174 lines
4.8 KiB
PowerShell
174 lines
4.8 KiB
PowerShell
<#
|
|
.SYNOPSIS
|
|
Checks Active Directory replication health across domain controllers.
|
|
|
|
.DESCRIPTION
|
|
This script performs comprehensive AD replication health checks including
|
|
replication status, partner connectivity, and identifies any replication failures.
|
|
|
|
.PARAMETER OutputPath
|
|
Optional. Path to export results. If not specified, outputs to console.
|
|
|
|
.PARAMETER Detailed
|
|
Switch to show detailed replication information per DC.
|
|
|
|
.EXAMPLE
|
|
.\Get-ReplicationHealth.ps1
|
|
Basic replication health check.
|
|
|
|
.EXAMPLE
|
|
.\Get-ReplicationHealth.ps1 -Detailed -OutputPath "C:\ClaudeTools\Logs\repl-health.txt"
|
|
Detailed check with output to file.
|
|
|
|
.NOTES
|
|
Author: ClaudeTools Automation
|
|
Version: 1.0
|
|
Requires: ActiveDirectory PowerShell module, repadmin.exe
|
|
#>
|
|
|
|
[CmdletBinding()]
|
|
param(
|
|
[Parameter(Mandatory=$false)]
|
|
[string]$OutputPath,
|
|
|
|
[Parameter(Mandatory=$false)]
|
|
[switch]$Detailed
|
|
)
|
|
|
|
# Import AD module
|
|
Import-Module ActiveDirectory -ErrorAction Stop
|
|
|
|
$output = @()
|
|
$output += "=" * 60
|
|
$output += "AD REPLICATION HEALTH REPORT"
|
|
$output += "Generated: $(Get-Date -Format 'yyyy-MM-dd HH:mm:ss')"
|
|
$output += "=" * 60
|
|
|
|
Write-Host "Checking AD Replication Health..." -ForegroundColor Cyan
|
|
|
|
# Get all DCs
|
|
$dcs = Get-ADDomainController -Filter *
|
|
$output += "`nDomain Controllers Found: $($dcs.Count)"
|
|
|
|
foreach ($dc in $dcs) {
|
|
$output += "`n--- $($dc.HostName) ---"
|
|
Write-Host "Checking $($dc.HostName)..." -ForegroundColor Gray
|
|
}
|
|
|
|
# Check replication summary using repadmin
|
|
$output += "`n" + "=" * 60
|
|
$output += "REPLICATION SUMMARY (repadmin /replsummary)"
|
|
$output += "=" * 60
|
|
|
|
try {
|
|
$replSummary = repadmin /replsummary 2>&1
|
|
$output += $replSummary
|
|
Write-Host "Replication summary retrieved." -ForegroundColor Green
|
|
} catch {
|
|
$output += "ERROR: Unable to run repadmin /replsummary"
|
|
Write-Host "Error running repadmin" -ForegroundColor Red
|
|
}
|
|
|
|
# Check for replication failures
|
|
$output += "`n" + "=" * 60
|
|
$output += "REPLICATION FAILURES (repadmin /showrepl * /errorsonly)"
|
|
$output += "=" * 60
|
|
|
|
try {
|
|
$replErrors = repadmin /showrepl * /errorsonly 2>&1
|
|
if ($replErrors -match "error" -or $replErrors -match "fail") {
|
|
$output += $replErrors
|
|
Write-Host "Replication ERRORS detected!" -ForegroundColor Red
|
|
} else {
|
|
$output += "No replication errors detected."
|
|
Write-Host "No replication errors." -ForegroundColor Green
|
|
}
|
|
} catch {
|
|
$output += "ERROR: Unable to check replication errors"
|
|
}
|
|
|
|
# Queue length
|
|
$output += "`n" + "=" * 60
|
|
$output += "REPLICATION QUEUE (repadmin /queue)"
|
|
$output += "=" * 60
|
|
|
|
try {
|
|
$replQueue = repadmin /queue 2>&1
|
|
$output += $replQueue
|
|
} catch {
|
|
$output += "ERROR: Unable to check replication queue"
|
|
}
|
|
|
|
if ($Detailed) {
|
|
$output += "`n" + "=" * 60
|
|
$output += "DETAILED REPLICATION STATUS (repadmin /showrepl)"
|
|
$output += "=" * 60
|
|
|
|
try {
|
|
$replDetail = repadmin /showrepl 2>&1
|
|
$output += $replDetail
|
|
} catch {
|
|
$output += "ERROR: Unable to get detailed replication status"
|
|
}
|
|
|
|
# DFSR Health (if applicable)
|
|
$output += "`n" + "=" * 60
|
|
$output += "DFSR SYSVOL REPLICATION STATUS"
|
|
$output += "=" * 60
|
|
|
|
try {
|
|
$dfsrStatus = Get-DfsrMember -ErrorAction SilentlyContinue
|
|
if ($dfsrStatus) {
|
|
$output += "DFSR Members:"
|
|
foreach ($member in $dfsrStatus) {
|
|
$output += " - $($member.ComputerName): $($member.DomainName)"
|
|
}
|
|
} else {
|
|
$output += "DFSR not configured or FRS in use."
|
|
}
|
|
} catch {
|
|
$output += "Unable to query DFSR status (may be using FRS)"
|
|
}
|
|
}
|
|
|
|
# AD Database health
|
|
$output += "`n" + "=" * 60
|
|
$output += "AD DATABASE INTEGRITY"
|
|
$output += "=" * 60
|
|
|
|
$adDb = Get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Services\NTDS\Parameters" -ErrorAction SilentlyContinue
|
|
if ($adDb) {
|
|
$dbPath = $adDb.'DSA Database file'
|
|
$logPath = $adDb.'Database log files path'
|
|
$output += "Database Path: $dbPath"
|
|
$output += "Log Path: $logPath"
|
|
|
|
if (Test-Path $dbPath) {
|
|
$dbSize = (Get-Item $dbPath).Length / 1MB
|
|
$output += "Database Size: $([math]::Round($dbSize, 2)) MB"
|
|
}
|
|
}
|
|
|
|
# Final summary
|
|
$output += "`n" + "=" * 60
|
|
$output += "HEALTH CHECK COMPLETE"
|
|
$output += "=" * 60
|
|
|
|
# Output results
|
|
if ($OutputPath) {
|
|
$output | Out-File -FilePath $OutputPath -Encoding UTF8
|
|
Write-Host "`nReport saved to: $OutputPath" -ForegroundColor Green
|
|
} else {
|
|
$output | ForEach-Object { Write-Host $_ }
|
|
}
|
|
|
|
# Quick status summary
|
|
Write-Host "`n--- Quick Status ---" -ForegroundColor Yellow
|
|
Write-Host "Domain Controllers: $($dcs.Count)"
|
|
$errorMatch = $replErrors -match "error|fail"
|
|
if ($errorMatch) {
|
|
Write-Host "Replication Status: ERRORS DETECTED" -ForegroundColor Red
|
|
} else {
|
|
Write-Host "Replication Status: HEALTHY" -ForegroundColor Green
|
|
}
|