Clean up orphaned Foreign Security Principals

Foreign Security Principals or FSPs have existed since Windows Server 2000. However, you could work as a system administrator for years without even noticing their presence because the mechanism behind them is almost fully transparent—almost. Contents of this article: FSPs in a nutshell Why an FSP becomes an orphan How to identify and clean up […]

Buggy WhatIf parameter…

I had recently to reset a bunch of user accounts. Before informing people about the change, and in order to test my script I used the WhatIf parameter. Unfortunately, the Set-ADAccountPassword cmdlet didn’t return anything… And after a few minutes, people started to call for help about their password… I didn’t know that this is […]

How to view/add an SPN with Powershell

No need to bother with the syntax of SetSPN anymore (despite it still works). There is now a native function built into the Get-ADComputer and Set-ADComputer cmdlets. View all SPN for a given computer Use the Get-ADComputer cmdlet and specify the ServicePrincipalNames parameter. It returns an array of values you can easily expand with the […]