How to get the ‘real’ last logon time of an Active Directory user

How to get the ‘real’ last logon time of an Active Directory user

Yes, Active Directory provides details on when an active directory user last logged on. However, in a multi domain controller environment it may be tricky to get this information. If you’re on a single domain controller domain you can use Active Directory Users...
How to purge Kerberos tickets of the system account

How to purge Kerberos tickets of the system account

… or: How to update group membership information of the computer account? When updating Active Directory group membership of your users you usally ask them to logoff and logon again – or even to reboot the machine. You don’t tell them why, you just...
Ambiguous Name Resolution (ANR) for LDAP

Ambiguous Name Resolution (ANR) for LDAP

What is ANR? Ambiguous Name Resolution (ANR) is an efficient search algorithm associated with Lightweight Directory Access Protocol (LDAP) clients that allows for objects to be bound without complex search filters. ANR is useful when you are locating objects and...