Get-DnsServerZone | ForEach-Object { Get-DnsServerResourceRecord -ZoneName $_.ZoneName -RRType Ns | Where-Object {$_.RecordData.NameServer -like ‘DCName.fqdn.com.‘} | Remove-DnsServerResourceRecord -ZoneName $_.ZoneName -Confirm:$false } Replace the bold test with the fully qualified domain name of the name server. Don’t forget to keep the period at the end of it as well.
Recently I ran into an issue where trying to enable or disable the option ‘Cannot Change Password’ in Active Directory in my C# code. Using a Domain Administrator account the code worked perfectly fine, but when it was run under a non-administrator I would get “Constrain Violation Occurred” and the following exception "0000051B: AtrErr: […]
The following code will check if a user is a member of a specific group. This will work with a domain trust and Foreign Security Principals. See the update below! groupName = The sAMAccountName of the group you want to check the members of. SearchDomain = This is the FQDN that you will be searching […]
You can use this code to determine the DOMAIN\username from the Foreign Security Principal which is really the SID of the account. Pass the full distinguishedName of the ForeignSecurityPrincipal. static string GetUserNameOfFSP(string ForeignSecurityPrincipal) { //Returns with syntax of "DOMAIN\logonname" try { DirectoryEntry user = new DirectoryEntry("LDAP://" + ForeignSecurityPrincipal); SecurityIdentifier sid = new SecurityIdentifier((byte[])user.InvokeGet("objectSid"), 0); NTAccount […]
Authenticate a user’s credentials with this code against a domain. This also works with a domain trust. static bool AuthenticateUser(string userName, string password, string domain) { bool authentic = false; try { DirectoryEntry entry = new DirectoryEntry("LDAP://" + domain, userName, password); object nativeObject = entry.NativeObject; authentic = true; } catch (DirectoryServicesCOMException e) { Console.Write(e.Message); } […]