Paginas

27 November 2017

Domain Controllers - DCDiag & Repadmin



All system engineers have experienced replication problems once in a lifetime.Today I will show you some basic commands to Troubleshoot and Diagnose Domain Controllers and replications. I'm talking about DCDiag and Repadmin.

DCDiag:
This command-line tool analyzes the status of one or all domain controllers in a forest and reports all problems to provide assistance in troubleshooting. DCDiag.exe consists of a variety of tests that can run either individually or as part of a set to check the state of the domain controller. Here are some examples:
  1. Preparing to install or migrate to Exchange;
  2. Checking FSMO roles;
  3. Troubleshooting Group Policies;
  4. Investigating Active Directory not replicating frssysvol error;
  5. Running down Kerberos authentication problems;
  6. Resetting the Directory Service Administrator's password;
  7. Fixing a servers Service Principle Name (SPN) error.

Repadmin
Performs replication-related tasks, such as managing and modifying replication topology, forcing replication events, and viewing replication metadata and updated vectors.

Let's see some examples and a Script to automize all Domain Controllers replication.


Some of my favorites:
dcdiag /test:replications (Report about replications state between DCs)
dcdiag /test:DNS (Report about DNS state)
dcdiag /test:DNS /e /v (Verbose Report about all DNS Servers)
/v - Verbose;
/e - Test all servers;
/q - Only error messages;
/s - Specify the Domain Controller;
/fix - Fixes Service Principal Names (SPN) problems;
/f:logfile.txt - Output to a file.
More information in:
https://technet.microsoft.com/en-us/library/cc757689%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396


Some of my favorites:
repadmin /showreps (show all replication between Domain Controllers)
repadmin /replsummary (replication statistics)
repadmin /showism (replication information between sites)
repadmin /replsummary > result.txt (Output to a file)
repadmin /syncall /AeD (force Active Directory replication)
repadmin /syncall /APeD (Sync all patitions in the Enterprise)
/A - All partitions;
/e - Enterprise, Cross Site;
/D - Identify servers by distinguished name in messages;
/P - Push replication;
More information in:
https://technet.microsoft.com/en-us/library/cc770963%28v=ws.11%29.aspx?f=255&MSPPError=-2147217396

 Here is a simple Script that sync all the Domain Controllers:
Import-Module ActiveDirectory
$DCs = (Get-ADForest).Domains | %{ Get-ADDomainController -Filter * -Server $_ } | select HostName
foreach ($DC in $DCs)
    {
        repadmin /syncall $DC.HostName
    }
 
Publicada por à(s)
Etiquetas: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)