locked
I need a script or a command that can find the DCs those were created\promoted recently RRS feed

  • Question

  • I need a script or a command that can find the DCs those were created\promoted recently in a domain. This is for the automation purpose. Somehow Im unable to move further with the below script, Please help.

    $admind = "CN=Admin-Description," + (Get-ADRootDSE).schemanamingcontext
    $dcs = Get-ADDomainController -Filter * | sort name
    foreach ($dc in $dcs) {
        $name = $dc.name
        $wc = (Get-ADObject $admind -Server $name -Properties whenchanged).whenchanged.ToShortDateString()
        If ($wc.Whencreated -gt (get-date).adddays(-2))
        {
        Echo "Below DC were recently added to the domain, Please report"
        Write-Host $name
        }
        Else
        {
        Echo "No Dcs were recently added"
        }
    } # end foreach

    Friday, August 8, 2014 7:32 PM

Answers

All replies

  • What is the problem?


    ¯\_(ツ)_/¯

    Friday, August 8, 2014 7:40 PM
  • The following might be easier for you to understand.

    $vintage=[datetime]::Today.AddDays(-2)
    $dcs = Get-ADDomainController -Filter * | %{Get-ADComputer $_.ComputerObjectDN -Properties *}
    foreach ($dc in $dcs){
         If($dc.Whencreated -gt $vintage){
            Write-Host "$($dc.Name) was recently added to the domain, Please report" -ForegroundColor green
         }else{
             Write-Host "$($dc.Name) is not new" -fore white -Back blue
         }
    }



    ¯\_(ツ)_/¯






    • Edited by jrv Friday, August 8, 2014 7:57 PM
    • Proposed as answer by jrv Friday, August 8, 2014 8:09 PM
    Friday, August 8, 2014 7:46 PM
  • Hi,

    I think this is what you're after, but I'm not really sure what you're asking:

    Get-ADDomainController -Filter * | ForEach {
    
        $dcDetails = Get-ADObject -Identity $_.ComputerObjectDN -Properties whenChanged
    
        if ($dcDetails.whenChanged -gt (Get-Date).AddDays(-2)) {
    
            Write-Output "$($dcDetails.Name) was recently changed."
    
        } else {
    
            Write-Output "$($dcDetails.Name) has not been recently changed."
    
        }
    
    }


    EDIT: Forgot to refresh the page before posting again.... See above.

    Don't retire TechNet! - (Don't give up yet - 12,950+ strong and growing)

    • Edited by Mike Laughlin Friday, August 8, 2014 7:55 PM
    • Proposed as answer by jrv Friday, August 8, 2014 8:09 PM
    Friday, August 8, 2014 7:54 PM
  • whenCreated is updated when the functional level is changed and when certain service packs are installed.


    ¯\_(ツ)_/¯

    Friday, August 8, 2014 8:08 PM
  • DCDiag is a better utility to use for tracking DC changes.  It should be run periodically anyway. 

    ¯\_(ツ)_/¯

    Friday, August 8, 2014 8:10 PM
  • Worked good, Thanks a bunch for the effort.
    Friday, August 8, 2014 8:39 PM
  • Worked good, Thanks a bunch for the effort.

    You are not supposed to mark you comments as an answer.


    ¯\_(ツ)_/¯

    Friday, August 8, 2014 8:59 PM