How to track the source of failed logon attempts in Active Directory
KB ID 0001209 Problem If a large number of failed logon attempts occur within a certain period of time it could be an indication of a security threat, which is why it is important that organizations have a pro-active means of auditing and monitoring whenever this happens. There are a number of ways you can perform this audit, one of which is using the native tools. Here we will take you through the steps so that you know how to...
Finding Out the Last Time Domain Users have Logged in
KB ID 0000682 Problem Active directory keeps a log of the last time a domain user has authenticated to the domain (from server 2000 onwards) , the drawback with 2000 is that this value didn’t replicate so you had to query each domain controller and cobble the results together. After 2003 this value was replicated (after convergence,) to all domain controllers. Solution Update Here’s a much better way of showing who logged...
WDS Deploying Windows Part 2: Prepare Windows, and Capture to WDS
KB ID 0000737 Problem In part one we built and configured the WDS Server. Now you need to prepare the reference Windows 8 machine so that you can ‘capture’ its image. Solution Before you start, make sure that the machine you are imaging has PLENTY of room on one of its local drive(s), because it copies the image locally, before it sends it to WDS. Place Your Reference Windows 8 Machine in Audit Mode To put all the software...