server – Mohammed Wasay

Get all the domains controllers in the AD forest along with their current FSMO roles

June 11, 2021July 23, 2021

In a large enterprise an admin would need to keep track of all the domains in a AD forest, the domain names, the domain controllers (DC) , their IPs, and what FSMO roles does a DC hold. Wrote a little script to just do that…

Fix Active Directory broken security inheritance problem

August 8, 2019

Ran into a situation at a client location where in Active Directory, the security permissions applied to an OU were not getting inherited permissions on to the objects. Basically, security inheritance was broken.This causes a problem when the administrative accounts or groups needing to modify an attribute on the AD object throw errors, or are…

Get All DCs in the Entire Forest

March 6, 2019

Getting a know a new environment for a new client and I a quickly needed information about all domain controllers in the entire forest. Wrote a small little script to provide me all the information I needed:

Import-Module ActiveDirectory

function Get-AllDCsInForest{
[CmdletBinding()]
param(
    [string]$ReferenceDomain = $env:USERDOMAIN
)
 
$ForestObj = Get-ADForest -Server $ReferenceDomain
foreach($Domain in $ForestObj.Domains) {
    Get-ADDomainController -Filter * -Server $Domain | select Domain,HostName,Site, IPv4Address, OperatingSystem, OperatingSystemVersion
     
}
 
}

Get-AllDCsInForest| Export-Csv -Path C:\Scripts\AllDcs.txt -NoTypeInformation

Import-Module ActiveDirectory

function Get-AllDCsInForest{

[CmdletBinding()]

param(

[string]$ReferenceDomain = $env:USERDOMAIN

)

$ForestObj = Get-ADForest -Server $ReferenceDomain

foreach($Domain in $ForestObj.Domains) {

Get-ADDomainController -Filter * -Server $Domain | select Domain,HostName,Site, IPv4Address, OperatingSystem, OperatingSystemVersion

}

Get-AllDCsInForest| Export-Csv -Path C:\Scripts\AllDcs.txt -NoTypeInformation

Convert a Dynamic IP to Static

October 18, 2018October 18, 2018

Working on a project where on some servers the DHCP assigned addresses needs to be converted to static. Since there is always more than one…I needed to script it. Here is a quick way to do it via PowerShell.

#SwitchIPtoStatic.ps1
#Get All the adapters that are on the Server
$adapters = gwmi -cl win32_networkadapterconfiguration | ? {($_.ipaddress) -and $_.dhcpEnabled -eq 'True' }

foreach ($adapter in $adapters) {
    # Get original settings
    $ipAddress = $adapter.IPAddress
    $subnetMask = $adapter.IPSubnet
    $dnsServers = $adapter.DNSServerSearchOrder
    $defaultGateway = $adapter.DefaultIPGateway

    # Set to static and set dns and gateway:
    $adapter.EnableStatic($ipAddress,$subnetMask)
    $adapter.SetDNSServerSearchOrder($dnsServers)
    $adapter.SetGateways($defaultGateway)
}

#SwitchIPtoStatic.ps1

#Get All the adapters that are on the Server

$adapters = gwmi -cl win32_networkadapterconfiguration | ? {($_.ipaddress) -and $_.dhcpEnabled -eq 'True' }

foreach ($adapter in $adapters) {

# Get original settings

$ipAddress = $adapter.IPAddress

$subnetMask = $adapter.IPSubnet

$dnsServers = $adapter.DNSServerSearchOrder

$defaultGateway = $adapter.DefaultIPGateway

# Set to static and set dns and gateway:

$adapter.EnableStatic($ipAddress,$subnetMask)

$adapter.SetDNSServerSearchOrder($dnsServers)

$adapter.SetGateways($defaultGateway)

}

Hope this helps!

Force Replication of all Domain Controllers on all Sites

September 14, 2018

If you want to replicate all Domain Controllers, then you have to start replication on each of them separately. This may take a while. To save time there is an easier way to force replication on all Domain Controllers of all Active Directory Sites. Log on to one of your Domain Controllers. Start Windows PowerShell…

All of Windows Cipher Suites

May 15, 2018

Working on a security project and I needed a reference guide as to what cipher suites are supported on what OS. So I have documented a list of the default cipher suites and their preferred order for every Windows Server version. These were gathered from fully patched operating systems.

ConfigMgr 2012 R2 – WSUS sync fails with HTTP 503 errors

March 19, 2018March 19, 2018

Ran into this issue with ConfigMgr 2012 R2 where it was unable to synchronize Software Update Point with the WSUS server. A review of the component status messages for the SMS_WSUS_SYNC_MANAGER component on the primary site server reveals errors related to WSUS synchronization which are similar to the following: Got the following error when trying…

Guide to migrate FRS to DFSR

June 21, 2017June 11, 2021

For most users this article only applies if you have Window 2003/ 2003 R2 Domain Controller in your enviornment that you are planning to get rid off. Pretty soon I hope! 😉 SYSVOL is a folder shared by domain controller to hold its logon scripts, group policies and other items related to AD. All the…

Connecting to a remote domain controller using PowerShell

April 25, 2017April 15, 2020

Covering one of the basic day to day task if you are a Windows Administrator; connecting to the domain controller. Â I try to minimize logging onto servers as much as possible. Â Your thought should be around connecting to the server remotely and doing the work as needed instead of natively logging on to it. I…

Reset Windows Server 2012 R2 RDS 120 Day Grace Period

April 12, 2017

The RD Licensing grace period has expired and the service has not registered with a license server with installed licenses. A RD Licensing server is required for continuous operation. A Remote Desktop Session Host server can operate without a license server for 120 days after initial start up. The official solution is to Activate the…