So, setting up a nice Windows Server 2012 R2 machine in Hyper-V for some active directory testing.
Allocating the minimum required resources for WS 2012 R2, as seen here , and just after selecting the edition that I wanted to install [doesn’t matter if you prefer Standard or datacenter edition, with or without GUI], a greeting window appeared:
repadmin /bind dc1 will test basic LDAP connectivity to the targeted server
repadmin /showrepl DC1 will show the replication status for DC1 domain controller and
repadmin /showrepl * > repl-status.csv will export the information in a nice csv file. Help available at repadmin /?
repadmin /showrepl * > csv | ConvertFrom-Csv | out-gridview – will show the result in a nice view, without the need for Excel or Calc.
repadmin /replicate dc2 dc1 “dc=root,dc=contosom,dc=com” will attempt to replicate from dc1 to dc2
repadmin /showobjmeta dc1 “cn=dc1,ou=domain controllers,dc=root,dc=contoso,dc=com” > dc1objectinfo.txt amd repadmin /showobjmeta dc2 “cn=dc1,ou=domain controllers,dc=root,dc=contoso,dc=com” > dc2objectinfo.txt will get you the replication meta information for a specificed object, stored in the AD. Its useful for troubleshooting some replication errors like -2146893022, 8614 amd 8606. It can show you if there is a difference in the *pwd* versions. If such exists, it will be useful to check the event viewer -> Windows Logs -> System -> Kerberos Error
A small collection of useful programs, applications and mmc’s that can be of use, when your Active Directory isn’t cooperating and working as designed, or trying to find that small problem in the environment, that has been bothering you for quite some time.
To make the life of admins easier, Microsoft has put together a convenient step sequence, which can be found here. It shows what needs to be done and what tools are available for this troubleshooting. Even if those tools are windows centric, the event flow is quite general and can be used for pretty much all system troubleshooting activities.
In general, it goes like:
Check the networking [dhcp, dns, ports, firewalls, etc. ]
Check the domain controllers [event viewer, dcdiag, resources, etc]
Check authentication [netdiag, netsetup.log]
Check Access control [Netdom, net view, etc.]
Diagnosing and Troubleshooting Active Directory Problems – https://technet.microsoft.com/en-us/library/cc961826.aspx
Imagine, you are working on perfectly good workstations, enjoying your GUI and you get a task to perform some maintenance on Windows Server, that has the “User interfaces and infrastructure” feature removed.
One way is to utilize PowerShell, the task automation, and configuration management framework developed by Microsoft about 10 years ago.
So to initialize remote PowerShell session, it takes:
On the targeted server/ computer type:
Enable-PSRemoting -Force //will change the needed configuration settings
Even that it may sound unusual, there are occasions when you would prefer to install PowerShell on Linux systems. For example – like me, you have access to several Linux system for practicing and no windows server/ workstations. Thanks to Microsoft’s “love for Linux”, during Satya Nadella’s reign, it’s quite easy.