Get-ItemProperty of reg value in all DCs all Domains

This topic contains 5 replies, has 5 voices, and was last updated by  postanote 5 days, 3 hours ago.

  • Author
    Posts
  • #81767

    Jeff Taylor
    Participant

    I have my variable populated correctly and have hostnames for all of my DCs but my forEach isn't working...

    $DCs = foreach ($domain in (get-adforest -Identity company.com).domains) { get-addomaincontroller -filter * -server $domain | select hostname}
    
    foreach( $dc in $DCs )
    { invoke-command -computername $dc -command {Get-ItemProperty -path hklm:\System\CurrentControlSet\Services\NTDS\Parameters -Name "Strict Replication Consistency" | Select-Object "Strict Replication Consistency"}}

    What is incorrect here?

    thank you

  • #81769

    Don Jones
    Keymaster

    What isn't working? It's a little hard to just cold-read code written by someone else ;).

  • #81772

    Cyril Muffat
    Participant

    I dont recall a -command parameter
    Invoke-command -scriptblock {}

    Try to run ur invoke against one of ur dc

  • #81776

    Jeremy Murrah
    Participant

    looks like you need to expand your hostname property, rather than just selecting it:

    ... get-addomaincontroller -filter * -server $domain | select hostname}
    

    change to:

    ... get-addomaincontroller -filter * -server $domain | select -ExpandProperty hostname}
    

    without the -expandproperty switch what you are actually creating is an array of objects with a hostname property, rather than a simple string list. So when you run that through your foreach, instead of passing a string value with the DC name to the invoke-command, you're actually passing it a psobject with a hostname property. invoke-command has no idea what to do with that. You could also give invoke-command what it wants by using:

    invoke-command -computername $DC.hostname ...
    

    or

    foreach($dc in $DCs.hostname)
    

    Those two options aren't as straightforward as the first one though, but should illustrate how to navigate around the objects you've created. Best bet is to do the first option and make sure the value in $DCs looks the way you want it.

    • #81823

      Jeff Taylor
      Participant

      Jeremy,

      thanks this really helped me see the contents of what I was sending over the forEach. I looked at gm for my original $DCs and then did it for the expandedProperty one and saw what you were talking about.

      Appreciate the lesson and I see the values now across all my DCs

      Jeff

  • #81865

    postanote
    Participant

    # Or, you could tighten this up to, say...

    (Get-ADForest -Identity $env:USERDNSDOMAIN).domains `
    | % {(Get-ADDomainController -filter * -Server $_).HostName} `
    | % {invoke-command -computername $_ `
    -ScriptBlock {Get-ItemProperty `
    -path 'hklm:\System\CurrentControlSet\Services\NTDS\Parameters' `
    -Name "Strict Replication Consistency" `
    | Select-Object "Strict Replication Consistency"
    }
    } | Format-Table -AutoSize

    # Results

    Strict Replication Consistency PSComputerName RunspaceId
    —————————— ————– ———-
    1 DC01.contoso.com c96bb82c-...
    ...

You must be logged in to reply to this topic.