Archive

Posts Tagged ‘Active Directory’

The Active Directory integrated DNS zone _msdcs.domain.com was not found

November 22, 2016 Leave a comment

I did not discover this fix. I found this from TechNet forums but have since lost the link.

The fix below helped me resolve this problem.

Problem:
The Active Directory integrated DNS zone _msdcs.domain.com was not found.

Solution:

  • Create a zone called "_msdcs.domain.com"
  • Make it AD integrated
  • Allow secure only updates and Click Finish
  • Go back into the zone properties
  • Change the replication scope to "All DCs in the Forest"
  • Delete the _msdcs folder under domain.com
  • Run an ipconfig /registerdns
  • stop netlogon
  • start netlogon
  • The SRVs should populate shortly, if they already haven’t

Credit goes to users on TechNet Forums.

-Eric

Advertisements

PowerShell – Search any User on Active Directory–updated

November 21, 2016 Leave a comment

Below is an updated script that helps you find any user in AD with details like when the User object was created, modified, lockout time, bad password time, last logon etc.

$user = Read-Host "Enter the name of the user"
Get-ADUser -Filter "sAMAccountName -like ‘*$user*’" |
Get-ADObject -Properties * | fl Name,SamAccountName,UserPrincipalName,DistinguishedName,objectSID,Title,Department,telephoneNumber,` Created,Modified,lockoutTime,`
@{n=’accountExpires’;e={[DateTime]::FromFileTime($_.accountExpires)}},`
@{n=’LastLogon’;e={[DateTime]::FromFileTime($_.LastLogon)}},`
@{n=’badPasswordTime’;e={[DateTime]::FromFileTime($_.badPasswordTime)}},`
@{n=’pwdLastSet’;e={[DateTime]::FromFileTime($_.pwdLastSet)}},`
msExchWhenMailboxCreated

-Eric

PowerShell – Search any User on Active Directory

May 24, 2016 Leave a comment

Below is a small PowerShell script that allows you to search any user on Active Directory:

$user = Read-Host "Enter the name of the user"
Get-ADUser -Filter "sAMAccountName -like ‘*$user*’" |
Get-ADObject -Properties * | ft Name,SamAccountName,Title,,UserPrincipalName,Department

-Eric

PowerShell – Search and Unlock Active Directory Account

May 23, 2016 Leave a comment

Nice little one-liner to Find and Unlock Active Directory Accounts

Search-ADAccount -LockedOut | Unlock-ADAccount –Confirm

-Eric

How to clear values via PowerShell in Active Directory

March 23, 2016 Leave a comment

Command:

$user = domainuser

set-aduser $user –clear manager

This also works for multiple values, like phonenumber, address etc. just add a coma after values.

-Eric

Windows Time config for Active Directory

March 20, 2016 Leave a comment

Small list of quick windows time service commands

  • w32tm /query /peers
  • net stop w32time
  • net start w32time
  • w32tm /config /manualpeerlist:"0.uk.pool.ntp.org,0x1 1.uk.pool.ntp.org,0x1 2.uk.pool.ntp.org,0x1 time.windows.com,0x1" /syncfromflags:manual /update /reliable:yes

Here’s a full article how Windows Time Service works – Link

DNS zone _msdcs.domain.com was not found

March 17, 2016 Leave a comment

Error/Problem:

The Active Directory integrated DNS zone _msdcs.domain.com was not found.

Resolution/Fix:

  • Create a zone called "_msdcs.domain.com"
  • Make it Active Directory integrated and allow only secure updates. Click Finish.
  • Go into the zone properties,change the replication scope to "All DCs in the Forest"
  • Delete the _msdcs folder under intdom.com
  • Run an ipconfig /registerdns
  • net stop netlogon && net start netlogon

    This should populate the zone shortly

Source: Technet forums

– Eric