ActiveDirectory健康巡检报告0429.docx
《ActiveDirectory健康巡检报告0429.docx》由会员分享,可在线阅读,更多相关《ActiveDirectory健康巡检报告0429.docx(36页珍藏版)》请在冰豆网上搜索。
ActiveDirectory健康巡检报告0429
Activedirectory健康巡检报告
运维服务部-系统组
2011年04月29日
版本记录
版本
时间
修订人
描述
说明:
A-增加M-修改D-删除
状态:
编写中/已提交/已发布
1.风险定义
1)
正常信息–属于正常的信息,不存在可导致系统不可用方面的问题。
2)
一般问题–问题还需要进一步关注,并不一定会立即对系统造成损害。
运维
人员应该经常检查这些问题,在必要时采取措施。
3)
紧急状态–可能影响稳定性,安全性或者对系统的性能产生严重影响的问题。
应该在巡检后立即进行处理。
2.检查范围定义
Domain
DomainController
IPAddress
Location
↘AD-FEMOO-01
192.168.107.217
菜市口
↘AD-FEMOO-02
192.168.107.218
菜市口
↘AD-FEMOO-03
192.168.240.43
丰台
Pub.F
↘AD-PUB-01
192.168.107.209
菜市口
↘AD-PUB-02
192.168.107.210
菜市口
↘AD-PUB-03
192.168.240.44
丰台
3.检查内容定义
本次activedirectory检查内容定义如下表所示:
SN
CheckType
CheckList
1
ActiveDirectoryReplication
a)AD站点拓扑信息
b)AD森林和域信息
c)复制状态信息
2
FRS/GroupPolicy
a)Sysvol状态
b)FRS信息
3
DNSNamingResolve
a)Dcdiag–DNS
b)DNS信息
4
DCHealthCheck
a)Dcdiag–general
b)TimeServer配置
c)EventLog检查
5
DCsystemStateBackupCheck
a)备份状态
b)备份策略、计划
c)备份恢复流程
4.检查结果统计
依据如上的检查内容,通过对检查结果的分析,当前pub和femoo域总体健康性良好,无异常现象。
4.1.AD巡检结果汇总
SN
CheckList
RiskStatus
1
ActiveDirectoryReplication
2
FRS/GroupPolicy
3
DNSNamingResolve
4
DCHealthCheck
5
DCsystemStateBackupCheck
4.2.各DC巡检状态
DomainNaming
ServerName
DCStatus
F
AD-FEMOO-01
AD-FEMOO-02
AD-FEMOO-03
P
AD-PUB-01
AD-PUB-02
AD-PUB-03
5.健康检查结果描述
5.1.活动目录复制
5.1.1.FSMOinformation
1)Femoo:
SchemaandDomainNamingMaster
FSMOName
RoleofthePosition
SchemaMaster
Ad-femoo-02
DomainNamingMaster
Ad-femoo-02
2)Femoo:
PDC\RIDMaster\infrastructuremaster
FSMOName
RoleofthePosition
PDC
Ad-femoo-02
RIDMaster
Ad-femoo-02
infrastructuremaster
Ad-femoo-02
3)Pub:
SchemaandDomainNamingMaster
FSMOName
RoleofthePosition
SchemaMaster
Ad-pub-01
DomainNamingMaster
Ad-pub-01
4)Pub:
PDC\RIDMaster\infrastructuremaster
FSMOName
RoleofthePosition
PDC
Ad-pub-01
RIDMaster
Ad-pub-01
infrastructuremaster
Ad-pub-01
5.1.2.AD站点拓扑信息
↘所属域:
F
↘风险状态:
↘检查结果:
ReplicationSummaryStartTime:
2011-04-0216:
41:
01
Beginningdatacollectionforreplicationsummary,thismaytakeawhile:
......
SourceDClargestdeltafails/total%%error
AD-FEMOO-0152m:
20s0/100
AD-FEMOO-0254m:
20s0/100
AD-FEMOO-0354m:
20s0/100
DestinationDClargestdeltafails/total%%error
AD-FEMOO-0154m:
20s0/100
AD-FEMOO-0252m:
20s0/100
AD-FEMOO-0343m:
33s0/100
↘所属域:
Pub.F
↘风险状态:
↘检查结果:
C:
\supporttools\repadmin.exe/replsum
ReplicationSummaryStartTime:
2011-04-0216:
38:
36
Beginningdatacollectionforreplicationsummary,thismaytakeawhile:
......
SourceDClargestdeltafails/total%%error
AD-PUB-0153m:
23s0/100
AD-PUB-0253m:
23s0/100
AD-PUB-0344m:
09s0/100
DestinationDClargestdeltafails/total%%error
AD-PUB-0143m:
29s0/100
AD-PUB-0244m:
09s0/100
AD-PUB-0353m:
23s0/100
5.1.3.目录复制链路状态
↘所属域:
↘风险状态:
↘检查结果:
#repadmin.exe/showrepl
repadminrunningcommand/showreplagainstserverlocalhost
Default-First-Site-Name\AD-FEMOO-02
DCOptions:
IS_GC
SiteOptions:
(none)
DCobjectGUID:
a602fe0a-818e-47a1-8c60-65bf9e2c3964
DCinvocationID:
5f55d0e7-8858-4953-bbaa-09bf41620d66
====INBOUNDNEIGHBORS======================================
DC=femoo,DC=com
Default-First-Site-Name\AD-FEMOO-01viaRPC
DCobjectGUID:
82858742-2690-4df8-8b7f-0b398335d077
Lastattempt@2011-04-0216:
30:
13wassuccessful.
Default-First-Site-Name\AD-FEMOO-03viaRPC
DCobjectGUID:
c4eab42d-e60a-4897-b352-a3e19a9646db
Lastattempt@2011-04-0216:
30:
38wassuccessful.
CN=Configuration,DC=femoo,DC=com
Default-First-Site-Name\AD-FEMOO-03viaRPC
DCobjectGUID:
c4eab42d-e60a-4897-b352-a3e19a9646db
Lastattempt@2011-04-0215:
48:
41wassuccessful.
Default-First-Site-Name\AD-FEMOO-01viaRPC
DCobjectGUID:
82858742-2690-4df8-8b7f-0b398335d077
Lastattempt@2011-04-0215:
48:
41wassuccessful.
CN=Schema,CN=Configuration,DC=femoo,DC=com
Default-First-Site-Name\AD-FEMOO-03viaRPC
DCobjectGUID:
c4eab42d-e60a-4897-b352-a3e19a9646db
Lastattempt@2011-04-0215:
48:
41wassuccessful.
Default-First-Site-Name\AD-FEMOO-01viaRPC
DCobjectGUID:
82858742-2690-4df8-8b7f-0b398335d077
Lastattempt@2011-04-0215:
48:
41wassuccessful.
DC=ForestDnsZones,DC=femoo,DC=com
Default-First-Site-Name\AD-FEMOO-03viaRPC
DCobjectGUID:
c4eab42d-e60a-4897-b352-a3e19a9646db
Lastattempt@2011-04-0216:
23:
22wassuccessful.
Default-First-Site-Name\AD-FEMOO-01viaRPC
DCobjectGUID:
82858742-2690-4df8-8b7f-0b398335d077
Lastattempt@2011-04-0216:
23:
38wassuccessful.
DC=DomainDnsZones,DC=femoo,DC=com
Default-First-Site-Name\AD-FEMOO-03viaRPC
DCobjectGUID:
c4eab42d-e60a-4897-b352-a3e19a9646db
Lastattempt@2011-04-0216:
23:
28wassuccessful.
Default-First-Site-Name\AD-FEMOO-01viaRPC
DCobjectGUID:
82858742-2690-4df8-8b7f-0b398335d077
Lastattempt@2011-04-0216:
23:
44wassuccessful.
所属域:
↘
风险状态:
↘检查结果:
repadminrunningcommand/showreplagainstserverlocalhost
Default-First-Site-Name\AD-PUB-01
DCOptions:
IS_GC
SiteOptions:
(none)
DCobjectGUID:
3e7a172f-412c-4595-b7ed-146eae4b514c
DCinvocationID:
3e7a172f-412c-4595-b7ed-146eae4b514c
====INBOUNDNEIGHBORS======================================
DC=pub,DC=femoo,DC=com
Default-First-Site-Name\AD-PUB-03viaRPC
DCobjectGUID:
03833208-691f-436a-ad79-67457f105fca
Lastattempt@2011-04-0216:
32:
19wassuccessful.
Default-First-Site-Name\AD-PUB-02viaRPC
DCobjectGUID:
e0cab61c-22ba-48dc-b27a-0b388269356c
Lastattempt@2011-04-0216:
32:
23wassuccessful.
CN=Configuration,DC=pub,DC=femoo,DC=com
Default-First-Site-Name\AD-PUB-02viaRPC
DCobjectGUID:
e0cab61c-22ba-48dc-b27a-0b388269356c
Lastattempt@2011-04-0215:
55:
07wassuccessful.
Default-First-Site-Name\AD-PUB-03viaRPC
DCobjectGUID:
03833208-691f-436a-ad79-67457f105fca
Lastattempt@2011-04-0215:
55:
07wassuccessful.
CN=Schema,CN=Configuration,DC=pub,DC=femoo,DC=com
Default-First-Site-Name\AD-PUB-02viaRPC
DCobjectGUID:
e0cab61c-22ba-48dc-b27a-0b388269356c
Lastattempt@2011-04-0215:
55:
07wassuccessful.
Default-First-Site-Name\AD-PUB-03viaRPC
DCobjectGUID:
03833208-691f-436a-ad79-67457f105fca
Lastattempt@2011-04-0215:
55:
07wassuccessful.
DC=DomainDnsZones,DC=pub,DC=femoo,DC=com
Default-First-Site-Name\AD-PUB-03viaRPC
DCobjectGUID:
03833208-691f-436a-ad79-67457f105fca
Lastattempt@2011-04-0216:
20:
17wassuccessful.
Default-First-Site-Name\AD-PUB-02viaRPC
DCobjectGUID:
e0cab61c-22ba-48dc-b27a-0b388269356c
Lastattempt@2011-04-0216:
20:
35wassuccessful.
DC=ForestDnsZones,DC=pub,DC=femoo,DC=com
Default-First-Site-Name\AD-PUB-02viaRPC
DCobjectGUID:
e0cab61c-22ba-48dc-b27a-0b388269356c
Lastattempt@2011-04-0216:
28:
26wassuccessful.
Default-First-Site-Name\AD-PUB-03viaRPC
DCobjectGUID:
03833208-691f-436a-ad79-67457f105fca
Lastattempt@2011-04-0216:
28:
44wassuccessful.
5.1.4.测试指定DC目录复制
↘所属域:
(ad-femoo-02与ad-femoo-03复制测试)
↘风险状态:
↘检查结果:
C:
\supporttools\repladmin.exe/syncallad-femoo-03
CALLBACKMESSAGE:
Thefollowingreplicationisinprogress:
From:
a602fe0a-818e-47a1-8c60-65bf9e2c3964._
To:
c4eab42d-e60a-4897-b352-a3e19a9646db._
CALLBACKMESSAGE:
Thefollowingreplicationcompletedsuccessfully:
From:
a602fe0a-818e-47a1-8c60-65bf9e2c3964._
To:
c4eab42d-e60a-4897-b352-a3e19a9646db._
CALLBACKMESSAGE:
Thefollowingreplicationisinprogress:
From:
82858742-2690-4df8-8b7f-0b398335d077._
To:
c4eab42d-e60a-4897-b352-a3e19a9646db._
CALLBACKMESSAGE:
Thefollowingreplicationcompletedsuccessfully:
From:
82858742-2690-4df8-8b7f-0b398335d077._
To:
c4eab42d-e60a-4897-b352-a3e19a9646db._
CALLBACKMESSAGE:
SyncAllFinished.
SyncAllterminatedwithnoerrors.
↘所属域:
(ad-pub-01与ad-pub-03复制测试)
↘风险状态:
↘检查结果:
C:
\supporttools\repadmin.exe/syncallad-pub-03
CALLBACKMESSAGE:
Thefollowingreplicationisinprogress:
From:
3e7a172f-412c-4595-b7ed-146eae4b514c._
To:
03833208-691f-436a-ad79-67457f105fca._
CALLBACKMESSAGE:
Thefollowingreplicationcompletedsuccessfully:
From:
3e7a172f-412c-4595-b7ed-146eae4b514c._
To:
03833208-691f-436a-ad79-67457f105fca._
CALLBACKMESSAGE:
Thefollowingreplicationisinprogress:
From:
e0cab61c-22ba-48dc-b27a-0b388269356c._
To:
03833208-691f-436a-ad79-67457f105fca._
CALLBACKMESSAGE:
Thefollowingreplicationcompletedsuccessfully:
From:
e0cab61c-22ba-48dc-b27a-0b388269356c._
To:
03833208-691f-436a-ad79-67457f105fca._
CALLBACKMESSAGE:
SyncAllFinished.
SyncAllterminatedwithnoerrors.
5.2.FRS/GroupPolicy
5.2.1.Sysvol状态
↘所属域:
↘风险状态:
↘检查结果:
#dcdiag/test:
frssysvol
DomainControllerDiagnosis
Performinginitialsetup:
Donegatheringinitialinfo.
Doinginitialrequiredtests
Testingserver:
Default-First-Site-Name\AD-FEMOO-02
Startingtest:
Connectivity
.........................AD-FEMOO-02passedtestConnectivity
Doingprimarytests
Testingserver:
Default-First-Site-Name\AD-FEMOO-02
Startingtest:
frssysvol
.........................AD-FEMOO-02passedtestfrssysvol
Runningpartitiontestson:
DomainDnsZones
Runningpartitiontestson:
ForestDnsZones
Runningpartitiontestson:
Schema
Runningpartitiontestson:
Configuration
Runningpartitiontestson