2010-04-28

Monitor AD Replication Status with Powershell

Do you know the feeling?

You have 40 domain controllers located in 20 different locations - with a multitude of child domains and children of those child domains, on all sides of the globe (yeah I know a globe does not have sides….), with different people at different levels of expertise managing these DC's? Sound familiar?

And for some reason someone went on vacation and forgot to clean up a movie that they put on the DC's C: drive - because they had nowhere else to put it? (well I am joking of course - but the reasons for disk space running out could be for multitude of reasons).

And the C: drive has no more free space.

And therefore the DC's stops responding properly.

And your start getting replication errors between the Domain Controllers.

So do you know the feeling??

Now of course you could have someone (or something monitor your logs for you - but not necessarily would you catch the replication issue - because you would have to monitor more than just one DC).

Well thanks to Microsoft there is small tool which will give you the replication status and if you would like it can do a whole lot more than that, but for this example the replication status will suffice.

Repadmin - and if you have not used it before then I suggest you get to know the tool.

repadmin.exe /showrepl * /csv

Ok .. Whoopee! And now what do I do with that info? Well you could:

  1. open it in Excel and
  2. filter out all the values that have 0 failures
  3. and then see where the issues are

That would be nice… but not automated!!

What if you could get the data, filter out to retrieve only what you wanted (which would be all the failures) and send it to an admin by mail. And to make your life complete (just kidding), have this run on a regular schedule?

Here you are.

# ==============================================================================================
# NAME: Check-Replication
# 
# AUTHOR: Maish Saidel-Keesing
# DATE  : 27/04/2010
# 
# COMMENT: Will check the replication status and if there are failures will send an email to the
# Assigned Addresses.
# ** Requires Repadmin from the Windows resource Kit accessible in the default path **
# ==============================================================================================

$from = "Replication Status<maishsk@gmail.com>"
$to = "Maish<maishsk@gmail.com>"
#Collect the replication info

#Check the Replication with Repadmin
$workfile = D:\software\USB_Tool_Kit\Tools\repadmin.exe /showrepl * /csv 
$results = ConvertFrom-Csv -InputObject $workfile | where {$_.'Number of Failures' -ge 1}


#Here you set the tolerance level for the report
$results = $results | where {$_.'Number of Failures' -gt 1 }

if ($results -ne $null ) {
	$results = $results | select "Source DC", "Naming Context", "Destination DC" ,"Number of Failures", "Last Failure Time", "Last Success Time", "Last Failure Status" | ConvertTo-Html
	} else {
	$results = "There were no Replication Errors"
}

Send-MailMessage -From $from -To $to -Subject "Daily Forest Replication Status" -SmtpServer "smtp.maishsk.local" -BodyAsHtml ($results | Out-String)


Line 17.
Run the command and put it into CSV format

Line 18. Convert the results from the variable into a variable and filter them

Lines 20-24. If the results are not empty (which means you have errors) then apply some formatting to the output and convert that output to HTML. If there were no errors then set the variable to show that fact.

Line 26. Send the results by email

So from going from lines and lines of this

image

to this - which I can get in my inbox every 4 hours because it is now running as a scheduled task.

image

or this if all is fine and dandy

image

Hope this is useful to someone!

--UPDATE--

I updated the script above to remove the use of a temporary file - it was not necessary - everything can be saved into variables and clean up some logic.