Domain Controller Service Health–revisited
Posted by: Richard Siddaway
Active Directory, PowerShell, WMI
A bit more digging as a follow up to the previous post shows that the NTDS service is shown when PowerShell is run with elevated privileges i.e. Run as Administrator. That means we want to be able to test is PowerShell is running in that mode
The test-dcservicehealth function becomes
function test-dcServiceHealth { [CmdletBinding()] param ( [parameter(Position=0, ValueFromPipeline=$true, ValueFromPipelineByPropertyName=$true)] [string]$computername=$env:COMPUTERNAME ) PROCESS { $currentUser = [Security.Principal.WindowsIdentity]::GetCurrent() if (! (New-Object Security.Principal.WindowsPrincipal $currentUser).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)){ Write-Warning "Must be run as administrator" return } "ADWS", "Dfs", "DFSR", "DNS", "IsmServ", "kdc", "Netlogon", "NTDS", "NtFrs", "W32Time", "WinRM" | foreach { Get-WmiObject -Class Win32_Service -Filter "Name = '$($_)'"-ComputerName $computername | select Name, DisplayName, State, @{N="DC";E={$computername}} } } }
I’ve added advanced function parameter attributes so the function accepts pipeline input, added NTDS to the list of services and added a test to see if PowerShell is running as administrator – if it isn’t it returns with a warning
which means we can do this
"dc02", "server02" | test-dcServiceHealth | ft -GroupBy DC –AutoSize
It would be better to get the domain controllers automatically so
function get-DomainControllerNames { $dom = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() $dom.FindAllDomainControllers() | select -ExpandProperty Name }
which then means we do
get-DomainControllerNames | test-dcServiceHealth | ft -GroupBy DC –AutoSize
and we get a nicely formatted report
Comment
RSS Feed
Email a friend
