Get Members of Local Group

0 comments

I have seen many administrators who has difficulty to find members of local group (i.e. Administrators) for 100 or more servers. There are many scripts but they have their standard functionality and fixed output. When you try to modify the script as per your requirements, it become a big pain in a**.

Here are some links of good written scripts which can help you.
https://gallery.technet.microsoft.com/scriptcenter/Get-GroupMember-Get-Local-72fecf21
https://www.petri.com/use-powershell-to-find-local-groups-and-members
https://gist.github.com/jdhitsolutions/2b3f8761db581726802e
Use them at your own risk.

System Up Time Since Last Reboot

0 comments

While working on some tasks i came into a situation where i wanted to fetch system up time since last reboot. With help of Powershell i created a script which will check system connectivity first and then let me know the system up time in days and hours. So, i thought to share it with everyone.

Here is the script.

Good Steps to Secure Your Windows DNS infrastructure

0 comments

I am going to discuss some common DNS attacks which i have seen so far. There could be more and it would be great if you share your experience in the comments. So that others would be already aware about these attacks.

Including my experience i found some valuable information on internet and combined everything here.

Disabling SMBv1 broke Network Login

0 comments

As per the Microsoft recommendation, SMBv1 should be disabled on all servers of a domain. We made this change on our all servers. After some days, we found that we are not able to RDP into the servers and we are not able to resolve their DNS hostname as well.

After digging into the problem, I found that "NetLogon" Server was stopped. When I tried to run it, it gave me error that one of its dependency service is stopped or disabled. Later I found that it is because of "Workstation" service because it was also in stopped mode. In event log I found that it is not able to run because SMBv1 is disabled. Below are the screenshots which will show you what I am talking about.

Configure NTP Service in your enterprise domain

0 comments

Applies to : Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016

I was asked to help a client who recently created new domain controllers and removed the old ones. It included transfer of FSMO roles too. They were few issues which they were facing.

1. All clients were getting different time zones.
2. Event IDs 50 on PDC [The time service detected a time difference of greater than…]
3. Authentication was stopped for some sites.

When I looked events on PDC, then I found that root cause. NTP settings was not defined properly due to which all these issues were there. It happened because they transferred PDC role from old DCT to new DCT. Here are the steps which I followed and it was fixed after that.

SVCHOST.exe is utilizing 100% CPU

0 comments
Sometimes we notice all of sudden 100% hike in CPU utilization on a server and finds "Svchost.exe" as a culprit. But this executable doesn't give much information what is it running or what is it using. There are few tricks to troubleshoot the problem but before i would like to tell you about "Svchost.exe" in brief.
"Svchost" stands for "Service Host". It is an executable for those services and applications which has only .dll files. Like, W32Time, Dhcp, Dnscache, EventLog, Themes, etc,. It means that it is very important executable to run these critical services.

PowerShell: Find all group policies as per the required string

0 comments
Sometimes it happens when you are asked to check all group policies which has a particular settings. There could be many reasons for the same, like need to change the setting globally, or remove the setting. When you start working on it, you see thousands of group policies to check and make the changes.

Making change in the policy is not time consuming but to find all policy on which you need to make this change is really complicated and too time consuming.

Being a powershell lover, i created a script which will help you to get the list of all GPOs as per your passed string and its status whether it is linked or not.