DCDAIG is one of the most important comprehensive tools available for measuring the health for AD and DC's, and every Active Directory administrator must know how to use.
DCDIAG analyzes the state of domain controllers in a forest or enterprise and reports any problems to assist in troubleshooting. As Active directory administrator DCdiag should be the essential for when it comes to troubleshooting DC related issues. After downloading support tolls you can use /h (help switch) to discover all available options. Don't forget you can always dump the output on the command line into a text file by using >DCDiag.txt switch (or any extension you wish to use)
Let's start with basic test
- You logged into your work station, open CMD line with your admin privileged, alternatively you cn fire up PSEXEC and execute remote CMD on the DC you will be performing this test. Either way is fine.
- My domain controller name is nhqdtcdc5 don't forget you need to install windows 2003 tools to get the DCDIAG
Dcdiag /testdns /nhqdtcdc5
- Testing server: JPK\NHQDTCDC5
- Starting test: Connectivity
- ......................... NHQDTCDC5 passed test Connectivity
- Doing primary tests
- Testing server: JPK\NHQDTCDC5
- DNS Tests are running and not hung. Please wait a few minutes...
- Running partition tests on : archq
- Running partition tests on : Schema
- Running partition tests on : Configuration
- Running enterprise tests on : ri.SMTP2525.net
- Starting test: DNS
- ......................... ri.SMTP25.net passed test DNS
dcdiag /test:DnsBasic /s:nhqdtcdc5
DCDIAG is most often used to verify domain controller health. It can be used to report on a single connectivity issue (like DNS) or on a host of possible network and service connectivity issues. You can use it to issue a report on a single server or all of them in your Active Directory forest central top-tier administrators.
DCdiag
dcdiag /test:registerindns /dnsdomain:archq.ri.STP25.net
The DNS configuration is sufficient to allow this computer to dynamically register the A record corresponding to its DNS name.
The test DNS test verifies that the following mandatory Active Directory Domain Controller services are running and available:
- DNS client service
- NETLOGON service
- KDC service
- DNS Server service (if DNS is installed on the domain controller)
In this example we logged into management server and run the below command to the DC
Dcdiag /test:DNS /s:dc1 (DC1 is the remote domain controller)
C:\WINDOWS\system32>dcdiag /test:DNS /s:nhqdtcdc4
doing primary tests |
Testing server: JPK\NHQDTCDC4 |
NS Tests are running and not hung. Please wait a few minutes... |
Running partition tests on : DomainDnsZones |
Running partition tests on : ForestDnsZones |
Running partition tests on : archq |
Running partition tests on : Schema |
Running partition tests on : Configuration |
Running enterprise tests on : ri.SMTP25.net |
Starting test: DNS |
......................... ri.STP25.net passed test DNS |
Best,
Oz ozugurlu
No comments:
Post a Comment