Active Directory – Mohammed Wasay

Get all the domains controllers in the AD forest along with their current FSMO roles

June 11, 2021July 23, 2021

In a large enterprise an admin would need to keep track of all the domains in a AD forest, the domain names, the domain controllers (DC) , their IPs, and what FSMO roles does a DC hold. Wrote a little script to just do that…

Force synchronization for DFSR-replicated SYSVOL

April 22, 2020April 23, 2020

One of my clients had a problem with processing GPO on client computers. Different computers applied different settings from the same GPO but from different domain controllers. All tests related to replication was successful, all GPOs are applied, but replication between domain controllers was a problem, and because of that most clients had a different…

Get Inactive Users Report for the past 60 days in a multi domain environment

February 18, 2020March 4, 2020

I had a request recently to provide an inactive user report for the past 60 days. Basically, find out which accounts have not logged in for the past 60 days so action can be taken against them. The request was for a multi domain forest which queries every domain controller and gets the latest lastlogon…

Point a Window Client or Server to a particular Domain Controller

December 4, 2018November 20, 2020

When troubleshooting domain controller related issues from a client side there are many things that needs to be checked. Few items that need to checked: Review if DCs are hardcoded in the application residing on the client (if application related) Ports are opened from the client to the DC Check if the DCs in the…

Active Directory Ports required between client and domain controllers

February 20, 2018November 20, 2020

Active Directory uses several ports for communication between domain controllers and clients. These ports are required both by client computers and Domain Controllers. As an example, when a client computer tries to find a domain controller it always sends a DNS Query over Port 53 to find the name of the domain controller in the…

Guide to migrate FRS to DFSR

June 21, 2017June 11, 2021

For most users this article only applies if you have Window 2003/ 2003 R2 Domain Controller in your enviornment that you are planning to get rid off. Pretty soon I hope! 😉 SYSVOL is a folder shared by domain controller to hold its logon scripts, group policies and other items related to AD. All the…