Tools to Troubleshoot DC issues


DCDIAG

DCDIAG analyzes the state of domain controllers in a forest or enterprise and reports any problems to help in troubleshooting.

  1. Preparing to install or migrate to Exchange new version
  2. Checking FSMO roles.
  3. Troubleshooting Group Policy.
  4. Investigating Active Directory not replicating frssysvol error.
  5. Running down Kerberos authentication problems.
  6. Resetting the Directory Service Administrator’s password.
  7. Fixing servers Service Principle Name (SPN) error.
  8. Other DC issues

Example: dcdiag.exe /V /D /C /E > c:\dcdiag.log

DCDIAG tool article http://technet.microsoft.com/en-us/library/cc731968(v=ws.10).aspx

REPADMIN

Repadmin.exe is a Microsoft Windows 2000 Resource Kit tool that is available in the Support Tools folder on the Windows 2000 CD-ROM. It is a command-line interface to Active Directory replication. This tool provides a powerful interface into the inner workings of Active Directory replication, and is useful for troubleshooting Active Directory replication problems.

Example: repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt

RepAdmin tool article http://technet.microsoft.com/en-us/library/cc770963(v=ws.10).aspx

NETDIAG

This command-line diagnostic tool helps to isolate networking and connectivity problems by performing a series of tests to determine the state of your network client. These tests and the key network status information they expose give network administrators and support personnel a more direct means of identifying and isolating network problems. Moreover, because this tool does not require parameters or switches to be specified, support personnel and network administrators can focus on analyzing the output rather than on training users how to use the tool.

  1. Installing Exchange and you wish to check that you can connect to other servers.
  2. Checking VPN network tunnels on the WAN.
  3. DNS problems.  Computers cannot ‘see’ their domain controller on the LAN.
  4. A quick check on hotfixes.
  5. Check the Network Card Bindings from the command prompt.
  6. You are having problems with IPSEC.
  7. Winsock corruption, wrong version incompatibilities.
  8. NetDiag checks that Domain Controllers are all able to ‘speak’ LDAP.

Example: netdiag.exe /v > c:\netdiag.log

Note: This command need to be run on each DC of the domain.

NetDiag tool article http://technet.microsoft.com/en-us/library/cc731434(v=ws.10).aspx

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: