Domain Controller - J House Consulting - DevOps, Microsoft, Citrix & Desktop Virtualisation (VDI) Specialist

Script to Find Missing Subnets in Active Directory

January 23, 2014January 21, 2014 by Jeremy Saunders

This PowerShell script will collect all Netlogon.log files from the Domain Controllers, export the last x lines and combine it into one file of unique IP Addresses in CSV format. This easily and simply allows you to then identify any missing subnets that need to be added and associated to an Active Directory Site.

Yes, there are a couple of good examples of this type of script already available on the Internet. The trouble with them is that they would not produce reliable results, especially across environments where Domain Controllers were not all at the same Windows Server versions. Not a great practice, but it does happen in the larger environments where migrations are completed in phases. I’ve previously blogged about the change to the fields in the Netlogon.log file. I also found that other scripts were quite inefficient when reading and collecting the Netlogon.log files over WAN connections. The Report the AD Missing Subnets from the NETLOGON.log script by Francois-Xavier CAT was the best available. So I used it as a base to help derive the results I was after.

Script to Create Group Policy Objects and WMI Filters to Manage the Time Server Hierarchy

February 22, 2017January 10, 2014 by Jeremy Saunders

This PowerShell script will create the Time Server GPOs and WMI Filters for the Domain Controllers to ensure your time server hierarchy remains correct for transfer and seizure of the PDC emulator FSMO role holder.

However, before I talk about the script it’s important to provide some background information on the required settings for the Windows Time Service (W32Time), as many tend to get it wrong.

The three (3) important settings are:

NTPServer
Type
AnnounceFlags
Read more

NetApp Filers and vFilers generating Netlogon Event ID 5722 errors on Windows 2008 R2 Domain Controllers

August 8, 2012August 7, 2012 by Jeremy Saunders

I have a customer where the NetApp Filers and vFilers are generating Netlogon Event ID 5722 in the System event log on the Windows 2008 R2 Domain Controllers.

Example:

Log Name: System
Source: NETLOGON
Date: 18/07/2012 11:32:22 AM
Event ID: 5722
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: dc1.mydomain.com
Description:
The session setup from the computer vfiler1 failed to authenticate. The name(s) of the account(s) referenced in the security database is vfiler1$. The following error occurred:
The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you.