December 14, 2009

Checkup on a Active Directory Domain

Sometimes you will need to do a checkup on an Active Directory Domain to see what the previous computer monkey did.

Check out the FSMO roles to see where everything is pointing:

From MS KB:
http://support.microsoft.com/kb/234790

  1. Click Start, click Run, type cmd in the Open box, and then press ENTER.
  2. Type ntdsutil, and then press ENTER.
  3. Type domain management, and then press ENTER.
  4. Type connections, and then press ENTER.
  5. Type connect to server ServerName, where ServerName is the Name of the Domain Controller you would like to view, and then press ENTER.
  6. Type quit, and then press ENTER.
  7. Type select operation target, and then press ENTER.
  8. Type list roles for connected server, and then press ENTER.

OR if you have the Support Tools loaded:

DCdiag /test:Knowsofroleholders /v

The check Domain with the nifty tool DCdiag from the Support Tools

dcdiag /v /f:output.txt

Make sure everything passes the test.

Check out Active Directory Sites and Services for replication time and global cataloging.
http://technet.microsoft.com/en-us/library/cc758330%28WS.10%29.aspx

Roll-on with your day praying not to have to *ever *fix a Active Directory Domain again.

j