Have a Question?
Useful Tips for Troubleshooting AD
Some of the useful tips for troubleshooting AD
AD Replication
- Repadmin /replsum – To verify the status of AD Replication
PS C:\> repadmin /replsum
Replication Summary Start Time: 2020-02-19 14:25:24
Beginning data collection for replication summary, this may take awhile:
......
Source DSA largest delta fails/total %% error
AD01 32m:59s 0 / 10 0
AD02 37m:58s 0 / 10 0
AD03 17m:20s 0 / 5 0
Destination DSA largest delta fails/total %% error
AD01 37m:58s 0 / 5 0
AD02 32m:59s 0 / 10 0
AD03 05m:41s 0 / 10 0
- Push Changes to all AD Domain Controllers
Run the following command on the Domain Controller where the changes had made
repadmin /syncall AD02 /APeD
- /A Synchronizes all naming contexts that are held on the home server.
- /P Pushes changes outward from the specified domain controller.
- /e Synchronizes domain controllers across all sites in the enterprise. By default, this command does not synchronize domain controllers in other sites.
- /d Identifies servers by distinguished name in messages.
Verify which DC Users and Computer Authenticated to
- Check which DC that user authenticated to
#Check which DC that user is authenticated
$env:LOGONSERVER -replace "\\",""
- Check which DC that computer is authenticated
#check which DC that computer is authenticated
nltest /dsgetdc:
DC: \\AD02.aventislab.com
Address: \\192.168.10.226
Dom Guid: eaf8f27c-8453-423a-acf9-db2c0e40cd88
Dom Name: aventislab.com
Forest Name: aventislab.com
Dc Site Name: HQ
Our Site Name: HQ
Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE FULL_SECRET WS DS_8 DS_9 DS_10
The command completed successfully
Verify Listening Ports
- Verify Listening Ports for TCP Connections
Get-NetTCPConnection | Where-Object {($_.State -eq "Listen") -and ($_.LocalAddress -eq "0.0.0.0")} | Select LocalAddress, LocalPort
- Verify Listening Ports for UDP Connections
Get-NetUDPEndpoint |
Where-Object { $_.LocalAddress -eq "0.0.0.0" }