Mohammed Wasay – Dallas based Design Technologist & Hybrid Developer

Get all the domains controllers in the AD forest along with their current FSMO roles

June 11, 2021July 23, 2021

In a large enterprise an admin would need to keep track of all the domains in a AD forest, the domain names, the domain controllers (DC) , their IPs, and what FSMO roles does a DC hold. Wrote a little script to just do that…

Force synchronization for DFSR-replicated SYSVOL

April 22, 2020April 23, 2020

One of my clients had a problem with processing GPO on client computers. Different computers applied different settings from the same GPO but from different domain controllers. All tests related to replication was successful, all GPOs are applied, but replication between domain controllers was a problem, and because of that most clients had a different…

Get Inactive Users Report for the past 60 days in a multi domain environment

February 18, 2020March 4, 2020

I had a request recently to provide an inactive user report for the past 60 days. Basically, find out which accounts have not logged in for the past 60 days so action can be taken against them. The request was for a multi domain forest which queries every domain controller and gets the latest lastlogon…

Get Primary, Secondary, Tertiary DNS values and more from Multiple Servers

February 13, 2020December 5, 2020

Came across a unique request to get primary, secondary, and tertiary DNS values for multiple computers/servers across the domain. I started writing the script and got what I wanted. Now this started off as just to query for DNS Server information, but then I thought to add other pieces to get myself a good Network…

Fix Active Directory broken security inheritance problem

August 8, 2019

Ran into a situation at a client location where in Active Directory, the security permissions applied to an OU were not getting inherited permissions on to the objects. Basically, security inheritance was broken.This causes a problem when the administrative accounts or groups needing to modify an attribute on the AD object throw errors, or are…

How to Fix: Attribute userAccountControl of DC is: 0x82020

July 2, 2019July 2, 2019

When running a DCDiag at a customer site today I had the following error occur: It is a bug when we pre-create a computer account in ADUC and then promote it as DC, the UserAccountControl is set to 532512 instead of the default 532480. You need to manually set the vaulue to 532480 in ADSIEDIT.MSC….

Get All DCs in the Entire Forest

March 6, 2019

Getting a know a new environment for a new client and I a quickly needed information about all domain controllers in the entire forest. Wrote a small little script to provide me all the information I needed:

Import-Module ActiveDirectory

function Get-AllDCsInForest{
[CmdletBinding()]
param(
    [string]$ReferenceDomain = $env:USERDOMAIN
)
 
$ForestObj = Get-ADForest -Server $ReferenceDomain
foreach($Domain in $ForestObj.Domains) {
    Get-ADDomainController -Filter * -Server $Domain | select Domain,HostName,Site, IPv4Address, OperatingSystem, OperatingSystemVersion
     
}
 
}

Get-AllDCsInForest| Export-Csv -Path C:\Scripts\AllDcs.txt -NoTypeInformation

Import-Module ActiveDirectory

function Get-AllDCsInForest{

[CmdletBinding()]

param(

[string]$ReferenceDomain = $env:USERDOMAIN

)

$ForestObj = Get-ADForest -Server $ReferenceDomain

foreach($Domain in $ForestObj.Domains) {

Get-ADDomainController -Filter * -Server $Domain | select Domain,HostName,Site, IPv4Address, OperatingSystem, OperatingSystemVersion

}

Get-AllDCsInForest| Export-Csv -Path C:\Scripts\AllDcs.txt -NoTypeInformation

Point a Window Client or Server to a particular Domain Controller

December 4, 2018November 20, 2020

When troubleshooting domain controller related issues from a client side there are many things that needs to be checked. Few items that need to checked: Review if DCs are hardcoded in the application residing on the client (if application related) Ports are opened from the client to the DC Check if the DCs in the…

Convert a Dynamic IP to Static

October 18, 2018October 18, 2018

Working on a project where on some servers the DHCP assigned addresses needs to be converted to static. Since there is always more than one…I needed to script it. Here is a quick way to do it via PowerShell.

#SwitchIPtoStatic.ps1
#Get All the adapters that are on the Server
$adapters = gwmi -cl win32_networkadapterconfiguration | ? {($_.ipaddress) -and $_.dhcpEnabled -eq 'True' }

foreach ($adapter in $adapters) {
    # Get original settings
    $ipAddress = $adapter.IPAddress
    $subnetMask = $adapter.IPSubnet
    $dnsServers = $adapter.DNSServerSearchOrder
    $defaultGateway = $adapter.DefaultIPGateway

    # Set to static and set dns and gateway:
    $adapter.EnableStatic($ipAddress,$subnetMask)
    $adapter.SetDNSServerSearchOrder($dnsServers)
    $adapter.SetGateways($defaultGateway)
}

#SwitchIPtoStatic.ps1

#Get All the adapters that are on the Server

$adapters = gwmi -cl win32_networkadapterconfiguration | ? {($_.ipaddress) -and $_.dhcpEnabled -eq 'True' }

foreach ($adapter in $adapters) {

# Get original settings

$ipAddress = $adapter.IPAddress

$subnetMask = $adapter.IPSubnet

$dnsServers = $adapter.DNSServerSearchOrder

$defaultGateway = $adapter.DefaultIPGateway

# Set to static and set dns and gateway:

$adapter.EnableStatic($ipAddress,$subnetMask)

$adapter.SetDNSServerSearchOrder($dnsServers)

$adapter.SetGateways($defaultGateway)

}

Hope this helps!

Force Replication of all Domain Controllers on all Sites

September 14, 2018

If you want to replicate all Domain Controllers, then you have to start replication on each of them separately. This may take a while. To save time there is an easier way to force replication on all Domain Controllers of all Active Directory Sites. Log on to one of your Domain Controllers. Start Windows PowerShell…