Windows
repadmin /syncall /AdeP Install-WindowsFeature -Name Windows-Server-Backup -IncludeAllSubfeature -IncludeManagementTools wbadmin start backup -backuptarget:c: -include:e: Netdom query fsmo: ------------------ Get-ADForest and Get-ADDomain Get-ADForest | Select-Object DomainNamingMaster, SchemaMaster Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator BPA Error: The pdc emulator master should be configured to correctly synchronize time ------Display a computers current time source using the following command------ w32tm /query /source W32tm /query /configuration PDC Emulator : It provides time service for synchronizing time in an enterprise. Password changes performed by other domain controllers are replicated to the PDC Emulator in a preferential manner. ------How to Configure Time Synchronization on the PDC Emulator------ --------------------------------------------------------------------- w32tm /config /update /manualpeerlist:"0.ca.pool.ntp.org,1.ca.pool.ntp.org,2.ca.pool.ntp.org" /syncfromflags:manual /reliable:YES w32tm /resync /rediscover /nowait Time Sync command : ------------------- w32tm /query /status net time /querysntp net stop w32time w32tm /unregister w32tm /register net start w32time tzutil /s Mountain Standard Time AD Health Check -- DCDiag -- ----------------------------- Use /s to run against a remote server --- This will run all the DC tests against the remote server DC1. Dcdiag /s:DC1 Dcdiag /s:DC1 /v Dcdiag /s:DC1 /f:c:\it\dcdiag_test.txt Dcdiag /s:DC1 /a Dcdiag /s:DC1 /q -------------------------Use multiple switches (My favorite)---------------------------- dcdiag /s:DC1 /c /v /f:c:\it\dcdiag_test.txt DNS TS : DCDiag and NSLookup Register the Active Directory Schema MMC Snap-in : -------------------------------------------------- regsvr32 schmmgmt.dll Active Directory Recycle Bin step-by-step : ------------------------------------------- In the following steps, you will use ADAC to perform the following Active Directory Recycle Bin tasks in Windows Server 2012: Step 1: Raise the forest functional level Step 2: Enable Recycle Bin Step 3: Create test users, group and organizational unit Step 4: Restore deleted objects AD Sync problem - You need to check couple of the options to fix this issue. ----------------------------------------------------------------------------- 1.Check DNS settings on NIC (preferred should be itself if it holds DNS role) 2.Repadmin /replsum at elivated command prompt. If you notice any errors work on that. 3.Add Antivirus exceptions for SYSVOL, NTDS folders 4.Restart Netlogon, DNS and ipconfig /flushdns & ipconfig /registerdns 5.If none of the above options doesn't work, provide us ipconfig /all and DCDiag /v logs for better understanding about the issue. Run as Administrator and type dsac.exe to open ADAC. NTDSutil Mimikatz is a leading post-exploitation tool that dumps passwords from memory - Check the KB Monitoring Active Directory with the PowerShell module PSADHealth : Find-Module PSADHealth Install-Module PSADHealth Get-ADConfig