The goal is to use PowerShell to create a GPO and a WMI filter for the PDC. The PDC is the authoritative time source in a Domain and it’s vital that only the PDC syncs with the upstream time source. Every other domain controller should, in turn, sync from the PDC, maintaining a proper hierarchy and preventing clock chaos

Zero Trust - This blog will provide an in-depth explanation of the AD delegation model that has been delivered by PowerShell for a Zero Trust Network

In this post, we'll delve into the automated deployment of a Domain using PowerShell in tandem with a JSON configuration file.

Welcome back to the continuation of our series on deploying Domain Controllers using PowerShell and JSON. If you've been following along with Part 1, you should now have a newly configured Domain Controller with a delegated Organizational Unit (OU) structure in place.

This post walks through how to use PowerShell to set up targeted delegation for DNS, creating the right AD groups with clear scopes and following Microsoft’s recommended naming conventions.

How to Delegate Active Directory OU's with PowerShell Today is a quick explanation regarding OU delegation using PowerShell with usable examples and how-to located the GUID that identifies the object type being delegated.

Tried merging GPOs with PowerShell? It’s not as straightforward as it sounds, PowerShell is really just providing logic around LGPO.exe. Still, the method below does the job of merging disparate GPOs for domain deployment.

If you’ve ever tried managing Group Policies with PowerShell, you’ll know Microsoft’s support is… less than ideal (read: nonexistent). Sure, there are paid third-party tools to fill the gap, but you can also just follow this article and get it done for free.

Ever wondered what all those Windows Guids translated to in User Rights Assigments? Follow the link and run the script with Admin...

Prevent lateral movement of hackers around the domain searching for escalation points to elevate to Domain Admins. Preventing escalation via cached or actively logged on privileged accounts can be accomplished with segregated tiers between Workstations, Servers and Domain Controllers.