Setting up Time Sync when all domain controllers are virtual machines?

Similar Messages

• HT4623 How can u set up your iphone when all the files are deleted?

  How can I set up my iphone if all the files are deleted?

  What files are deleted?
  Please explain

• Help with Powershell script to gather eventlogs from all Domain Controllers

  I am trying to write a script to grab the last 5 days of application, security and system logs from all domain controllers. The script runs but only pulls the logs from the local server. The $Computer variable has all of my DC's so it is querying fine. I
  assume it is an issue with my ForEach-Object line but it doesn't error out. See the script below.
  $log = "Application"
  $date = get-date -format MM-dd-yyyy
  $now = get-date
  $subtractDays = New-Object System.TimeSpan 5,0,0,0,0
  $then = $Now.Subtract($subtractDays)
  $Computers = Get-ADDomainController -filter *
  ForEach-Object -InputObject $Computers  -Process {Get-EventLog -LogName $log -After $then -Before $now -EntryType Error | select EventID,MachineName,Message,Source,TimeGenerated | ConvertTo-html | Out-File $env:TEMP\Applicationlog.htm}
  Invoke-Expression $env:TEMP\Applicationlog.htm
  Thanks,
  Rich

  Also, you're missing the -ComputerName parameter in the Get-EventLog Cmdlet. 
  I would re-write the loop part of the script like this:
  $log = "Application"
  $date = get-date -format MM-dd-yyyy
  $now = get-date
  $subtractDays = New-Object System.TimeSpan 5,0,0,0,0
  $then = $Now.Subtract($subtractDays)
  $Computers = Get-ADDomainController -filter *
  foreach ($Computer in $computers) {
  Get-EventLog -ComputerName $Computer -LogName $log -After $then -Before $now -EntryType Error |
  select EventID,MachineName,Message,Source,TimeGenerated | ConvertTo-html | Out-File .\Applicationlog.htm -append
  Invoke-Expression .\Applicationlog.htm
  Sam Boutros, Senior Consultant, Software Logic, KOP, PA http://superwidgets.wordpress.com (Please take a moment to Vote as Helpful and/or Mark as Answer, where applicable)

• Set the time interval when BPM read e-mail to get offline adobe forms

  Hi masters
  Do you know where I can set the time interval when the BPM read the e-mail account to get the off-line adobe forms received ? I think it is 10 minutes but I need to change to 1 minute.

  there is a config attribute

• How can you reinstall SL on a older mini, I just upgraded to Lion .Since I downloaded it, I made a disk copy for the future  when all the kinks are work out. But would really like to go back to SL for now. I tried my reinstall disk, which didn't work.

  I have an older Mac mini  using SL as my last upgrade and really like it.. Just last week I upgraded to Lion, and do not like it,,,I would like to reinstall SL but do not know how to go about it,,,I did burn a copy of Lion and will reinstall it when all the kinks are worked out..Can someone tell me how uninstall Lion and reinstall SL.....Thx

  Downgrade Lion to Snow Leopard
  1.  Boot from your Snow Leopard Installer Disc. After the installer loads select your language and click on the Continue button.  When the menu bar appears select Disk Utility from the Utilities menu.
  2. After DU loads select your hard drive (this is the entry with the mfgr.'s ID and size) from the left side list. Note the SMART status of the drive in DU's status area.  If it does not say "Verified" then the drive is failing or has failed and will need replacing.  SMART info will not be reported  on external drives. Otherwise, click on the Partition tab in the DU main window.
  3. Under the Volume Scheme heading set the number of partitions from the drop down menu to one. Set the format type to Mac OS Extended (Journaled.) Click on the Options button, set the partition scheme to GUID then click on the OK button. Click on the Partition button and wait until the process has completed.
  4. Quit DU and return to the installer. Install Snow Leopard.
  This will erase the whole drive so be sure to backup your files if you don't have a backup already. If you have performed a TM backup using Lion be aware that you cannot restore from that backup in Snow Leopard (see below.) I suggest you make a separate backup using Carbon Copy Cloner 3.4.1.
  If you have Snow Leopard Time Machine backups, do a full system restore per #14 in Time Machine - Frequently Asked Questions.  If you have subsequent backups from Lion, you can restore newer items selectively, via the "Star Wars" display, per #15 there, but be careful; some Snow Leopard apps may not work with the Lion files.

• Error in Installing Netweaver--domain controllers are not supported

  When i make the pre-requisite check for installing Netweawer 2004s
  I am getting the follwoing error
  <b>installation to domain controllers are not supported</b>
  Pls help me how to resolve this
  Thanks in Advance

  hi balaji,
                FYI,
                       You cannot create local users and groups on the host that is used as domain controller. Therefore, we do not support running an SAP instance (including the database instance) on the host where the DNS service is installed.
  so try to log with a user, who has administrator rights. and check whtr all the services are up & running. then try to re-install.
  for more on this refer the installation manual.
  hope this will help you.
  with regards,
  Rajesh.
  <i> plz, award with suitable points </i>

• URGENT!! Demoted SBS server and now no other Domain Controllers are functioning

  Last night we were demoting a 2003 SBS in a domain. We have 3 other domain controllers that were online and appeared to be functional. All were shown in Sites and Services as GC. However, after demoting the SBS server, our other Domain controllers are not
  functioning as GCs or as DCs.
  I can get into Sites and Services if I let it fail when it tries to connect to the domain and then tell it to connect to the specific domain controller. But then things don't look quite right. I can't see all the tabs when I drill down to NTDS Settings and
  go to properties. The only tabs that show up are Security and Attribute Editor. Same thing with ADUC, I only get some of the tabs. It is like only half of AD is there.
  I need some urgent help if anyone can assist.

  Hi,
  In order to identify the cause, I suggest you run
  DCDiag command on a Domain Controller, and post out the results for troubleshooting:
  Dcdiag
  http://technet.microsoft.com/en-us/library/cc731968.aspx
  What does DCDIAG actually… do?
  http://blogs.technet.com/b/askds/archive/2011/03/22/what-does-dcdiag-actually-do.aspx
  Best Regards,
  Amy Wang

• Email submit button causing required error when all required fields are filled in

  It looks like if I have more than 1 instance of subform  added,  my email submit button triggers "..at least one required " error message when all required fields are filled-in.
  I toggle subforms between "visible" and "hidden (from layout)".  Any suggestion is appreciated.
  ralph

  The fields that are hidden should have the validate.nullTest property set to "disabled", something like;
  TextField1.validate.nullTest="disabled";

• Installations on domain controllers are not supported

  Hi All, While checking prerequisites of operating system users and groups, following error message are getting. "installations on domain controllers are not supported". Please help. Thanks, Sam

  Hi Sam,
  I assume as a technical limiation from SAP. which I suppose being as a local user or even as a local group cannot be done or created on Domain controller..
  "You cannot create local users and groups on the host that is used as domain controller. Therefore, we do not support running an SAP instance (including the database instance) on the host where the domain controller is installed.
  I hope it helps.
  Regards,
  Deepanshu Sharma    

• HT1338 When all your apps are ⊥o ⊥he la⊥es⊥ versions, how do you manage if ⊥here is an upda⊥e if your apps are no⊥ recognized in AppS⊥ore because you have changed your iMac compu⊥er?

  When all your apps are ⊥o ⊥he la⊥es⊥ versions, how do you manage if ⊥here is an upda⊥e if your apps are no⊥ recognized in AppS⊥ore because you have changed your iMac compu⊥er and you have made a da⊥a ⊥ransfer of ⊥he whole sys⊥em and apps? When you own only one compu⊥er (excep⊥ an iPhone).

  Make sure you are signed in with your Apple ID. Try reindexing Spotlight.
  Spotlight – Re-index

• When using Tab Groups, is less power/memory used or is it the same as when all the tabs are opened in the task bar?

  When using Tab Groups, is less power/memory used or is it the same as when all the tabs are opened in the task bar?

  it's just another View for your tabs which needs less *space* in the taskbar, but same *memory* of your computer.
  exception: if you (re)start FF and restore the last session (with lots of tabs/groups) there is an option in FF-Settings to load the (content of the) tabs only as soon as they are clicked, and not as soon as FF starts. That trick saves memory.

• Can I apply any application patch when all application services are down?

  Hello All,
  Can I apply any application patch when all application services are down?
  Reg
  Chirag Patel

  Definitely you can. On some operating system (like Windows), if relinking is part of the patch then you cannot apply patches unless Application services are down.
  Whenever we apply a patch, we enable maintenance mode through adadmin, this would stop users from accessing the application during patch installation. However, you still can use "adpatch options=hotpatch" to apply a patch without enabling maintenance mode.

• Time Sync from Child domain to Parent doamin

  Now the time in our child domain is fast 2 Mins than parent domain, how to sync the time by what command ?

  Hi,
  By default, the PDC Emulator of the Forest Root Domain is considered as the best time source in an Active Directory forest. Other domain controllers
  in the Forest Root Domain use it for time synchronization while domain controllers in child domains use the PDC Emulator or any domain controller from parent domain for time synchronization. Member servers and Workstation use domain controllers in their domain
  for time synchronization. With this hierarchy, we can maintain a reliable time synchronization system that allows avoiding Kerberos failure issues in an Active Directory domain. This configuration is by default in an Active Directory forest and does not need
  to be changed.
  As mentioned by SH.Hashemi, we can run command
  w32tm\resync to resynchronize the clock as soon as possible, disregarding all accumulated error statistics.
  Regarding time synchronization in active directory, the following articles can be referred to for more information.
  Time Synchronization in Active Directory Forests
  https://social.technet.microsoft.com/wiki/contents/articles/18573.time-synchronization-in-active-directory-forests.aspx
  How the Windows Time Service Works
  http://technet.microsoft.com/en-us/library/cc773013(v=ws.10).aspx
  W32tm
  http://technet.microsoft.com/en-us/library/bb491016.aspx
  Best regards,
  Frank Shen

• UnLock Ad user from all Domain controllers

  We have 13 domain controllers in  5 Active directory sites, Unlock status is not updating in All DC's immediately. please help me to unlock Ad user from all the Domain controllers.
  Below is the script to unlock Ad account from one domain controller:
  Clear-Host
  $luser = Read-Host “Input the name (Last name, First name) of the locked user”
  $lockstatus = Get-ADUser "$luser" –Properties lockedout -Server DC10
  if ($lockstatus.lockedout –eq $True)
  $nul = Get-ADUser "$luser" | Unlock-ADaccount
  $nul = Get-ADUser "$luser" | Set-ADAccountPassword -NewPassword “password”
  Write-Host "Account unlocked and password reset"
  if ($lockstatus.lockedout –eq $false)
  Write-Host "Account is not locked"
  Raj

  we have remote site users are facing problems.
  Our L1 agents will unlock User ID in Primary site, replication taking time to replicate to remote DC.
  So need a script to unlock USer ID in all Dcs
  Raj
  Replication of unlocks is faster than you can  do it in script.  It is pushed immediately.  It does not wait fro replication. If thisis not happening then you need to find the problem and fix it.
  You need to fix your problem.  A script will not fix it.
  IF you insist on doing it manually then just run the script one time for each DC.
  If you still do not know what to do you must contact a consultant or your network vendor and have them assist you with this.   We are not a custom solution provider or a free script writing forum.  Doing this would keep you from fixing a problem
  which could lead to other bad things.  Please take the time to take the correct technical steps.
  One thing that might help is to NOT select a DC for the reset.  The DC you are selecting is probably not replicating.  Let Windows choose a DC for you.
  You must run diagnostics on your network to find out what is happening.  Contact you network administrator to do this.  If you do not have a trined network administrator then please contact a consultant or your vendor.
  ¯\_(ツ)_/¯

• Fetch client IP addresses from the Netlogon.log file of all domain controllers in the domain

  Hi,
  The event ID 5807 is logged in the system logs of domain controllers as a result of which the IP addresses for the missing subnets are logged in Netlogon.log under %systemroot%/debug. The end goal is to fetch the IP addresses along with rest of the respective
  attributes from the Netlogon.log for all the domain controllers in the domain. I have the following script however, it gives me a 0KB file despite the fact that the Netlogon.log on the DC contains ample entries from last two months. 
  function GetDomainControllers {
      $DCs=[system.directoryservices.activedirectory.domain]::GetCurrentDomain() | ForEach-Object {$_.DomainControllers} | ForEach-Object {$_.Name}
      return $DCs
  function GetNetLogonFile ($server) {
      $path= '\\' + $server + '\c$\windows\debug\netlogon.log'
      try {$netlogon=get-content -Path $path -ErrorAction stop}
      catch { "Can't open $path"}
      #reverse the array's order to the end of the file
      [array]::Reverse($netlogon)
      $IPs=@()
      foreach ($line in $netlogon) {
          #split the line into pieces using a space as the delimiter
          $splitline=$line.split(' ')
          #Get the date stamp which is in the mm/dd format
          $logdate=$splitline[0]
          #split the date
          $logdatesplit=($logdate.split('/'))
          [int]$logmonth=$logdatesplit[0]
  #last month and this month
          if (($logmonth -eq $thismonth) -or ($logmonth -eq $lastmonth)) {
              #only push it into an array if it matches an IP address format
              if ($splitline[5] -match '\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b'){
                  $objuser = new-object system.object
                  $objuser | add-member -type NoteProperty -name IPaddress -value $splitline[5]
                  $objuser | add-member -type NoteProperty -name Computername -value $splitline[4]
                  $objuser | add-member -type NoteProperty -name Server -value $server
                  $objuser | add-member -type NoteProperty -name Date -value $splitline[0]
                  $objuser | add-member -type NoteProperty -name Time -value $splitline[1]
                  $IPs+=$objuser
          } else {
              #break out of loop if the date is not this month or last month
              break
      return $IPs
  #Get last month's date
  $thismonth=(get-date).month
  $lastmonth=((get-date).addmonths(-1)).month
  #get all the domain controllers
  $DomainControllers=GetDomainControllers
  #Get the Netlogon.log from each DC
  Foreach ($DomainController in $DomainControllers) {
      $IPsFromDC=GetNetLogonFile($DomainController)
      $allIPs+=$IPsFromDC
  $allIPs | Sort-Object -Property IPaddress -Unique | Export-Csv "E:\bin\NetlogonIPs.csv"
  PLEASE HELP!!

  Hi jrv,
  Thanks a lot for your help.
  I understand you cannot keep on iterating the code for me. However, I am stuck at this error :-
  ERROR : Exception calling "Parse" with "1" argument(s): "String was not recognized as a valid DateTime."
  After the following code finishes executing, I get the following output :-
  $csv=cat c:\windows\debug\netlogon.log |
  %{'{0}|{1}' -f $_.SubString(0,14),$_.SubString(15,$_.Length-15)}|
  ConvertFrom-Csv -Delimiter '|' -header time,message
  time message
  04/14 01:18:45
  NO_CLIENT_SITE: ServerX 10.x.x.x
  04/14 01:17:45
  NO_CLIENT_SITE: ServerY 10.x.x.x
  04/14 01:17:44
  NO_CLIENT_SITE: ServerY 10.x.x.x
  04/14 01:17:43
  NO_CLIENT_SITE: ServerX 10.x.x.x
  However, I get the above mentioned error at the following line :-
  $csv|%{$_.time=[datetime]::Parse(($_.time -replace ' ','/2015 '))}
  I would later want to run the query just for logs from past day.
  Entire code is as follows :-
  function GetDomainControllers {
      $DCs=[system.directoryservices.activedirectory.domain]::GetCurrentDomain() | ForEach-Object {$_.DomainControllers} | ForEach-Object {$_.Name}
      return $DCs
  function GetNetLogonFile ($server) {
      $path= 'C:\Test\netlogon.log'
      try {$netlogon=get-content -Path $path -ErrorAction stop}
      catch { "Can't open $path"}
      #reverse the array's order to the end of the file
      [array]::Reverse($netlogon)
      foreach ($line in $netlogon) {
     $csv=  $netlogon | %{'{0}|{1}' -f $_.SubString(0,14),$_.SubString(15,$_.Length-15)}| ConvertFrom-Csv -Delimiter '|' -header time,message | Out-Gridview
     $csv|%{$_.time=[datetime]::Parse(($_.time -replace ' ','/2015 '))}
  #get all the domain controllers
  $DomainControllers=GetDomainControllers
  #Get the Netlogon.log from each DC
  Foreach ($DomainController in $DomainControllers) {
      GetNetLogonFile($DomainController)
  Please help!! Any help will be highly appreciated.