How-to Guides

While troubleshooting an account lockout or investigating an attack, you need to find out when a user last changed their password. Learn how to find the last password change date.

Learn how you can get a list of AD group members in couple of clicks so you can streamline attestation of privileged groups to ensure that only authorized users have administrative rights.

Auditing of both failed and successful logon attempts is extremely important because it helps IT pros detect malicious activity before a data breach occurs. test

Learn how to read AD logs to keep track of changes to your baselines for critical systems of your infrastructure.

Learn how you can monitor AD group membership changes with native auditing capabilities in Windows Server and with Netwrix Auditor.

Improper deletion of a GPO can greatly damage the security of your environment. Monitor GPO deletions to facilitate quick recovery and reduce risk of data exposure.

Constant monitoring of recently enabled accounts enables you to determine who is trying to get unauthorized access to your systems and quickly remediate the issue.

Learn how to audit Group Policy changes with Netwrix Auditor. Monitoring Group Policy logging information helps you prevent security incidents.

Constantly reviewing which accounts were unlocked and by whom enables IT admins to spot suspicious account lockouts and respond quickly to protect systems and data.

Continuous monitoring of changes to security permissions to an OU enables IT admins to minimize the risk of unauthorized access to IT systems.

Carefully monitoring all user account deletions enables IT pros to minimize the risk of business disruption and system unavailability.

Ongoing tracking of deleted computer accounts by IT administrators is important to avoid authentication errors and lost productivity.

To prevent a data breach, it’s critical to ensure that only authorized users are added to the Domain Admins group and thereby get access to critical data.

Ongoing tracking of changes to Active Directory organizational units and groups can help you avoid system downtime, business disruption and loss of productivity.

Timely detection of password change and password reset in Active Directory enables IT pros to investigate suspicious activity and avoid data leaks and system downtime.

The ability to quickly detect a disabled user in Active Directory and identify who disabled the account enables IT Pros to investigate the root cause of suspicious activity.

To thwart attackers, IT pros must be able to continuously audit changes in the environment and quickly determine who created AD user accounts.

Detecting AD user account changes using native auditing is time-consuming. Netwrix Auditor for Active Directory monitors these changes helping you quickly detect intruders.

See how you can find account lockout source and the underlying reason using a PowerShell script or Netwrix Auditor.

Get a report about Active Directory user login history with a PowerShell script or Netwrix Auditor. Review both remote and local logons with time and system details.

Ongoing audit of each user’s last logon date in Active Directory helps IT pros detect inactive accounts that can be used as back doors by attackers.

Auditing of both failed and successful logon attempts is extremely important because it helps IT pros detect malicious activity before a data breach occurs. test

Overcome the limitation of PowerShell scripts to get AD user group membership. Create a list of groups a specific user belongs to and export it to CSV.

Checking AD group membership with command line is the way to review permissions, but not the only way. Learn different ways to get the required info.

This how-to article explains how the Active Directory Recycle Bin’s object restore works, what limitations it has, and how Netwrix can help you overcome those limitations

Learn how to find inactive users in Active Directory using PowerShell or Netwrix Auditor to simplify your AD housekeeping and reduce security risks.

Learn how to check if AD user account is disabled with PowerShell or Netwrix Auditor.

Checking AD group membership with is one method to review and refine access rights, but not the only way. Learn different ways to get the required information.

Learn how to get a comprehensive report on users’ group membership.

Enterprise growth can cause your AD group structure to get quite complex, which can lead to GPO and WSUS policy conflicts. To investigate them, you need to list all Active Directory groups that certain computer account belongs to.

While troubleshooting an account lockout or investigating an attack, you need to find out when a user last changed their password. Learn how to find the last password change date.

Learn how you can get a list of AD group members in couple of clicks so you can streamline attestation of privileged groups to ensure that only authorized users have administrative rights.

Conduct regular reviews of locked-out user accounts in your Active Directory to maintain good IT hygiene.

Discover how to get a list of expired user accounts in your Active Directory to reduce your attack surface area and maximize the security of your IT environment.

Keep track of inactive computer accounts in your Active Directory to reduce the attack surface area and strengthen the security of your IT environment.

Knowing about every disabled user account is crucial if you want to harden the security of your IT systems. Learn how to get a list of disabled users in your Active Directory and export it to a CSV file.

Struggling to get a list of AD OU members? Learn how you can produce a list of all AD users in an OU, with and without PowerShell scripting.

Learn how you can use PowerShell to list all computers in an OU

Learn how to use PowerShell’s Get-ADUser to find users with Password Never Expires

Learn how you can export a list of computers from AD into various formats, including csv and Excel.

Spot unnecessary excessive rights and prevent privilege abuse by regularly viewing Active Directory OU Permissions report.

To mitigate the risk of privilege abuse and pass audits, you need to know how to check user permissions in Active Directory and get a detailed report.

Group Policy settings export with native tools can be a real challenge. But the right software can simplify exporting of Group Policy settings into an easy-to-read report

Restore Active Directory objects to ensure system availability. Plus, quickly recover deleted AD user accounts and other objects to a previous state without any downtime.

By sending automatic notifications to users to change their passwords, IT administrators can ensure IT security and reduce helpdesk workload.

Because IT admins are often asked to export Active Directory to CSV files, having a solution that can quickly export Active Directory objects can save them time.

Exporting users from Active Directory with native tools requires time and effort. The right solution enables you to quickly export AD users to CSV

An Active Directory group membership report shows the members of a particular group. To have this data at hand in a readable format, simply export AD group members to CSV.