a target OU using –LDAPFilter which allows you to modify it. Current form is objectClass meaning it’ll move anything that is designated an objectclass from OU to target OU, you can change this to be (name=PC*) with * being a wildcard moving any object starting with PC from OU to target OU.

<#
.SYNOPSIS  

Sets Moves AD object based on -LDAPFilter from OU to target OU.

.DESCRIPTION  Script will search through Active Directory OU and move all objects matching -LDAPfilter to target OU.

.PARAMETER $OU    Enter full name of OU you wish to limit search to

.NOTES  
Version:        1.0  
Author:         ulbjo  
Creation Date:  07/06/17  
Purpose/Change: Initial script development  
.EXAMPLE (name=PC*) will filter search and move only PC starting with PC* to target OU.

#>
$computerstomove = Get-ADComputer -LDAPFilter "(objectClass=*)" -SearchBase "CN=Computers,DC=Customer,DC=ulvbjornsson,DC=com"foreach ($computertomove in $computerstomove) { Move-ADObject $computertomove -TargetPath "OU=Computers,OU=Production,DC=Customer,DC=ulvbjornsson,DC=com"
}

#(name=PC*)

 

As always hit me up, I got a lot of articles in the pipeline so stay tuned.

You can find me here, or interact with me over twitter @UlvBjornsson

Allow Domain User To Update Department Field in Active Directory

Ulv BjørnssonLeave a comment

In this article we’ll go through the steps to allow a domain user that is a member of a security group, to update the Department field in Active Directory

So open up Active Directory Users and Computers and create a Security Group that we will delegate control to, for this example we have created a group called “RL_Update_AD_Users_Department_Field”

pep

Now we have to also choose the container that this group can edit Users in to for this example we have a “Users”-container in our “domain“.

RoyalTS_2017-05-08_13-58-06

This opens up the Delegation of Control Wizard. Hit Next.

2017-05-08_14-11-21

Read More »

Allow Domain User To Update Manager Field in Active Directory

Ulv BjørnssonLeave a comment

In this article we’ll go through the steps to allow a domain user that is a member of a security group, to update the manager field in Active Directory.

So open up Active Directory Users and Computers and create a Security Group that we will delegate control to, for this example we have created a group called “RL_Update_AD_Users_Manager_Field”

 

Now we have to also choose the container that this group can edit Users in to for this example we have a “Users”-container in our “domain“.

RoyalTS_2017-05-08_13-58-06.png

This opens up the Delegation of Control Wizard. Hit Next.

2017-05-08_12-30-50

Read More »

Allow Domain User To Add Computer to Domain

Ulv Bjørnsson1 Comment

In this guide we’ll go through the steps to allow a domain user, to add a computer to the domain. This can be nice in scenarios where some of the preparation for a PC is done by office staff, or if there are branch offices that need to re-join after resetting a PC and so-on.

An authenticated user, has by default the right to join up to 10 computers to the domain. After exceeding this limit the user will recieve an error message.

To get around this we can delegate the right to Create Computer Objects in Active Directory. This ensures that there is no restriction on number of computer objects that the user with this delegation right can add to the domain.

The best way of achieving this is by delegating control to a “Security Group” that we create in “Active Directory”

Delegating rights to User/Group with Active Directory Users and Computers

Read More »