Monday, January 30, 2017

Powershell Get all groups that are managed by a user

After execution you have to enter the samaccountname and the managed groups will be shown in a grid-view. If no groups are managed by the entered user, nothing will popup.

Download Script

$acccount = Read-Host “Enter user name”
Get-ADGroup -LDAPFilter "(ManagedBy=$((Get-ADuser -Identity $acccount).distinguishedname))" | Out-GridView

Thursday, January 19, 2017

Domain Controller time is out of sync

Hardware->
Check hardware
Check VM configuration and Hypervisor settings
Check network / firewalls

Operating System->
On the affected DC run the following in cmd:
w32tm /config /syncfromflags:domhier /update
W32tm /resync /rediscover
net stop w32time && net start w32time

No change check the following regkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config
AnnounceFlags must be set to 10 (Dec) or a (Hex)
If you have to set it just run again:
net stop w32time && net start w32time

At least you can try to set default settings:
net stop w32time
w32tm /unregister
w32tm /register
net start w32time