?
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
$domaincontroller=(Get-ADForest |Select-Object -ExpandProperty RootDomain |Get-ADDomain |Select-Object -Property PDCEmulator).PDCEmulator;
 
## Define Objects ##
 
$report = New-Object PSObject -Property @{
 
ReplicationPartners = $null
 
LastReplication = $null
 
FailureCount = $null
 
FailureType = $null
 
FirstFailure = $null
 
}
 
## Replication Partners ##
 
$report.ReplicationPartners = (Get-ADReplicationPartnerMetadata -Target $domaincontroller).Partner
 
$report.LastReplication = (Get-ADReplicationPartnerMetadata -Target $domaincontroller).LastReplicationSuccess
 
## Replication Failures ##
 
$report.FailureCount  = (Get-ADReplicationFailure -Target $domaincontroller).FailureCount
 
$report.FailureType = (Get-ADReplicationFailure -Target $domaincontroller).FailureType
 
$report.FirstFailure = (Get-ADReplicationFailure -Target $domaincontroller).FirstFailureTime
 
## Format Output ##
 
$report | select ReplicationPartners,LastReplication,FirstFailure,FailureCount,FailureType | Out-GridView
 
<#
Active Directory or SysVol is inaccessible on this domain controller or an object is missing.
dc1.kimconnect.com inaccessible, site name: Default-First-Site-Name, IP address: 192.1000.5154.1544, GPOs: data uncollected
 
The issue was solved as below:
1. Backup GPOs from PDC and import them on other three DCs
2. Reset to default permissions on all GPOs
3. delete some registry.tmp file from some policies (this file exists in some GPOs -in sysvol- on one or two DCs and do not exist on other DCs)
#>
 
$ReplicaDirectoryServers=(Get-ADForest |Select-Object -ExpandProperty RootDomain |Get-ADDomain|select ReplicaDirectoryServers).ReplicaDirectoryServers
$pdc=(Get-ADForest |Select-Object -ExpandProperty RootDomain |Get-ADDomain |Select-Object -Property PDCEmulator).PDCEmulator;
$bdc=$ReplicaDirectoryServers[0];
$pdcSysvolSubFolders=Get-ChildItem -path "\\$pdc\c$\Windows\SYSVOL\domain\Policies"|sort -property LastWriteTime -Descending
$bdcSysvolSubFolders=Get-ChildItem -path "\\$bdc\c$\Windows\SYSVOL\domain\Policies"|sort -property LastWriteTime -Descending
 
for ($i=0;$i -lt $pdcSysvolSubFolders.count; $i++){
    Compare-Object -ReferenceObject $pdcSysvolSubFolders[$i] -DifferenceObject $bdcSysvolSubFolders[$i]
    }
Categories: