Powershell

Monitoring Domain Controller Health Status with PowerShell

Monitoring it's one of the most important task that i have in my job to keep healthy the enviroment. It's not the best to have  issues all the time with your Servers and have downtimes at work times. With monitoring you can get the whole image of your enviroment and where must give more attention to prevent serious problems In this article i will focus in Monitoring of Domain Controllers and how can get quickly a health status.

Of Course you can find lot of tools to do  this job but with powershell you can have  quick results without lot of clicks in GUI Enviroment until get the results that you want. 

Let' s Start

If you are working with Domain Controllers you know that you must monitoring the most critical Services. These Services are

  • Active Directory Domain Services
  • Active Directory Web Services
  • Distributed File System Replication (DFSR)
  • DNS client and Server service
  • Remote Procedure Call (RPC) service
  • Kerberos Key Distribution Center
  • Windows Time Service
  • Net Logon service 

The first thinh that you must do is to open services and find what is your name of the specific services. So for my example i have already prepare some of them.

  • Active Directory Domain Services - - > ntds
  • Active Directory Web Services - - -> adws
  • DNS client and Server service - - >dnscache and dns
  • Kerberos Key Distribution Center - - -> kdc
  • Windows Time Service - - -> w32time
  • Net Logon service - - - > netlogon
  • DHCP Client and Server Service - - > dhcp and dhcpserver

Now open the powershell as Administrator and type to get the status of Active Directory Domain Services 

Get-Service -name ntds -ComputerName dc1

Type the following commandto get the status of Active Directory Web Services 

Get-Service -name adws -ComputerName dc1

Type the following commandto get the status of DNS Server Service

Get-Service -name dns -ComputerName dc1

Type the following command to get the status of all the critical services.

Get-Service -name ntds,adws,dns,dncache,kdc,w32time,netlogon,dhcpserver,dhcp -ComputerName dc1

Now we have an image of the health status of  Domain Controller in my enviroment.Quick and simple. Not Bad !!! 

Also you can use as the first step of troubleshooting when you face problems with your Domain Controller. 

All we know that the best practise is to have 2 Domain Controllers and replicate between them. So another one critical status is to monitoring the Replication.. If you working with lot of Domain Controllers you already know repadmin command  that you can use it to check replication. But Powershell is more powerfull and you get more info instead of repadmin. Your decision what will use.

Before start to use Powershell command to check  Replication status you must need the following  prerequisites.

  • Remote Server Administration Tools
  • Active Directory Module for PowerShell

Base on your OS download and install the specific Remote Server Administration Tools

Download "Remote Server Administration Tools" on Win 7
http://www.microsoft.com/download/en/details.aspx?id=7887

Download "Remote Server Administration Tools" on Win 8.1
https://www.microsoft.com/en-us/download/details.aspx?id=39296

Download "Remote Server Administration Tools" on Win 10
https://www.microsoft.com/en-us/download/details.aspx?id=45520

When finish the installation follow the steps to enable Active Directory Module for Windows Powershell.

  • Open Controll Pannel
  • Select Programm and Features
  • From the right side select Turn Windows Featurs On or Off.
  • Expand Remote Server Administration Tools - - - > Role Administration Tools - - - > AD DS and AD LDS Tools
    and tick  Active Directory Module for Windows Powershell. Click Ok and wait until finish.
  •  Run as Administrator PowerShell and type the following command

Get-ADReplicationPartnerMetadata -Target * -Partition * | Select-Object Server,Partition,Partner,
ConsecutiveReplicationFailures,LastReplicationSuccess,LastRepicationResult | Out-GridView

We use Select-Object to get only the info that you want and the Out-GridView to get an export in Grid View.

If you don't understand run only the following command to see the export that you get

Get-ADReplicationPartnerMetadata -Target * -Partition *

This is it. You have 2 commands and you get the health status of your Domain Controllers.

I hope to find intresting the article

If you have something to say or share any related powershell command just write it in the comments. Discuss with other readers and give us your feedback.

 

Tags
powershell
monitoring

Sponsor

>

Vembu BDRSuite

Free Tools for everyone

Free IT Tools

Other Blogs

7 Tools for Server Management

Syst & Deploy

System Center ConfigMgr

4SysOps

Charbel Nemnon MVP - Cloud & Datacenter Management

sconstantinou.com - Powershell Tutorials

More Powershell

Askme4Tech is my Blog to the IT Community. From this site i share tips, news and in depth tutorials for IT Professionals working with Microsoft products.

My goal is to create a share Knowledge base for IT Professionals and Power Users that works with Microsoft Products and to provide valuable help in daily technical problems and keep up to date with news from IT industry.

Latest Posts