Active Directory Functional Domain level check

This script will help you to check the Active Directory domain functional level. First the script asks for the domain name (fqdn). Then, the domain controllers names of this domain are queried to get the value of the AD attribute…

Get the Active Directory functional levels/FSMO roles forest wide

Description With the following script, it is possible in the same array to get useful Active Directory informations such as: domain names (DNS fqdn) domain functional level forest functional level fsmo roles The powershell cmdlets used for this script are…

List duplicated valid certificates on a MS PKI version 3

Description One more version of the script provided some weeks ago. This is a minor update but it can be helpful. In that version, the duplicated valid certificates are listed and two options are shown : keep or revoke. It…

List duplicated valid certificates on a MS PKI version 2

Description I have written another version of the script provided some weeks ago. This new version is looking for duplicated valid certificates based on both CommonName and Certificate template. The first version checked only the CommonName. All of this cmdlets…

Microsoft PKI: revoke expired certificates

Microsoft PKI: revoke expired certificates Description I have written the script below to cleanup the CA database by revoking the expired certificates. First, the script performs three checks and then revoke the expired certificates: a valid certificate for the same…

Manage reverse DNS zones with Powershell

Manage reverse DNS zones with Powershell The script is a complete tool that will perform the following tasks: list the A records in the domain name defined in the variable $dnsDomainName for each record, check if the reverse zone exist.…

Password never expires status

Description With this little script, you will have a status on the user account “Password never expires” flag. This check is done on a specific OU. You can adapt the script to run it on a domain-wide. The principe of…

Owncloud Passwords application migration to Passman

If you used the application Passwords for Owncloud to store your credentials, you have seen recently this app does not exist anymore. The application has been removed from Github and it is hard to find the documentation. This is why…

List duplicated valid certificates on a MS PKI

List duplicated valid certificates on a MS PKI The following script will give you the possibility to list the valid certificates on your Active Directory PKI that are duplicated. By “duplicated”, I mean at least two valid certificates for the…

Request and remove a certificate using Active Directory templates

You can request from Powershell a certificate from your Active Directory PKI. In that case you will use the cmdlet Get-Certificate. If you already know the template you want to use (for example Enhanced Web Server), you can use this…