Click an Ad

If you find this blog helpful, please support me by clicking an ad!

Friday, August 23, 2013

Daily Comprehensive DCDIAG on my Main Domain Controller

This script had interest from an enterprising gent on a previous blog post that outlined what kind of tasks I've automated and reporting I gather from my environment.

Every morning at 6AM, my primary domain controller runs a comprehensive DCDIAG, and sends it to me. I use select-string to search the results of the DCDIAG output for the string "Failed". It's not foolproof; sometimes I do get failure emails (most of the time it's laggy replication caused by Veeam taking a backup snapshot). But I'd rather have advanced warning that something might be wrong with the most important thing in my environment: Active Directory.

As has become my custom, the comments do the talking from here on out.

#Specify some variables: the output file, what I'll search for, and email settings.
$TempFile = "C:\Temp\DCDiag_Temp.txt"
$SearchText = "Failed"
$SMTP = "mailserver.contoso.com"
$To = "me@contoso.com"
$From = "reports@contoso.com"

#Run the DCDIAG with the following switches: Comprehensive, Enterprise (runs against all DCs)
#and verbose, outputting to file
DCDiag /c /e /v > $TempFile

#Read the File
$DCDiag = (Get-Content $TempFile)

#Look for the string, and count how many time it appears, then convert it to a string
#Then take out some newline characters
$FailCount = (($DCDiag | select-string -simple $SearchText | measure-object).count | out-string)
$FailCountString = ($FailCount | out-string)
$FailCountString = ($FailCountString.replace("`r`n",""))

#Format the email, placing a count of the term "Failed" in the subject
$Subject = "PS Report - DCDiag Error Report - $FailCountString Errors"
$Body = "$FailCountString Errors"

#Send me an email
Send-Mailmessage -from $From -to $To -subject $Subject -smtpserver $SMTP -body $Body -Attachments $TempFile

#Delete the temp file
Remove-Item $TempFile

---------------------------------------------------
Normally, I only send the email if there's something to report, but I send this one every day for two reasons. One, I like knowing that it's running, and two, it gives me a warm fuzzy feeling seeing that AD is healthy (almost) every morning.
Posted by at

3 comments:

  1. UnknownAugust 24, 2013 at 3:02 PM

    Thanks Charles!

    ReplyDelete
  2. AMarch 31, 2014 at 9:35 AM

    I found this powershell script the other day:

    http://www.reddit.com/r/usefulscripts/comments/21ijyf/powershell_send_an_email_when_an_ad_account_is/

    It's stupid simple, but it's actually quite useful, IMO. It's triggered to gather info and email someone on a certain security event (event id#: 4740 - AD account locked out).

    ReplyDelete
  3. Charles StemalyMarch 31, 2014 at 9:48 AM

    That's good stuff, thanks!

    ReplyDelete

Subscribe to: Post Comments (Atom)