Archive

Archive for July, 2015

Export AD Users Password Expiration Report to CSV with PowerShell from Domain controller

July 29, 2015 2 comments

This Post describes of exporting all active directory users password expiry date in CSV format using windows PowerShell.

Step 1 : Copy below PowerShell command to a notepad and save with the name ADusersexpiryreport.ps1

Import-Module ActiveDirectory
Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} `
–Properties “SamAccountName”,”mail”,”pwdLastSet”,”msDS-UserPasswordExpiryTimeComputed” |
Select-Object -Property “SamAccountName”,”mail”,@{Name=”Password Last Set”;`
Expression={[datetime]::FromFileTime($_.”pwdLastSet”)}}, @{Name=”Password Expiry Date”;`
Expression={[datetime]::FromFileTime($_.”msDS-UserPasswordExpiryTimeComputed”)}} |
Export-CSV “C:\\PasswordExpirationReport.csv” -NoTypeInformation -Encoding UTF8

Step 2 : Login to Domain controller and open windows PowerShell as an administrator.

Step 3 : Run the script and the result will be saved in ‘C’ drive

Categories: Active Directory

How to disable SMB/NETBIOS NULL Session on domain controllers

July 29, 2015 Leave a comment

Applies to : Windows 2008, windows 2008 r2 and Windows 2012/R2

By default null sessions (unauthenticated ) are enabled on windows 2000 and 2003 servers . As a result anyone can use these NULL connections to enumerate potentially sensitive information from the servers. Null session vulnerability is disabled on fresh Windows 2008 and earlier versions

This post explain the steps for disabling SMB/NETBIOS NULL Session on domain controllers using group policy.

Step 1 : Apply below group policy settings to Default Domain Controller policy object or to the GPO object that is applied to your domain controllers.

Edit GPO- Go to Computer configuration\Policies\Windows settings\Security Settings\Local Policies\SecurityOptions

Enable:
Network access: Restrict Anonymous access to Named Pipes and Shares
Network access: Do not allow anonymous enumeration of SAM accounts
Network access: Do not allow anonymous enumeration of SAM accounts and shares
Network access: Shares that can be accessed anonymously
Disable:
Network access: Let Everyone permissions apply to anonymous users
Network access: Allow anonymous SID/Name translation

Step 2 : Update the registry key values to restrict null session as below:

HKEY\SYSTEM\CurrentControlSet\Control\Lsa:
RestrictAnonymous = 1
Restrict AnonymousSAM = 1
EveryoneIncludesAnonymous = 0

Categories: Active Directory Tags:
%d bloggers like this: