Powershell Needful Things put that in your pipeline

20Oct/170

Test-DomainControllerHealth

Posted by Jean Louw

So, it has been a while since I have posted anything to the blog, but I have a new script which I have spent some time on, and I have been using it at a couple of customer sites with great success.

The script is based off of the Exchange Server Health script by Paul Cunningham and actually uses his code to generate the HTML report.

You can schedule this script as a daily report.

To setup email notifications you can customize the $smtpsettings variable in the script to your SMTP server requirements.

Once the SMTP is configured, you can use the following parameters when starting the script:

-domainName Use the domain name switch to limit the report to a single domain. If you omit the switch all domains in the forest are included in the scope.
-ReportFile This switch will export the results to a file in the same folder with a name based on the scope of the report.
-SendEmail This switch will use the settings specified in the $smtpsettings variable to attempt to send the report as an HTML email message.

The report itself contains a couple of bits of information.

First the server DNS Host name, with the AD site the server is currently a member of. The next column will display the OS version and whether the machine is a VM or physical.

Finally, we check the FSMO role of the server in its current domain.

The tests are pretty self-explanatory, first off we check the server in DNS to ensure that the name can be resolved. Next a ping test to ensure that we can contact the server.

We then display the uptime, DIT drive free space and the OS drive free space.

The AD specific tests check a couple of specific services, and then perform a DCDiag with some basic tests.

The last column indicates how long the script took to execute against the server. This is a great indication of performance problems, or network bandwidth or latency problems connecting to the server. Any processing time longer than the over all average is marked I amber.

The script can be downloaded from https://github.com/technologicza/Test-DomainControllerHealth.ps1

A special word of thanks to:

Paul Cunningham for the HTML generating code.
Gabriel Gumbs and Dhillan Kalyan for testing.

If you want to contribute to the development and or testing, please let me know via Twitter @jeanlouw.

12Oct/119

Find missing subnets in Active Directory

Posted by Jean Louw

I was doing an Active Directory health check for a customer, and one of the things I normally include, is to review the netlogon.log to find IP addresses or machines which are not linked to any subnet / site in Active Directory. These entries are listed as NO_CLIENT_SITE in the log.

This is a very manual task of logging onto each domain controller and copying the file to a central location, and then sifting through the data to remove any duplicate IP addresses etc. This task becomes very time consuming if you have a large number of domain controllers.

I decided to write a Powershell script to do the work for me. The advantage of the script, is that the data is stored in a CSV which can be imported to be sorted and manipulated to find recent entires, or remove duplicate computer names and / or IP addresses.

The code doesn't currently look for the no_client_site error specifically, it will import the entire file. The script does not rely on the Microsoft Active Directory module so you can use it with Windows 2003 domain controllers.

I hope you find this script useful and your comments and suggestions are always welcome.

$dom = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
Write-Host '..current domain is' $dom

Write-Host '..getting all domain controllers in domain'
$dcs = $dom | % { $_.DomainControllers } | Select Name
$at = ($dcs | Measure-Object).count

foreach ($dc in $dcs)
    {
        $path = '\\' + $dc.name + '\admin$\debug\netlogon.log'
        if ((test-path $path) -eq $true)
            {
                Write-Host "..collecting logfile from ($at)" $path
                [array]$colLogs += gc $path
            }
            $at --
    }

Write-Host '..combining logs'
$outFile = '.\expFile.txt'
$colLogs | Out-File $outFile

Write-Host '..importing combined log as csv'
$importString = Import-Csv $outFile -Delimiter ' ' -Header Date,Time,Domain,Error,Name,IPAddress

Write-Host '..exporting results'
$importString | select Date, Name, IPAddress | sort IPAddress -Unique | Export-Csv .\expDB.csv