Last active
October 21, 2025 19:03
-
-
Save zjorz/93f5407552d30c70378384962c079fb4 to your computer and use it in GitHub Desktop.
Triggering Scheduled Task On DCs On Demand To Initiate DSRM Password Sync
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SOURCE: https://gist.github.com/zjorz/93f5407552d30c70378384962c079fb4/ | |
| Invoke-Command -ScriptBlock { | |
| Clear-Host | |
| $scriptMode = "ADSIorSDSP" # "ADSIorSDSP" Or "ADPoSH" | |
| Write-Host "" | |
| Write-Host "###############################################################################" -Foregroundcolor Yellow | |
| Write-Host "### TRIGGERING SCHEDULED TASK ON DCs ON DEMAND TO INITIATE DSRM PWD SYNC ###" -Foregroundcolor Yellow | |
| Write-Host "###############################################################################" -Foregroundcolor Yellow | |
| Write-Host "" | |
| $scheduledTaskName = "AD MGMT - Sync DSRM Account PWD From AD To DCs (GPO)" # CONFIGURE THIS! | |
| $dateTime = Get-Date -Format "yyyy-MM-dd HH:mm:ss" | |
| Write-Host " > Date/Time.............: $dateTime" -Foregroundcolor Yellow | |
| Write-Host " > Scheduled Task Name...: $scheduledTaskName" -Foregroundcolor Yellow | |
| Write-Host "" | |
| If ($scriptMode -eq "ADSIorSDSP") { | |
| $adDomain = [System.DirectoryServices.ActiveDirectory.Domain]::GetComputerDomain() | |
| $adDomainDN = $adDomain.GetDirectoryEntry().Properties["DistinguishedName"].Value | |
| $rwdcPDCFSMOFQDN = $adDomain.PdcRoleOwner.Name | |
| $adsiSearcher = New-Object DirectoryServices.DirectorySearcher | |
| $adsiSearcher.SearchRoot = [ADSI]"LDAP://$rwdcPDCFSMOFQDN/OU=Domain Controllers,$adDomainDN" | |
| $adsiSearcher.Filter = "(|(primaryGroupID=516)(primaryGroupID=521))" | |
| $dcComputerAccountObjects = $adsiSearcher.FindAll() | |
| $dcComputerAccountObjects | ForEach-Object { | |
| If (-not [string]::IsNullOrEmpty($_.Properties.dnshostname)) { | |
| $rwdcFQDN = $_.Properties.dnshostname[0] | |
| Try { | |
| $cimSession = New-CimSession -Name $rwdcFQDN -ComputerName $rwdcFQDN -ErrorAction Stop | |
| Start-ScheduledTask -TaskPath "\" -TaskName $scheduledTaskName -CimSession $cimSession -ErrorAction Stop | |
| Remove-CimSession -Name $rwdcFQDN -ErrorAction Stop | |
| Write-Host "Scheduled Task Triggered On '$rwdcFQDN'..." -ForegroundColor Green | |
| Write-Host "" | |
| } Catch { | |
| Write-Host "Scheduled Task Triggered NOT On '$rwdcFQDN'..." -ForegroundColor Red | |
| Write-Host "" | |
| } | |
| } | |
| } | |
| } | |
| If ($scriptMode -eq "ADPoSH") { | |
| $adDomain = Get-ADdomain -Current LocalComputer | |
| $adDomainDN = $adDomain.DistinguishedName | |
| $rwdcPDCFSMOFQDN = $adDomain.PDCEmulator | |
| Get-ADComputer -SearchBase "OU=Domain Controllers,$adDomainDN" -LDAPFilter "(|(primaryGroupID=516)(primaryGroupID=521))" -Properties dNSHostName -Server $rwdcPDCFSMOFQDN | ForEach-Object { | |
| If (-not [string]::IsNullOrEmpty($_.dNSHostName)) { | |
| $rwdcFQDN = $_.dNSHostName | |
| Try { | |
| $cimSession = New-CimSession -Name $rwdcFQDN -ComputerName $rwdcFQDN -ErrorAction Stop | |
| Start-ScheduledTask -TaskPath "\" -TaskName $scheduledTaskName -CimSession $cimSession -ErrorAction Stop | |
| Remove-CimSession -Name $rwdcFQDN -ErrorAction Stop | |
| Write-Host "Scheduled Task Triggered On '$rwdcFQDN'..." -ForegroundColor Green | |
| Write-Host "" | |
| } Catch { | |
| Write-Host "Scheduled Task Triggered NOT On '$rwdcFQDN'..." -ForegroundColor Red | |
| Write-Host "" | |
| } | |
| } | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment