As system administrators most of us spend time on end user problem troubleshooting and forget to oversee the Active Directory services. We only concern about the AD server when we’re getting problems and then we see all sort of problems related to DNS, replications…etc. This guide is focus on providing proactive monitoring of the Active Directory so as system administrators you will have better understanding of your infrastructure.
Is it best recommended to do the following test once a month and keep the log files for trend analysis as well. To make thing easier I’ve provided the necessary urls of individual commands pointing to the TechNet so you can get more compressive details,
Dcdiag.exe /v >> c:\temp\pre_dcdiag.txt
This is a must and will always tell you if there is trouble with your DCs and/or services associated with it
Netdiag.exe /v >> c:\temp\pre_Netdiag.txt
This will let us know if there are issues with the networking components on the DC. This along with the post test also is a quick easy way to ensure the patches installed is really installed (just check the top of the log)
Repadmin /showreps >> c:\temp\pre_rep_partners.txt
This shows all the replication and if it was successful or not. Just be aware that Global Catalogs will have more info here than a normal domain controller.
repadmin /replsum /errorsonly >> c:\temp\pre_repadmin_err.txt
This is the one that always takes forever but will let you know who you are having issues replicating with.
Apart from that Microsoft offers another tool called MPSRPT_DirSvc.exe. You can run this tool in the dc’s and it’ll run most of the above mention commands and provide you the output into log files. Very handy I would say. You can download it from here.
Hopefully this helps you when you troubleshoot your domain controllers but by no way is this all encompassing list of things to do. These are the standard steps normally I take but I would love to hear what you all do as well.