Categories: Hostripples FeaturedPleskSecurity

How to check Active Directory Health !!!

First of all, monitoring the Windows Event Viewer is a must. Take the time to check through all of the Event Log queues including the Application, Security and System log. On Domain Controllers the DFS Replication, Directory Service and DNS Server logs should also be reviewed. Leverage the sort and error fields to filter out the information you don’t need to see.

Next, run command line diagnostics and pipe the results to a text document for in-depth review. This allows you to analyze the results in detail and compare results after you’ve fixed any issues you identify. Its also much easier to read the logs in aNotePad++ window and search for events then trying to dig through command line output.

The following reports can be ran from the Windows command prompt:

DC Diag

This report will identify issues with domain controllers and any services associated with them:

C:\>dcdiag.exe /v >> c:\pre_dcdiag.txt

DNS Diag

This test will assess the health of DNS services, records and entries for the entire Enterprise.

C:\>dcdiag.exe /Dnsall >> c:\pre_dnsdiag.txt

Net Diag

Net Diag will identify problems with network components and configuration. Note that this tool has been depreciated in Windows 2008 but can still be used in compatibility mode.

C:\>netdiag.exe /v >> c:\pre_netdiag.txt

Netsh DHCP

This command, ran within netsh, will show the status of the local DHCP server.

C:\>netsh dhcp show server >> c:\pre_dhcp.txt

RepAdmin

This command will show the status of inter-domain replication and wether or not it is successful. Be aware that DC’s holding the global catalog role will return additional information:

C:\>repadmin /showreps >> c:\pre_rep_partners.txt

A more exhaustive report can be ran using:

C:\>repadmin /replsum /errorsonly >> c:\pre_repadmin_err.txt

Post-Reporting

Once you have ran your reports, analyze them then re-run the checks and pipe the output to post_ rather than pre_, for example:

C:\>dcdiag.exe /v >> c:\post_dcdiag.txt

Don’t forget about you member servers. Whilst your Domain Controllers, Global Catalog and Operations Master (FSMO) role holders are the heart of your Active Directory domain, member servers provide services and information to your user. At a minimum you should be running a AD Health Check once per week and a Event Log assessment on your Member Servers at least once a fortnight.

Vishwajit Kale
Vishwajit Kale blazed onto the digital marketing scene back in 2015 and is the digital marketing strategist of Hostripples, a company that aims to provide affordable web hosting solutions. Vishwajit is experienced in digital and content marketing along with SEO. He's fond of writing technology blogs, traveling and reading.
View all posts
Tags: Active DirectoryHealth CheckReseller cheap resellerweb hostingwindows hosting
11 years ago
Leave a Comment

Recent Posts

The Ultimate Beginner’s Playbook for Instagram Marketing

What Is Instagram Marketing? Instagram Marketing includes using the platform to advertise your business or personal brand to increase visibility,…

2 days ago

The Ultimate Guide to DIY Website Builders for Entrepreneurs

Ah, the joys of building a website! Picture this: You're sitting there in your pajamas, coffee in hand, ready to…

2 weeks ago

Don’t Ignore These 11 Signs You Need a Hosting Upgrade

Are you feeling like your website is running in slow motion? It can be frustrating when your online presence doesn't…

3 weeks ago

PrestaShop vs OpenCart: Which Is Right for Your Business?

Are you ready to take your online store to the next level? Whether you're running a PrestaShop or OpenCart platform,…

1 month ago

Sitemaps: A Guide to Enhancing Online Visibility

Picture this: your website is like a fabulous party happening in the darkest corner of the internet, but nobody's showing…

1 month ago

Resources