Using PowerShell to Discover Who Added a Client to Your Domain
In this video, PowerShell instructor Jason Yoder shows how to use PowerShell to quickly find who added a new client to your domain.
For instructor-led PowerShell courses, see our course schedule.
Download the PowerShell script used in this video.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 | <# ╔══════════════════════════════════════════════════════════════════════════════╗ ║ ║ ║ Discovering Who Added a Client to Your Domain ║ ╟──────────────────────────────────────────────────────────────────────────────╢ ║ Interface Technical Training ║ ║ Jason A Yoder ║ ║ ║ ╚══════════════════════════════════════════════════════════════════════════════╝ #> # ms-DS-MachineAccountQuota Documentation Start-Process -FilePath "https://msdn.microsoft.com/en-us/library/ms678639(v=vs.85).aspx" # List the current value of ms-DS-MachineAccountQuota Get-ADDomain | Select-Object -ExpandProperty DistinguishedName | Get-ADObject -Properties 'ms-DS-MachineAccountQuota' | Select-Object -ExpandProperty ms-DS-MachineAccountQuota # Join a client to the domain as DWilliams (Diane Williams) # List the most recently joined client to the domain Get-ADComputer -Filter * | Select-Object -Last 1 # Check for all computer objects with an ms-DS-CreatorSid populated. Get-ADComputer -Properties ms-ds-CreatorSid -Filter {ms-ds-creatorsid -ne "$Null"} # ms-DS-CreatorSid Documentation Start-Process -FilePath "https://msdn.microsoft.com/en-us/library/ms678637(v=vs.85).aspx" # Number clients and users in this environment Get-ADComputer -Filter * | Measure-Object | Select-Object -ExpandProperty Count Get-ADUser -Filter * | Measure-Object | Select-Object -ExpandProperty Count # Assuming it takes 10 seconds to evaluate all of the records (In Days). ((10 * (Get-ADComputer -Filter * | Measure-Object | Select-Object -ExpandProperty Count)) + (10 * (Get-ADUser -Filter * | Measure-Object | Select-Object -ExpandProperty Count)))/60/60/24 # Who did this? $Clients = Get-ADComputer -Properties ms-ds-CreatorSid, WhenCreated -Filter {ms-ds-creatorsid -ne "$Null"} $Users = Get-ADUser -Filter * ForEach ($C in $Clients) { ForEach ($U in $Users) { If ($U.Sid -eq $C.'ms-ds-creatorsid') { $C | Select-Object -Property @{ Name = 'ComputerName'; Expression = {$C.Name}}, @{Name = 'WhenCreated'; Expression = {$C.WhenCreated.DateTime}}, @{Name = "UserName"; Expression = {$U.Name} } } } } # Get the ms-DS-MachineAccountQuota object from Active Directory. $Attribute = Get-ADDomain | Select-Object -ExpandProperty DistinguishedName | Get-ADObject -Properties 'ms-DS-MachineAccountQuota' # Expand the attribute. $Attribute # Replace the value of ms-DS-MachineAccountQuota from 10 to 0. Set-ADObject -Identity $Attribute.ObjectGUID -Replace @{'ms-DS-MachineAccountQuota' = 0} # Validate the change. Get-ADDomain | Select-Object -ExpandProperty DistinguishedName | Get-ADObject -Properties 'ms-DS-MachineAccountQuota' |
A Simple Introduction to Cisco CML2
Mark Jacob, Cisco Instructor, presents an introduction to Cisco Modeling Labs 2.0 or CML2.0, an upgrade to Cisco’s VIRL Personal Edition. Mark demonstrates Terminal Emulator access to console, as well as console access from within the CML2.0 product. Hello, I’m Mark Jacob, a Cisco Instructor and Network Instructor at Interface Technical Training. I’ve been using … Continue reading A Simple Introduction to Cisco CML2
Cable Testers and How to Use them in Network Environments
This content is from our CompTIA Network + Video Certification Training Course. Start training today! In this video, CompTIA Network + instructor Rick Trader demonstrates how to use cable testers in network environments. Let’s look at some tools that we can use to test our different cables in our environment. Cable Testers Properly Wired Connectivity … Continue reading Cable Testers and How to Use them in Network Environments
Government Edition – Encrypting a USB Flash Drive in Windows 10
In this video, Security Instructor Mike Danseglio demonstrates how to use BitLocker in Window 10 to secure files on a USB Flash drive that adhere to stricter data protection requirements as found inside Government entities. BitLocker 2-day instructor-led training is now available at Interface: BITLOCK: Planning and Deploying BitLocker Drive Encryption Training Video Transcription: Hi. … Continue reading Government Edition – Encrypting a USB Flash Drive in Windows 10
Write a Comment
