Nltest command


Command : nltest

Switch name : /DSGETDC:

nltest /dsgetdc:test.com /pdc

nltest /dsgetdc:test.com /kdc

nltest /dsgetdc:test.com /force

nltest /dsgetdc:test.com /TIMESERV

nltest /dsgetdc:test.com /GTIMESERV

nltest /dsgetdc:test.com /dns

Advertisements

Repadmin /showrepl


The repadmin /showrepl command helps you understand the replication topology and replication failures. It reports status for each source domain controller from which the destination has an inbound connection object. The status report is categorized by directory partition.

replication only inbound connections

repadmin /showrepl

repadmin /showrepl /v

Displays additional information about the source partners from which the destination domain controller performs inbound replication. The information includes fully qualified CNAME, invocation ID, replication flags, and update sequence number (USN) values for originating update and replicated updates.

repadmin /showrepl /conn

Appends a KCC CONNECTION OBJECTS section to the Repadmin output that lists all connections and why they were created.

repadmin /showrepl /conn /intersite

Displays the replication status for connections from domain controllers in remote sites from which the domain controller that is listed in the DSA_LIST parameter performs inbound replication.

repadmin /showrepl /errorsonly

Displays replication status only for source domain controllers with which the destination domain controller encounters replication errors.

repadmin /showconn dc1.test.com

Display the connection object for the server

dcdiag /test:replications

replication test using dcdiag

repadmin /showsig server1.microsoft.com

Display the replication signature for a server

Repadmin /Queue

shows you how many items are in the queue waiting to be replicated.

PS C:\> repadmin /showvector “cn=schema,cn=configuration,dc=mi,dc=com
Caching GUIDs.
..
Default-First-Site-Name\MIDC @ USN 561645 @ Time 2019-05-15 16:14:02
Default-First-Site-Name\CHNADC @ USN 127053 @ Time 2019-05-06 13:19:35
PS C:\> repadmin /showvector “dc=mi,dc=com”
Caching GUIDs.
..
Default-First-Site-Name\MIDC @ USN 561645 @ Time 2019-05-15 16:14:04
Default-First-Site-Name\CHNADC @ USN 127053 @ Time 2019-05-06 13:19:35
PS C:\> repadmin /showvector “cn=configuration,dc=mi,dc=com”
Caching GUIDs.
..
Default-First-Site-Name\MIDC @ USN 561645 @ Time 2019-05-15 16:14:08
Default-First-Site-Name\CHNADC @ USN 127053 @ Time 2019-05-06 13:19:35

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc742066%28v%3dws.11%29

https://social.technet.microsoft.com/wiki/contents/articles/50788.active-directory-repadmin-tool.aspx

https://jorgequestforknowledge.wordpress.com/2006/12/09/dsa-guids-and-invocation-ids/

https://premglitz.wordpress.com/2013/12/19/repadmin-examples/

The Authoritative Restore Explained

 

active directory dependent services


Monitoring Windows DFS


DFSDIAG /TestDCs

DFSDiag /TestDCs /Domain:test.com

DFSDIAG /TestSites

Creating a propagation report

Trust tools


NETDOM: Used to establish or break trust types.

netdom trust /?

NETDIAG: The output of this tool can give basic status on trust relationships.

NLTEST: Can be used to verify a trust relationship.

DFS commands


DFS Sync with two node(powershell):

Sync-DfsReplicationGroup -GroupName “college-Repl” -SourceComputerName “node-1” -DestinationComputerName “node-2” -DurationInMinutes 5

DFS Sync with one node :

dfsrdiag syncnow /partner:node-2 /RGName:college-Repl /Time:1

To find the DFS backlog:

dfsrdiag backlog /rgname:college-Repl /rfname:college /sendingmember:node-1 /receivingmember:node-2

DFS replication status:

dfsrdiag replicationstate

Trust Relationship


Types of Trust relationship

  • Parent-Child Trust:-  A type of trust relationship between parent domain and its child domain. when you install a new child domain in existing tree, a new Parent child trust established between parent domain and its child domain by default.
  • It is Transitive nature with Two-way Direction.

  • Tree Root Trust:- A type of trust relationship between tree domain and forest root domain. When you install a new Tree domain in an existing forest, a new Tree root trust  established between Tree domain and forest root domain by default.  
  • It is Transitive nature with Two-way Direction.

  • Shortcut Trust:- A type of trust relationship manually create by Administrator between Tree domain and Child domain (within the same forest) . It helps to improve the user logon process.
  • It is Transitive nature with One-way Direction or Two-way Direction.

     

  • Forest Trust:-  A type of trust relationship manually create by Administrator between two Root Domains.
  • It is Transitive nature with One-way Direction or Two-way Direction.

     

  • External Trust:-  A type of trust relationship manually create by Administrator between two Root Domains.
  • It is Non-Transitive nature with One-way Direction or Two-way Direction.
%d bloggers like this: