tools.rdr-it.comScriptsSanté contrôleur de domaine

🏥 Santé contrôleur de domaine

Réplication AD, SYSVOL, NETLOGON, RID pool, FSMO

powershellScript

Santé Domain Controller

Vérifie les points critiques de santé d'un ou plusieurs Domain Controllers.

Script

#Requires -Module ActiveDirectory

sante-dc.ps1 — Vérification santé Domain Controller


Usage : .\sante-dc.ps1 [-DC "dc01"] [-All]



param(

    [string]$DC = $env:LOGONSERVER -replace '\\\\','',
    [switch]$All
)


$RED = "Red"; $GREEN = "Green"; $YELLOW = "Yellow"; $CYAN = "Cyan"



function Check($label, $ok, $msg) {

    $color = if ($ok) { $GREEN } else { $RED }
    $icon  = if ($ok) { "[OK]  " } else { "[FAIL]" }
    Write-Host "$icon $label" -ForegroundColor $color
    if ($msg) { Write-Host "       $msg" -ForegroundColor Gray }
}


$DCs = if ($All) { (Get-ADDomainController -Filter *).Name } else { @($DC) }



foreach ($server in $DCs) {

    Write-Host "`n══════════════════════════════════════════════" -ForegroundColor Cyan
    Write-Host "  DC : $server" -ForegroundColor Cyan
    Write-Host "══════════════════════════════════════════════" -ForegroundColor Cyan


    # ── Connectivité ──────────────────────────────────────────────────

    Write-Host "`n── Connectivité ─────────────────────────────" -ForegroundColor Yellow
    $ping = Test-Connection -ComputerName $server -Count 1 -Quiet
    Check "Ping" $ping


    # ── Services AD essentiels ────────────────────────────────────────

    Write-Host "`n── Services AD ──────────────────────────────" -ForegroundColor Yellow
    $services = @("NTDS","DFSR","Netlogon","DNS","W32Time","kdc")
    foreach ($svc in $services) {
        try {
            $s = Get-Service -Name $svc -ComputerName $server -ErrorAction Stop
            Check "$svc" ($s.Status -eq "Running") "Status: $($s.Status)"
        } catch {
            Check "$svc" $false "Inaccessible ou non installé"
        }
    }


    # ── Réplication AD ────────────────────────────────────────────────

    Write-Host "`n── Réplication AD ───────────────────────────" -ForegroundColor Yellow
    $replSummary = repadmin /replsummary $server 2>&1
    $replErrors  = ($replSummary | Select-String "fail" | Measure-Object).Count
    Check "Réplication (repadmin)" ($replErrors -eq 0) "Erreurs : $replErrors"


    # Dernière réplication par partenaire

    $replPartners = repadmin /showrepl $server 2>&1 | Select-String "Last attempt"
    $replPartners | ForEach-Object { Write-Host "       $_" -ForegroundColor Gray }


    # ── SYSVOL ────────────────────────────────────────────────────────

    Write-Host "`n── SYSVOL ───────────────────────────────────" -ForegroundColor Yellow
    $sysvol = Test-Path "\\$server\SYSVOL"
    Check "SYSVOL accessible" $sysvol


    # ── FSMO ──────────────────────────────────────────────────────────

    Write-Host "`n── Rôles FSMO ───────────────────────────────" -ForegroundColor Yellow
    $domain  = Get-ADDomain
    $forest  = Get-ADForest
    $fsmo = @{
        "PDC Emulator"       = $domain.PDCEmulator
        "RID Master"         = $domain.RIDMaster
        "Infrastructure"     = $domain.InfrastructureMaster
        "Schema Master"      = $forest.SchemaMaster
        "Domain Naming"      = $forest.DomainNamingMaster
    }
    foreach ($role in $fsmo.GetEnumerator()) {
        $owner = $role.Value -replace "\..+",""
        Write-Host "       $($role.Key): $owner" -ForegroundColor Gray
    }


    # ── DNS ───────────────────────────────────────────────────────────

    Write-Host "`n── DNS ──────────────────────────────────────" -ForegroundColor Yellow
    try {
        $resolve = Resolve-DnsName -Name $domain.DNSRoot -Server $server -ErrorAction Stop
        Check "Résolution DNS domaine" $true "$($domain.DNSRoot) → $($resolve[0].IPAddress)"
    } catch {
        Check "Résolution DNS domaine" $false $_.Exception.Message
    }


    # ── NTP / Temps ───────────────────────────────────────────────────

    Write-Host "`n── Synchronisation NTP ──────────────────────" -ForegroundColor Yellow
    $w32tm = w32tm /query /computer:$server /status 2>&1
    $source = ($w32tm | Select-String "Source").Line
    $offset = ($w32tm | Select-String "Phase Offset").Line
    Write-Host "       $source" -ForegroundColor Gray
    Write-Host "       $offset" -ForegroundColor Gray


    # ── Espace disque ─────────────────────────────────────────────────

    Write-Host "`n── Espace disque ────────────────────────────" -ForegroundColor Yellow
    Get-WmiObject Win32_LogicalDisk -ComputerName $server -Filter "DriveType=3" |
    ForEach-Object {
        $pct = [math]::Round(($_.Size - $_.FreeSpace) / $_.Size * 100, 1)
        $ok  = $pct -lt 85
        Check "$($_.DeviceID) — $pct% utilisé" $ok "$([math]::Round($_.FreeSpace/1GB,1)) GB libres / $([math]::Round($_.Size/1GB,1)) GB"
    }
}


Write-Host "`n══════════════════════════════════════════════" -ForegroundColor Cyan

Write-Host "  Vérification terminée — $(Get-Date -Format 'HH:mm:ss')" -ForegroundColor Cyan
Write-Host "══════════════════════════════════════════════`n" -ForegroundColor Cyan

Utilisation

# Vérifier le DC courant
.\sante-dc.ps1


Vérifier un DC spécifique

.\sante-dc.ps1 -DC "dc01.domain.local"


Vérifier TOUS les DCs du domaine

.\sante-dc.ps1 -All
🔧 Ouvrir tools.rdr-it.com — application complète →

Plus de 40 outils AdminSys gratuits · SSL · DNS · Docker · Nginx · SSH · Mermaid · et plus