In this article, we’ll show how to enable DNS logging for all user queries on a DNS server running Windows Server, how to parse and analyze DNS logs. I faced this task when I had to decommission an old Active Directory domain controller in a branch office and I needed to understand which devices were still using the DNS server. After enabling a DNS log and analyzing it, I was able to find the devices and reconfigure them to use other DNS servers. Also, this method will help you to find hosts with suspicious activity in your Active Directory network (accessing malicious URLs, botnet hosts, etc.).
- Active DirectoryPowerShellWindows Server 2019Windows Server 2022
Install and Configure a Read-Only Domain Controller (RODC) on Windows Server 2019/2022
September 7, 2023The read-only domain controller (RODC) feature was first introduced in Windows Server 2008. The main purpose of the RODC is the secure installation of the own domain controller in remote…
Windows automatically assigns a drive letter to any connected HDD/SSD disk, USB flash drive, SD card if it recognizes the file system on its partitions. But sometimes it doesn’t work.…
- Active DirectoryAzureMicrosoft 365
IdFix: Preparing On-Prem Active Directory Sync with Azure
November 26, 2021If you are going to configure synchronization of your local (on-premises) Active Directory with Microsoft 365/Azure AD using Azure AD Connector (AADConnect), you must first check the object attributes in…
Current Windows versions collect information about the health of hard drives in your computer via SMART and may notify a user in case of any problems. Let’s see what a…
The task of searching for objects in Active Directory (users, groups, or computers) by name using some pattern, regular expression, or wildcard is not as obvious as it really seems.…
- PowerShellWindows 10Windows Server 2019
Run a Script (Program) When a Specific Program Opens/Closes in Windows
February 27, 2023In this article, we will show how to track an event of launching a certain program (process) in Windows and perform an action (run a script, command, program, send an…
In this short article, we will show you how to properly change an Active Directory domain name from test.com to resource.loc. In fact, it is not the best idea to…
- Windows 10Windows 11Windows Server 2019
Fix: Windows Won’t Boot (Start) After Installing Updates
November 8, 2021To ensure the stability and security of your Windows device, you should regularly install security updates (manually using MSU/CAB files or automatically via Windows Update). Microsoft releases new Windows updates…
- PowerShellWindows 10Windows Server 2019
Using Out-GridView to View and Select Table Data in PowerShell
March 21, 2022The Out-GridView cmdlet allows displaying data as an interactive graphical table that can be filtered or sorted based on different criteria. You can use the Out-Gridview cmdlet in scripts where…