PowerShell for Windows Admins

Sep 4 2011   12:16PM GMT

Clearing AD logging

Richard Siddaway Richard Siddaway Profile: Richard Siddaway

Last time we looked at turning on logging – for one or more criteria. The normal state of diagnostic logging is None i.e. the options are set to zero. If we have only a few options set we can use set-logsetting to revert to no logging. Alternatively we can reset all logging to a zero state

function reset-logsetting{             
param (             
 $HKLM = 2147483650            
 Write-Verbose "Display Current Settings"            
 get-logsetting -computer $computer            
 $reg = [wmiclass]"\\$computer\root\default:StdRegprov"            
 $key = "SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics"            
 switch ($computer){            
   "."         {$computername = $env:COMPUTERNAME}            
   "localhost" {$computername = $env:COMPUTERNAME}            
   default     {$computername = $computer}            
 1..$logtype.Count |            
 foreach {            
  $value = $logtype["$_"]            
  $level = $reg.SetDwordValue($HKLM, $key, $value, 0)  ## REG_DWORD            
Write-Verbose "Display New Settings"            
get-logsetting -computer $computer            
Resets all AD diagnostic logging levels to none

Resets all AD diagnostic logging levels to none

.PARAMETER  Computer
Computer Name


User will be prompted for server name

reset-logsetting -computer server02


This loops through the options and sets each to zero.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: