### Script Starts Here ### $TotNo=0 $ItemCount=0 $TestText = "" $TestStatus="" $SumVal = "" $AnyGap = "No" $ErrorOrNot = "No" $AnyOneOk = "No" $TotDCsInError = 0 $CurForestName="TechGenix.com" $TestCSVFile = "C:\Temp\ADTimeConfiguration.CSV" remove-item $TestCSVFile -ErrorAction SilentlyContinue $ThisString="Domain Controller,Connection,Command Status, Controller Type, Sync Setting,Sync From,Final Status" Add-Content "$TestCSVFile" $ThisString $GDCList = "C:\Temp\DCList.TXT" remove-item $GDCList -ErrorAction SilentlyContinue DSQuery Server -O RDN > $GDCList $Error.Clear() $PDCInForest =Get-ADForest $CurForestName | Select-Object -ExpandProperty RootDomain | Get-ADDomain | Select-Object -Property PDCEmulator IF ($Error.Count -eq 0) { $PDCServer = $PDCInForest.PDCEmulator $RMNow=w32tm /query /configuration /computer:$PDCServer $SyncSettingNow = "" $SyncFrom = "" $FinStatus ="Ok" Foreach ($Item in $RMNow) { $T1, $T2 = $Item.Split(":") IF ($T1 -eq "Type") { IF ($T2 -eq " NTP (Local)") { } else { $AnyGap = "Yes" $FinStatus = "WARNING: Root PDC must sync its time from an External NTP Server by specifying NTP (Local) value in Type Registry entry. It is not recommended to use NT5DS and AllSync(Local) for PDC." } $SyncSettingNow = $T2 } IF ($T1 -eq "NtpServer") { $SyncFrom = $T2 } } $FinalSTR = $PDCServer+",Ok,Ok,PDC,"+$SyncSettingNow+","+'"'+$SyncFrom+'"'+","+$FinStatus Add-Content "$TestCSVFile" $FinalStr } else { $ComConError = $Error[0].Exception.Message $FinalSTR = $ItemName+",$DCConError,"+$ComConError Add-Content "$TestCSVFile" $FinalSTR } Foreach ($ItemName in Get-Content "$GDCList") { $DCConError = "Ok" $DCConStatus = "Ok" $ProceedOrNot = "Yes" $Error.Clear() $AllServices = Get-WMIObject Win32_Service -computer $ItemName IF ($Error.Count -ne 0) { $ProceedOrNot = "No" $TotDCsInError++ $DCConError = $Error[0].Exception.Message $FinalSTR = $ItemName+",Not OK: Error: $DCConError" Add-Content "$TestCSVFile" $FinalSTR } IF ($ProceedOrNot -eq "Yes") { $ComConError="Ok" $Error.Clear() $RMNow=w32tm /query /configuration /computer:$ItemName IF ($Error.count -eq 0) { $AnyOneOk="Yes" $SyncSettingNow = "" $SyncFrom = "" $FinStatus ="Ok" Foreach ($Item in $RMNow) { $T1, $T2 = $Item.Split(":") IF ($T1 -eq "Type") { IF ($T2 -eq " NT5DS (Local)" -or $T2 -eq $Null -or $T2 -eq "") { } else { $AnyGap = "Yes" $FinStatus = "WARNING: Domain Controller must use NT5DS value in Type registry entry. It is not recommended to use AllSync(Local) registry value for domain controllers." } $SyncSettingNow = $T2 } IF ($T1 -eq "NtpServer") { $SyncFrom = $T2 } } IF ($ItemName.ToLower() -eq $PDCServer.ToLower()) { $FinStatus="" } $FinalSTR = $ItemName+","+$DCConError+","+$ComConError+",Domain Controller,"+$SyncSettingNow+","+'"'+$SyncFrom+'"'+","+$FinStatus Add-Content "$TestCSVFile" $FinalStr } else { $ComConError = $Error[0].Exception.Message $FinalSTR = $ItemName+",$DCConError,"+$ComConError Add-Content "$TestCSVFile" $FinalSTR } } else { $ComConError = $Error[0].Exception.Message $FinalSTR = $ItemName+",$DCConError,"+$ComConError Add-Content "$TestCSVFile" $FinalSTR } } $OthText = "" IF ($TotDCsInError -ne 0) { $OthText = "Some Domain Controllers have not been checked due to connectivity or command issues." } IF ($AnyGap -eq "Yes") { $TestText = "Domain Controller Time Synchronization is not correct. Please ensure PDC syncs its time from an External NTP Server and other domain controllers sync using the default Time Synchronization settings. All other Domain Controllers must be using NT5DS registry entry. $OthText" $SumVal = $TotNo $TestStatus="Critical" } IF ($AnyGap -eq "No") { $TestText = "Time Synchronization is configured correctly in Active Directory Forest. $OthText" $SumVal = "" $TestStatus="Passed" IF ($AnyOneOk -eq "No") { $TestText = "Error Executing Dynamic Pack." $SumVal = "" $TestStatus="Completed with Errors." } } $STR = $ADTestName +","+$TestStartTime+","+$TestStatus+","+$SumVal +","+$TestText ### Script Ends Here ###