Welcome to Dirteam.com/ActiveDir.org Blogs Sign in | Join | Help

Carlos

things i do

News

  • MSN Alerts




ADHC is born (SCREENSHOTS included)

So I have started the Active Directory Health Check (ADHC) and I must admit, I am loving it. I took an old application I was building and fixed some bugs that I knew existed. Then I slapped a quick GUI onto it, just so we can see some information on the screen. 

Information gathering is the first step of the application, once we have the information we can then start analyzing the data and running some rules against the data that we have. 

One of the bug bears I have with the wonderful Active Directory namespace is that there is no way of it reporting statuses back to the calling object. This is more a gripe when it comes to a GUI.

 

Why?-

Well say you have a massive forest with many domains and many sites across slow links, the Forest object tries to discover and populate this information. It does not report its progress so you are stuck with an unresponsive GUI. When it does come back you have all the information you need though. I will find a way of entertaining the user while we get the information. But that’s the least of my worries at the momement.

 

So lets dive straight into the first screen shots of the tool. The first screen shot shows you information of the FOREST that was discovered, as you can see it shows you the following Forest information

·         Forest functional level

·         Number of domains in the Forest

·         Number of sites in the Forest

·         List of sites in Forest

·         List of Global Catalogs (GC’s) in the Forest

·         Forest wide FSMO Roles and which Domain controller holds these

 

The screen shot below Describes the information above:

 

 

Then we get to the domain information, as you can see it shows you the following domain information:

  • Domain Name
  • Domain Parent (this would show the tree structure if this was a child domain)
  • Domain Functional Level
  • The site(s) this domain spans
  • GC’s in the domain
  • Domain Wide FSMO roles and which DC’s host these roles (you can see I have broken best practice in this instance with all FSMO’s on one DC but this is a lab test environment)

 

 

Now that we have the domain information lets have a look at the domain controllers (DCs) in the domain. As you can see it shows you the following:

  • DC FQDN
  • DC operating system (OS)
  • DC IP address
  • DC site name
  • If the DC is a GC or not
  • Current Time on DC (Important for trouble shooting Kerberos ticket issues)
  • FSMO Roles on the DC
  • Partitions hosted by that DC

 

Now this is the “General Domain Controller” information, then there is specific information about a DC namely the replication information about this DC. I have exposed the following information as Tabs in this GUI:

  • Inbound and Outbound connection for the DC
  • Replication Errors for the DC
  • Replication Partners for the DC
  • DC Meta data, so you can specify an objects distinguished name and it will return the meta data for that object.

 

Inbound and Outbound connection for the DC

 

 

Replication Errors for the DC

 

 

Replication Partners for the DC

 

 

DC Meta data, so you can specify an objects distinguished name and it will return the meta data for that object.

 

Anyway I thought I would let you all know what I am up to and how far I have gotten, as I have more tangible information I will release it. For now I am interested in your comments so please post away.

 

I have attached a ZIP file with all the pictures above if you would like them for your referance.


Carlos

Posted: Wednesday, April 26, 2006 1:50 PM by carlos
Filed under:

Attachment(s): Gui Pictures.zip

Comments

Tomek said:

Nice work !!!
# April 26, 2006 6:04 AM

Philipp said:

Hi Carlos,

looks great... when you are looking for a beta tester ;-)

A HTML Output ... would be supercool...

[Quote=carlos]I will find a way of entertaining the user while we get the information.[/quote]

You could write a litte animation who shows all Users in the domain ... dropping in the trash... 50 % until domain termination ...51, 52... ;-)

BTW: When it´s finished I will write a little article about it on www.mcseboard.de
www.serverhowto.de (not online yet)

Regards Philipp
http://blog.kohnonline.de
MOD @ www.mcseboard.de
# April 26, 2006 10:27 AM

carlos said:

Thank you Tomek, your comments are always appreciated
Carlos
# April 27, 2006 2:25 PM

carlos said:

Philip,
All your ideas (the writting the article etc) sound EXCELLENT.
As soon as I have a working and ***Stable*** version you will be one of the first to know, you got a big network to test this on.

Again thank you for the ideas (the 50% termination would really cause some interesting reactions).

Again thank you for your input in the blog :)
Carlos
# April 27, 2006 2:29 PM

Yann said:

Hi Carlos.

Good work !
May I ask you if ADHC will be available for public download ?

I will be interested to test it in my environnement.

Thanks,

Yann
# May 13, 2006 12:04 PM

Mike Kline said:

Carlos,

I'm sure you are going to get a lot of traffic after the thread that you and Freddy started.  This tool looks like it will help a lot of us in the field.  

You are going to become as famous as the guys who wrote ADModify :)

Thanks for working on this and we look forward to getting this into our test labs and playing with ADHC.

Thanks
Mike
# May 17, 2006 3:46 AM

Anonymous said:

This is pretty cool. There is another (free) product called LDAPEditor thats a fantastic ldap browser/editor. And not only does it work with AD... it will work with eDirectory, OpenLDAP, ADAM etc.. It also lumps in a rules based editor for batch attribute processing and a server to server object copy wizard.. check it out http://www.ldapeditor.com
# October 3, 2006 3:36 AM
Anonymous comments are disabled