تست سلامت عملکرد دامین (اکتیودایرکتوری چگونه انجام می شود؟؟

با سلام

شبکه دامینی دارم که تصمیم دارم :

• برای شعبات مجموعه ، هم شبکه دامین راه اندازی کنم و Rodc راه اندازی کنم
• اینکه از دامین 2016 مهاجرت به 2019 کنم

قبل از اینکه مهاجرت انجام بشه و Rodc راه اندازی کنم و قبل از اینکه دامین گسترده تر بشه، از سلامت دامین فعلی خواستم مطمن بشم .

از دستورات health check Domain استفاده کردم و خروجی کار با اجرا هر دستور متفاوت است .

مشخصات :

نام دامین : X.com

دامین اصلی یا اولین node در forest  :  DCM

دامین ادیشنال اول : DCA

دامین ادیشنال دوم : DCA2

دامین ادیشنال سوم : DCA3

netdom query fsmo

Schema master               DCA2.X.com

Domain naming master           DCA2.X.com

PDC                          DCM.X.com

RID pool manager              DCM.X.com

Infrastructure master          DCM.X.com

----------------------------------------------------

C:\Windows\system32>dcdiag /v /q /e /c

         [DCM] No security related replication errors were found on this DC!  To target the connection to a specific source DC use /ReplSource:<DC>.
         ** Did not run Outbound Secure Channels test because /testdomain: was not entered
         Warning: DsGetDcName returned information for \\DCM.X.com, when we were trying to reach DCA2.
         SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
         ......................... DCA2 failed test Advertising
         [DCA2] No security related replication errors were found on this DC!  To target the connection to a specific source DC use /ReplSource:<DC>.
         Unable to connect to the NETLOGON share! (\\DCA2\netlogon)
         [DCA2] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
         ......................... DCA2 failed test NetLogons
         ** Did not run Outbound Secure Channels test because /testdomain: was not entered
         Warning: DsGetDcName returned information for \\DCM.X.com, when we were trying to reach DCA3.
         SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
         ......................... DCA3 failed test Advertising
         [DCA3] No security related replication errors were found on this DC!  To target the connection to a specific source DC use /ReplSource:<DC>.
         The event log DFS Replication on server DCA3.X.com could not be queried, error 0x6ba "The RPC server is unavailable."
         ......................... DCA3 failed test DFSREvent
         The event log Directory Service on server DCA3.X.com could not be queried, error 0x6ba "The RPC server is unavailable."
         ......................... DCA3 failed test KccEvent
         Unable to connect to the NETLOGON share! (\\DCA3\netlogon)
         [DCA3] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
         ......................... DCA3 failed test NetLogons
         ** Did not run Outbound Secure Channels test because /testdomain: was not entered
         The event log System on server DCA3.X.com could not be queried, error 0x6ba "The RPC server is unavailable."
         ......................... DCA3 failed test SystemLog
         Warning: DsGetDcName returned information for \\DCM.X.com, when we were trying to reach DCA.
         SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
         ......................... DCA failed test Advertising
         [DCA] No security related replication errors were found on this DC!  To target the connection to a specific source DC use /ReplSource:<DC>.
         Unable to connect to the NETLOGON share! (\\DCA\netlogon)
         [DCA] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
         ......................... DCA failed test NetLogons
         ** Did not run Outbound Secure Channels test because /testdomain: was not entered
         Test results for domain controllers:

            DC: DCM.X.com
            Domain: X.com

               TEST: Delegations (Del)
                  Error: DNS server: mail.X.com. IP:192.168.10.45 [Broken delegated domain _msdcs.X.com.]

            DC: DCA2.X.com
            Domain: X.com

               TEST: Delegations (Del)
                  Error: DNS server: mail.X.com. IP:192.168.10.45 [Broken delegated domain _msdcs.X.com.]

            DC: DCA3.X.com
            Domain: X.com

               TEST: Delegations (Del)
                  Error: DNS server: mail.X.com. IP:192.168.10.45 [Broken delegated domain _msdcs.X.com.]

            DC: DCA.X.com
            Domain: X.com

               TEST: Delegations (Del)
                  Error: DNS server: mail.X.com. IP:192.168.10.45 [Broken delegated domain _msdcs.X.com.]

         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
            _________________________________________________________________
            Domain: X.com
               DCM                          PASS PASS PASS FAIL PASS PASS n/a
               DCA2                         PASS PASS PASS FAIL PASS PASS n/a
               DCA3                         PASS PASS PASS FAIL PASS PASS n/a
               DCA                          PASS PASS PASS FAIL PASS PASS n/a

        ......................... X.com failed test DNS

-------------------------------------------------------

C:\Windows\system32>  repadmin /replsummary
Replication Summary Start Time: 2022-04-17 16:52:15

Beginning data collection for replication summary, this may take awhile:
  .......

Source DSA          largest delta    fails/total %%   error
 DCA                       25m:02s    0 /  10    0
 DCA2                      25m:02s    0 /  15    0
 DCA3                      25m:04s    0 /  10    0
 DCM                       25m:04s    0 /  10    0

Destination DSA     largest delta    fails/total %%   error
 DCA                       25m:03s    0 /  10    0
 DCA2                      25m:03s    0 /  10    0
 DCA3                      25m:05s    0 /  10    0

 DCM                       25m:05s    0 /  15

---------------------------------

C:\Windows\system32>repadmin /showrepl

Repadmin: running command /showrepl against full DC localhost
Default-First-Site-Name\DCM
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 3aa8df91-2018-4e1a-a21e-31fd9fde900d
DSA invocationID: 6c236735-db35-4c28-9b04-4c70973a50b9

==== INBOUND NEIGHBORS ======================================

DC=X,DC=com
    Default-First-Site-Name\DCA3 via RPC
        DSA object GUID: 82d38001-e9b5-47cd-995d-8deabcb3ed7a
        Last attempt @ 2022-04-17 16:27:12 was successful.
    Default-First-Site-Name\DCA via RPC
        DSA object GUID: 2c353b7f-5fb7-49e2-8967-f6490e0aa7a4
        Last attempt @ 2022-04-17 16:27:13 was successful.
    Default-First-Site-Name\DCA2 via RPC
        DSA object GUID: 0e1ad765-6763-4bbd-a7c8-da82e3bbe491
        Last attempt @ 2022-04-17 16:41:39 was successful.

CN=Configuration,DC=X,DC=com
    Default-First-Site-Name\DCA3 via RPC
        DSA object GUID: 82d38001-e9b5-47cd-995d-8deabcb3ed7a
        Last attempt @ 2022-04-17 16:27:11 was successful.
    Default-First-Site-Name\DCA via RPC
        DSA object GUID: 2c353b7f-5fb7-49e2-8967-f6490e0aa7a4
        Last attempt @ 2022-04-17 16:27:13 was successful.
    Default-First-Site-Name\DCA2 via RPC
        DSA object GUID: 0e1ad765-6763-4bbd-a7c8-da82e3bbe491
        Last attempt @ 2022-04-17 16:41:39 was successful.

CN=Schema,CN=Configuration,DC=X,DC=com
    Default-First-Site-Name\DCA3 via RPC
        DSA object GUID: 82d38001-e9b5-47cd-995d-8deabcb3ed7a
        Last attempt @ 2022-04-17 16:27:11 was successful.
    Default-First-Site-Name\DCA via RPC
        DSA object GUID: 2c353b7f-5fb7-49e2-8967-f6490e0aa7a4
        Last attempt @ 2022-04-17 16:27:13 was successful.
    Default-First-Site-Name\DCA2 via RPC
        DSA object GUID: 0e1ad765-6763-4bbd-a7c8-da82e3bbe491
        Last attempt @ 2022-04-17 16:41:39 was successful.

DC=ForestDnsZones,DC=X,DC=com
    Default-First-Site-Name\DCA3 via RPC
        DSA object GUID: 82d38001-e9b5-47cd-995d-8deabcb3ed7a
        Last attempt @ 2022-04-17 16:27:11 was successful.
    Default-First-Site-Name\DCA via RPC
        DSA object GUID: 2c353b7f-5fb7-49e2-8967-f6490e0aa7a4
        Last attempt @ 2022-04-17 16:27:13 was successful.
    Default-First-Site-Name\DCA2 via RPC
        DSA object GUID: 0e1ad765-6763-4bbd-a7c8-da82e3bbe491
        Last attempt @ 2022-04-17 16:41:39 was successful.

DC=DomainDnsZones,DC=X,DC=com
    Default-First-Site-Name\DCA via RPC
        DSA object GUID: 2c353b7f-5fb7-49e2-8967-f6490e0aa7a4
        Last attempt @ 2022-04-17 16:33:27 was successful.
    Default-First-Site-Name\DCA3 via RPC
        DSA object GUID: 82d38001-e9b5-47cd-995d-8deabcb3ed7a
        Last attempt @ 2022-04-17 16:33:32 was successful.
    Default-First-Site-Name\DCA2 via RPC
        DSA object GUID: 0e1ad765-6763-4bbd-a7c8-da82e3bbe491
        Last attempt @ 2022-04-17 16:41:39 was successful.

-------------------------------------------

repadmin /kcc

Repadmin: running command /kcc against full DC localhost
Default-First-Site-Name
Current Site Options: (none)

Consistency check on localhost successful.

---------------------------------------------

repadmin /replicate dcm dca dc=X,dc=com
Sync from dca to dcm completed successfully.

C:\Windows\system32>repadmin /replicate dcm dca2 dc=X,dc=com
Sync from dca2 to dcm completed successfully.

C:\Windows\system32>repadmin /replicate dcm dca3 dc=X,dc=com
Sync from dca3 to dcm completed successfully.