Parity123
asked on
Powershell: Check if AD account exist in all the DC
Hello Experts,
I found the script that is attached. It checks the sysvol replication. I would like to add the AD account check as well. Could you please assist, It should create an account on a DC and checks to see if it has replicated across all the domain controllers. I like the output the attached file provides for sysvol check, would like to get a similar out along with sysvol for account checks as well.
Your assistance is appreciated.
sysvol_check.txt
I found the script that is attached. It checks the sysvol replication. I would like to add the AD account check as well. Could you please assist, It should create an account on a DC and checks to see if it has replicated across all the domain controllers. I like the output the attached file provides for sysvol check, would like to get a similar out along with sysvol for account checks as well.
Your assistance is appreciated.
sysvol_check.txt
That's quite the eloborate script to check AD replication ... doesn't "repadmin /replsummary" do the trick?
Anyway, for AD account replication you can try CSVDE from an elevated command prompt ... https://technet.microsoft.com/en-us/library/cc732101(v=ws.11).aspx
Run the command against each DC you have.
Anyway, for AD account replication you can try CSVDE from an elevated command prompt ... https://technet.microsoft.com/en-us/library/cc732101(v=ws.11).aspx
csvde.exe -f export.csv -s DC-NAME -r "(&(objectClass=user)(sn=USER-LASTNAME))"
Run the command against each DC you have.
replsum tells a different story... It really speaks to how far from convergence you are across your target DCs.
What this script does is measure how fast a low priority change is replicated globally, which was insanely useful to illustrate I met a replication SLA of 10 minutes. I had 380+ sites and 340+ DCs and was able to maintain a 2.1 minute replication average across all sites/dcs.
That story cannot be told by /replsum.
What this script does is measure how fast a low priority change is replicated globally, which was insanely useful to illustrate I met a replication SLA of 10 minutes. I had 380+ sites and 340+ DCs and was able to maintain a 2.1 minute replication average across all sites/dcs.
That story cannot be told by /replsum.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks
I did a similar exercise to check replication and did it this way:
On the PDC, a script called a function that wrote $(Get-Date -f o) to 'extensionattribute1' on the PDCe object
On all other DCs, the script called a function that evaluated the difference between $(Get-Date -f o) and what its copy of the PDC object's 'extensionattribute1' property was
The script reported this delta to a database which I could query to graph replication latency over time. It worked like a charm.