AD health check and cleanup
Hi, I’m running a Windows 2003 SP2 native mode with Single forest and single domain. Now I want to upgrade my domain to Windows 2008 AD by putting a new DC with Windows 2008 R2. Before I do that I would like to see my current AD in a good condition and cleanup any obsolete objects. Also the new Windows 2008 DC will be having a new name.
So I need some suggestions from you all about what Tools, scripts or commands do I need to run before the upgrade process. Thanks in advance.
Re: AD health check and cleanup
Whenever I come across such problems the very first thing I do is check the eventlog of all DCs involved and running repadmin as well as dcdiag on the DCs. This is helps us lot. So check the same first and if there are any error messages listed in the event log or with replication errors, then there are several built-in tools available in the Windows Server which will help you out.
As far as cleaning up and deleting obsolete objects is concerned, you can look at joe's oldcmp at joeware.net . It will help you to delete stale computer and user objects.
Re: AD health check and cleanup
Hello Brandy,
Yes, there are several tools available using which you can check the health of your DC 2003. Tools such as dcdiag /v, netdiag /v and repadmin /showrepl will help you for the same. For using this tools you will need to install the support\tools\suptools.msi
from the 2003 installation disk. And as techman said above, you should always check the Event Viewer to get the report of your DC’s health. Apart from this you can also run:
dnslint /ad /s "DC ip address"
Re: AD health check and cleanup
We run the following script every week plus SCOM is online.Obviously you
need to change the dcName and ip_address
Quote:
@echo off
c:
cd \
cd "program files\support tools"
del c:\dcdiag.log
DCDIAG /V /C /D /E /s:dcName > c:\dcdiag.log
start c:\dcdiag.log
repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt
start c:\repl.txt
start notepad.exe C:\WINDOWS\Debug\Netlogon.log
ntfrsutl ds dcName > c:\sysvol.log
start c:\sysvol.log
dnslint /ad /s ip_address /v