I’ve often deployed domain controllers in environments that weren’t the most stable due to connectivity issues. To make sure that the domain controllers keep replicating correctly and we detect issues early we use the Active Directory cmdlets in combination with our RMM system. This makes it so we can monitor the current status of the replication and alert if it does not work for a longer period of time.
The script is suitable for server 2012R2 and up. You can use this in your RMM system to detect issues early. I like monitoring when the replication has not worked for 6 hours, but you can always change this to your own preference.
Active Directory Replication Monitoring
$AlertTime = (get-date).AddHours(-6)
$FailedArr = @()
$RepStatus = Get-ADReplicationPartnerMetadata -Target * -Partition * | Select-Object Server, Partition, Partner, ConsecutiveReplicationFailures, LastReplicationSuccess, LastRepicationResult
foreach ($Report in $RepStatus) {
$Partner = $Report.partner -split "CN="
if ($report.LastReplicationSuccess -lt $AlertTime) {
$FailedArr += "$($Report.Server) could not replicate with partner $($Partner[2]) for 6 hours. please investigate"
}
}
if (!$FailedArr) { $FailedArr = "Healthy" }
And that’s it for today! as always, Happy PowerShelling.
Pingback: ICYMI: PowerShell Week of 15-November-2019 | PowerShell.org
Pingback: Monitoring with PowerShell: Monitoring Active Directory Health - CyberDrain
Hi, you have a missing ‘l’ in ‘LastRepicationResult’. 🙂
Thanks for the script, though!
Cheers,
Tom
For those with more complicated AD setups, you may prefer to get more specific.
e.g use:
Get-ADReplicationPartnerMetadata -Target $env:computername
so you only get alerting about the device you are running against rather than any DC in the environment.
I have also seen use of * just timeout.