Changing W32Time keys; NTPServer and Type

Welcome Forums General PowerShell Q&A Changing W32Time keys; NTPServer and Type

This topic contains 6 replies, has 5 voices, and was last updated by

 
Participant
1 month, 2 weeks ago.

  • Author
    Posts
  • #65494

    Participant
    Points: 58
    Rank: Member

    Hello,

    I have gathered data for the following registry path on all DC's in our multi domain Forest:

    System\CurrentControlSet\Services\W32Time\Parameters

    with this script:

    [DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest() |
        Select-Object -ExpandProperty Sites |
            Select-Object -ExpandProperty Servers |
                Select-Object -ExpandProperty Name |
                    % { 
                        try {
                            $NtpServer = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey( 'LocalMachine', $_ ).`
                                    OpenSubKey( 'System\CurrentControlSet\Services\W32Time\Parameters' ).`
                                        GetValue('NtpServer')
                        }
                        catch{ 
                            $NtpServer = $_.Exception.Message
                        }
                        New-Object -TypeName PSCustomObject -Property @{ Name = $_; NtpServer = $NtpServer }
                    } |
                        Export-Csv c:\temp\NtpServer.csv -NoTypeInformation

    Now, I wish to perform the following on all DC's but the PDC:
    1) delete the key System\CurrentControlSet\Services\W32Time\Parameters\NtpServer
    2) change the key System\CurrentControlSet\Services\W32Time\Parameters\Type to 'NT5DS'

    How should I edit the .csv from above to implement those two changes for all but the PDC?

    thanks

  • #65499

    Keymaster
    Points: 1,638
    Helping HandTeam Member
    Rank: Community Hero

    Ah, well, you wouldn't necessarily edit the CSV at all. You're going to have to change your code, so that it can delete keys and change values. That's not necessarily hard, but it's non-trivial. For example, instead of using GetValue(), I imagine you'd use SetValue().

    I'm not entirely certain what the CSV is even doing for you.

    • #65653

      Participant
      Points: 58
      Rank: Member

      well the .csv was just to archive the results of the values and share with team members.

      Can anyone help with a script to change the values in the registry for select DC's? It doesn't have to be using .net classes

  • #65775

    Participant
    Points: 60
    Rank: Member

    Jeff,

    I wasn't able to post here – it thought I was spamming for some reason. At any rate, I posted it here.

    See if this code works for you:

    
    $DCNames = ((([DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()).Sites).Servers).Name 
    $DCNames -notmatch (Get-ADRole PdcRole).DCName | % { Set-NTP $_ time-c.nist.gov }
    
    
    • #81406

      Participant
      Points: 58
      Rank: Member

      Sam,

      How would I direct this to another Forest for which I have a trust setup?

       ((([DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()).Sites).Servers).Name

      Thanks,
      Jeff

  • #65782

    Participant
    Points: 0
    Rank: Member

    Hey Jeff,
    Writing a script for this is making it harder on yourself than you need to. You can easily apply these settings using Group Policy. You can also use group policy with a WMI filter to change just the PDCe so that it syncs to an external source. That way all workstations sync to DCs, DCs sync to PDCe in their domain, PDCe syncs to Forest Root PDCe, Forest Root PDCe syncs to External source.

    External Article reference: http://www.sysadminlab.net/windows/configuring-ntp-on-windows-using-gpo

  • #113213

    Participant
    Points: 0
    Rank: Member

    Hi All,

    Could someone help me how to change ntp settings on a bunch of work group servers using powershell?

    Thank You

    Jeevan

You must be logged in to reply to this topic.