How to find extended rights that apply to a schema class object

Recently, I came across this question (how to find extended rights that apply to a schema class) in our internal mailing lists. Extended rights are special permissions that denote a special task or function. These rights apply to one or more object classes and can be found stamped in the security descriptor of an object….


Active Directory Management Gateway Service released to web – manage YOUR Windows 2003/2008 DCs USING AD POWERSHELL !

RTW version of Active Directory Management Gateway Service (ADMGS), an Active Directory Web Services (ADWS overview here) out of band release for down level servers is now available to download from Microsoft Download Center Page. ADMGS is a down level release of in-box version of Windows Server 2008 R2  ADWS and provides the same functionality….


Token Bloat Troubleshooting by Analyzing Group Nesting in AD

This tool started when I was finding ways to analyze the complexity of group memberships in AD. Other than the usual average/median/min/max of number of members, number of memberships etc, I was also interested in finding out the maximum nesting levels of groups and the recursive group membership count. For e.g. in the diagram below,…