{"id":248953,"date":"2024-05-02T13:01:56","date_gmt":"2024-05-02T13:01:56","guid":{"rendered":"https:\/\/www.ninjaone.com\/?post_type=script_hub&#038;p=248953"},"modified":"2024-05-02T13:01:56","modified_gmt":"2024-05-02T13:01:56","slug":"guida-al-report-sull-integrita-della-replica-di-ad","status":"publish","type":"script_hub","link":"https:\/\/www.ninjaone.com\/it\/script-hub\/guida-al-report-sull-integrita-della-replica-di-ad\/","title":{"rendered":"Report sull\u2019integrit\u00e0 della replica di Active Directory: Guida completa a PowerShell"},"content":{"rendered":"<h2>Punti chiave<\/h2>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><strong>Ruolo importante dell\u2019integrit\u00e0 di AD<\/strong>: L\u2019integrit\u00e0 di Active Directory \u00e8 fondamentale per la stabilit\u00e0 e la sicurezza della rete.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><strong>Funzionalit\u00e0 dello script completa<\/strong>: Lo script offre una suite completa di controlli sull\u2019integrit\u00e0 della replica di AD, compresi i controlli preliminari, la gestione dei parametri e l&#8217;analisi dettagliata dei risultati.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><strong>Parametri personalizzabili<\/strong>: Consente di effettuare adeguamenti specifici per l&#8217;ambiente con parametri come <strong>ErrorCount<\/strong> e <strong>EventLogStart<\/strong>.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><strong>Identificazione proattiva dei problemi<\/strong>: Aiuta a rilevare tempestivamente gli errori di replica, prevenendo potenziali problemi su larga scala.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"5\" data-aria-level=\"1\"><strong>Approfondimenti sul registro eventi<\/strong>: Analizza i registri degli eventi per individuare eventi specifici relativi alla replica, fornendo informazioni diagnostiche pi\u00f9 approfondite.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"6\" data-aria-level=\"1\"><strong>Verifica SYSVOL<\/strong>: Controlla la presenza della condivisione SYSVOL critica, garantendo la funzionalit\u00e0 essenziale di AD.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"7\" data-aria-level=\"1\"><strong>Risultati esportabili<\/strong>: Offre la possibilit\u00e0 di esportare i report sull\u2019integrit\u00e0 in formato CSV o TXT, per agevolare la documentazione e la conformit\u00e0.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"8\" data-aria-level=\"1\"><strong>Si raccomanda un monitoraggio automatico e regolare<\/strong>: L&#8217;esecuzione regolare e automatica dello script per visualizzare il report sull&#8217;integrit\u00e0 della replica di AD \u00e8 consigliata per una valutazione continua dell\u2019integrit\u00e0.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"9\" data-aria-level=\"1\"><strong>Sono richiesti privilegi amministrativi<\/strong>: Per una piena funzionalit\u00e0, deve essere eseguito con diritti amministrativi su un controller di dominio.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"10\" data-aria-level=\"1\"><strong>Potenziamento con strumenti di gestione IT<\/strong>: Pu\u00f2 essere efficacemente abbinato a strumenti come NinjaOne per un approccio pi\u00f9 integrato alla gestione IT.<\/li>\n<\/ul>\n<h2>Introduzione<\/h2>\n<p><a href=\"https:\/\/www.ninjaone.com\/it\/rmm\/gestione-di-active-directory\/\">Active Directory (AD)<\/a> costituisce la base della gestione delle identit\u00e0 e degli accessi nella maggior parte degli ambienti IT aziendali. Garantire l\u2019integrit\u00e0 e l&#8217;efficienza operativa non \u00e8 solo un processo di routine, ma una responsabilit\u00e0 fondamentale. Tale importanza diventa ancora pi\u00f9 evidente considerando la complessit\u00e0 dei moderni ambienti di rete e le conseguenze nefaste di qualsiasi potenziale guasto o violazione.<\/p>\n<h2>Background<\/h2>\n<p>Lo script PowerShell in questione \u00e8 progettato per monitorare e segnalare l\u2019integrit\u00e0 dei processi di replica AD. Per i professionisti IT e i <a href=\"https:\/\/www.ninjaone.com\/it\/cos-e-un-msp\/\">fornitori di servizi gestiti (MSP)<\/a>, garantire una replica AD senza problemi \u00e8 essenziale. I problemi di replica possono portare a difficolt\u00e0 di autenticazione, dati incoerenti e, eventualmente, a guasti a livello di sistema. Questo script \u00e8 uno strumento importante per identificare e affrontare preventivamente tali problemi.<\/p>\n<h2>Lo script per visualizzare il report sull&#8217;integrit\u00e0 della replica di AD:<\/h2>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"powershell\">#Requires -Version 5.1\r\n\r\n&lt;#\r\n.SYNOPSIS\r\n    This will get the current status of AD Replication and alert if it's abnormal, as well as provide some diagnostic info.\r\n.DESCRIPTION\r\n    This will get the current status of AD Replication and alert if it's abnormal, as well as provide some diagnostic info.\r\n\r\n.EXAMPLE \r\n    (No Parameters)\r\n\r\n    WARNING: Replication has failed 100 or more times. See Diagnostic Info for more details\r\n \r\n    ### Diagnostic Info ###\r\n\r\n    Repadmin: running command \/showrepl against full DC localhost\r\n    Default-First-Site-Name\\SRV19-TEST\r\n    DSA Options: IS_GC \r\n    Site Options: (none)\r\n    DSA object GUID: ffe29454-2a68-4ba8-a877-d5a49b382d16\r\n    DSA invocationID: ffe29454-2a68-4ba8-a877-d5a49b382d16\r\n\r\nPARAMETER: -ErrorCount \"99999999999999\"\r\n    The number of errors until AD Replication is considered unhealthy.\r\n.EXAMPLE\r\n    -ErrorCount \"99999999999999\"\r\n\r\n    AD Replication appears to be healthy. Please check below to confirm.\r\n\r\n    Destination DSA Last Success Time   Failures Naming Context                           \r\n    --------------- -----------------   -------- --------------                           \r\n    SRV19-TEST      2023-04-17 17:12:45 179      DC=test,DC=lan                           \r\n    SRV19-TEST      2023-04-17 16:51:45 21       CN=Configuration,DC=test,DC=lan          \r\n    SRV19-TEST      2023-04-17 16:51:45 21       CN=Schema,CN=Configuration,DC=test,DC=lan\r\n    SRV19-TEST      2023-04-17 17:06:18 22       DC=DomainDnsZones,DC=test,DC=lan         \r\n    SRV19-TEST      2023-04-17 17:06:15 22       DC=ForestDnsZones,DC=test,DC=lan \r\n\r\nPARAMETER: -EventLogStart \"48\"\r\n    Time in hours to search through event logs for possible issues.\r\n.EXAMPLE\r\n    -EventLogStart \"48\"\r\n\r\n    DsBindWithCred to localhost failed with status 5\r\n    WARNING: Directory Service Log Event ID 1864 shows failure to replicate in &gt; 1 week\r\n \r\n\r\n    TimeCreated           Id LogName           Level Message                                                    \r\n    -----------           -- -------           ----- -------                                                    \r\n    7\/2\/2028 8:34:33 AM 1864 Directory Service Error This is the replication status for the following directo...\r\n    7\/2\/2028 8:34:33 AM 1864 Directory Service Error This is the replication status for the following directo...\r\n\r\nPARAMETER: -ErrorCustomField \"ReplaceMeWithAnyIntegerCustomField\"\r\n    Name of an integer custom field that contains your desired ErrorCount threshold.\r\n    ex. \"AllowedADerrors\" where you have entered in your desired ErrorCount limit in the \"AllowedADerrors\" custom field rather than in a parameter.\r\nPARAMETER: -EventLogCustomField \"ReplaceMeWithAnyIntegerCustomField\"\r\n    Name of an integer custom field that contains your desired EventLogStart threshold.\r\n    ex. \"ADeventsAgeLimit\" where you have entered in your desired EventLogStart limit in the \"ADeventsAgeLimit\" custom field rather than in a parameter.\r\n.EXAMPLE\r\n    -ErrorCustomField \"ReplaceMeWithAnyIntegerCustomField\" -EventLogCustomField \"ReplaceMeWithAnyIntegerCustomField\"\r\n    \r\n    DsBindWithCred to localhost failed with status 5\r\n    WARNING: Directory Service Log Event ID 1864 shows failure to replicate in &gt; 1 week\r\n\r\n    TimeCreated           Id LogName           Level Message                                                    \r\n    -----------           -- -------           ----- -------                                                    \r\n    7\/2\/2028 8:34:33 AM 1864 Directory Service Error This is the replication status for the following directo...\r\n    7\/2\/2028 8:34:33 AM 1864 Directory Service Error This is the replication status for the following directo...\r\n\r\nPARAMETER:  -ExportCSV \"ReplaceMeWithAnyMultiLineCustomField\"\r\n    Name of a multi-line customfield you'd like to export the results to (in csv format).\r\n.EXAMPLE\r\n    -ExportCSV \"ReplaceMeWithAnyMultiLineCustomField\"\r\n    \r\n    DsBindWithCred to localhost failed with status 5\r\n    WARNING: Directory Service Log Event ID 1864 shows failure to replicate in &gt; 1 week\r\n\r\n    TimeCreated           Id LogName           Level Message                                                    \r\n    -----------           -- -------           ----- -------                                                    \r\n    7\/2\/2028 8:34:33 AM 1864 Directory Service Error This is the replication status for the following directo...\r\n    7\/2\/2028 8:34:33 AM 1864 Directory Service Error This is the replication status for the following directo...\r\n    \r\nPARAMETER: -ExportTXT \"ReplaceMeWithAnyMultiLineCustomField\"\r\n    Name of a multiline customfield you'd like to export the results to.\r\n.EXAMPLE\r\n    -ExportTXT \"ReplaceMeWithAnyMultiLineCustomField\"\r\n\r\n    DsBindWithCred to localhost failed with status 5\r\n    WARNING: Directory Service Log Event ID 1864 shows failure to replicate in &gt; 1 week\r\n \r\n\r\n    TimeCreated           Id LogName           Level Message                                                    \r\n    -----------           -- -------           ----- -------                                                    \r\n    7\/2\/2028 8:34:33 AM 1864 Directory Service Error This is the replication status for the following directo...\r\n    7\/2\/2028 8:34:33 AM 1864 Directory Service Error This is the replication status for the following directo...\r\n.OUTPUTS\r\n    \r\n.NOTES\r\n    Minimum OS Architecture Supported: Server 2016+\r\n    Release Notes: Renamed script and added Script Variable support\r\nBy using this script, you indicate your acceptance of the following legal terms as well as our Terms of Use at https:\/\/www.ninjaone.com\/terms-of-use.\r\n    Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms. \r\n    Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party. \r\n    Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library or website belonging to or under the control of any other software provider. \r\n    Warranty Disclaimer: The script is provided \u201cas is\u201d and \u201cas available\u201d, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations. \r\n    Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks. \r\n    Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script. \r\n    EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).\r\n#&gt;\r\n\r\n[CmdletBinding()]\r\nparam (\r\n    [Parameter()]\r\n    [int]$EventLogStart = \"24\",\r\n    [Parameter()]\r\n    [int]$ErrorCount = \"100\",\r\n    [Parameter()]\r\n    [String]$EventLogCustomField,\r\n    [Parameter()]\r\n    [String]$ErrorCustomField,\r\n    [Parameter()]\r\n    [String]$ExportCSV,\r\n    [Parameter()]\r\n    [String]$ExportTXT\r\n)\r\nbegin {\r\n    function Test-IsElevated {\r\n        $id = [System.Security.Principal.WindowsIdentity]::GetCurrent()\r\n        $p = New-Object System.Security.Principal.WindowsPrincipal($id)\r\n        $p.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator)\r\n    }\r\n    function Test-IsSystem {\r\n        $id = [System.Security.Principal.WindowsIdentity]::GetCurrent()\r\n        return $id.Name -like \"NT AUTHORITY*\" -or $id.IsSystem\r\n    }\r\n\r\n    function Test-IsDomainController {\r\n        $OS = Get-CimInstance -ClassName Win32_OperatingSystem\r\n\r\n        if ($OS.ProductType -eq \"2\") {\r\n            return $true\r\n        }\r\n    }\r\n\r\n    if (!(Test-IsElevated) -and !(Test-IsSystem)) {\r\n        Write-Error -Message \"Access Denied. Please run with Administrator privileges.\"\r\n        exit 1\r\n    }\r\n\r\n    if (!(Test-IsDomainController)) {\r\n        Write-Error \"This is not a domain controller. Please run this script on a DC.\"\r\n        exit 1\r\n    }\r\n\r\n    # If script variables are used grab that and replace the static ones.\r\n    if ($env:hoursBackToSearchEventLog -and $env:hoursBackToSearchEventLog -notlike \"null\") { $EventLogStart = $env:hoursBackToSearchEventLog }\r\n    if ($env:errorCountToAlertOn -and $env:errorCountToAlertOn -notlike \"null\") { $ErrorCount = $env:errorCountToAlertOn }\r\n    if ($env:retrieveHoursBackFromCustomFieldNamed -and $env:retrieveHoursBackFromCustomFieldNamed -notlike \"null\") { $EventLogCustomField = $env:retrieveHoursBackFromCustomFieldNamed }\r\n    if ($env:retrieveErrorCountFromCustomFieldNamed -and $env:retrieveErrorCountFromCustomFieldNamed -notlike \"null\") { $ErrorCustomField = $env:retrieveErrorCountFromCustomFieldNamed }\r\n    if ($env:exportCsvResultsToThisCustomField -and $env:exportCsvResultsToThisCustomField -notlike \"null\") { $ExportCSV = $env:exportCsvResultsToThisCustomField }\r\n    if ($env:exportTextResultsToThisCustomField -and $env:exportTextResultsToThisCustomField -notlike \"null\") { $ExportTXT = $env:exportTextResultsToThisCustomField }\r\n\r\n    # This function is to make it easier to set Ninja Custom Fields.\r\n    function Set-NinjaProperty {\r\n        [CmdletBinding()]\r\n        Param(\r\n            [Parameter(Mandatory = $True)]\r\n            [String]$Name,\r\n            [Parameter()]\r\n            [String]$Type,\r\n            [Parameter(Mandatory = $True, ValueFromPipeline = $True)]\r\n            $Value,\r\n            [Parameter()]\r\n            [String]$DocumentName\r\n        )\r\n\r\n        # If we're requested to set the field value for a Ninja document we'll specify it here.\r\n        $DocumentationParams = @{}\r\n        if ($DocumentName) { $DocumentationParams[\"DocumentName\"] = $DocumentName }\r\n\r\n        # This is a list of valid fields we can set. If no type is given we'll assume the input doesn't have to be changed in any way.\r\n        $ValidFields = \"Attachment\", \"Checkbox\", \"Date\", \"Date or Date Time\", \"Decimal\", \"Dropdown\", \"Email\", \"Integer\", \"IP Address\", \"MultiLine\", \"MultiSelect\", \"Phone\", \"Secure\", \"Text\", \"Time\", \"URL\"\r\n        if ($Type -and $ValidFields -notcontains $Type) { Write-Warning \"$Type is an invalid type! Please check here for valid types. https:\/\/ninjarmm.zendesk.com\/hc\/en-us\/articles\/16973443979789-Command-Line-Interface-CLI-Supported-Fields-and-Functionality\" }\r\n\r\n        # The below field requires additional information in order to set\r\n        $NeedsOptions = \"Dropdown\"\r\n        if ($DocumentName) {\r\n            if ($NeedsOptions -contains $Type) {\r\n                # We'll redirect the error output to the success stream to make it easier to error out if nothing was found or something else went wrong.\r\n                $NinjaPropertyOptions = Ninja-Property-Docs-Options -AttributeName $Name @DocumentationParams 2&gt;&amp;1\r\n            }\r\n        }\r\n        else {\r\n            if ($NeedsOptions -contains $Type) {\r\n                $NinjaPropertyOptions = Ninja-Property-Options -Name $Name 2&gt;&amp;1\r\n            }\r\n        }\r\n\r\n        # If we received some sort of error it should have an exception property and we'll exit the function with that error information.\r\n        if ($NinjaPropertyOptions.Exception) { throw $NinjaPropertyOptions }\r\n\r\n        # The below type's require values not typically given in order to be set. The below code will convert whatever we're given into a format ninjarmm-cli supports.\r\n        switch ($Type) {\r\n            \"Checkbox\" {\r\n                # While it's highly likely we were given a value like \"True\" or a boolean datatype it's better to be safe than sorry.\r\n                $NinjaValue = [System.Convert]::ToBoolean($Value)\r\n            }\r\n            \"Date or Date Time\" {\r\n                # Ninjarmm-cli is expecting the time to be representing as a Unix Epoch string. So we'll convert what we were given into that format.\r\n                $Date = (Get-Date $Value).ToUniversalTime()\r\n                $TimeSpan = New-TimeSpan (Get-Date \"1970-01-01 00:00:00\") $Date\r\n                $NinjaValue = $TimeSpan.TotalSeconds\r\n            }\r\n            \"Dropdown\" {\r\n                # Ninjarmm-cli is expecting the guid of the option we're trying to select. So we'll match up the value we were given with a guid.\r\n                $Options = $NinjaPropertyOptions -replace '=', ',' | ConvertFrom-Csv -Header \"GUID\", \"Name\"\r\n                $Selection = $Options | Where-Object { $_.Name -eq $Value } | Select-Object -ExpandProperty GUID\r\n\r\n                if (-not $Selection) {\r\n                    throw \"Value is not present in dropdown\"\r\n                }\r\n\r\n                $NinjaValue = $Selection\r\n            }\r\n            default {\r\n                # All the other types shouldn't require additional work on the input.\r\n                $NinjaValue = $Value\r\n            }\r\n        }\r\n\r\n        # We'll need to set the field differently depending on if its a field in a Ninja Document or not.\r\n        if ($DocumentName) {\r\n            $CustomField = Ninja-Property-Docs-Set -AttributeName $Name -AttributeValue $NinjaValue @DocumentationParams 2&gt;&amp;1\r\n        }\r\n        else {\r\n            $CustomField = Ninja-Property-Set -Name $Name -Value $NinjaValue 2&gt;&amp;1\r\n        }\r\n\r\n        if ($CustomField.Exception) {\r\n            throw $CustomField\r\n        }\r\n    }\r\n\r\n    # Shortened Version from \"Example - Get Ninja Property\"\r\n    function Get-NinjaProperty {\r\n        [CmdletBinding()]\r\n        Param(\r\n            [Parameter(Mandatory = $True, ValueFromPipeline = $True)]\r\n            [String]$Name,\r\n            [Parameter()]\r\n            [String]$Type,\r\n            [Parameter()]\r\n            [String]$DocumentName\r\n        )\r\n\r\n        # If we're requested to get the field value from a Ninja document we'll specify it here.\r\n        $DocumentationParams = @{}\r\n        if ($DocumentName) { $DocumentationParams[\"DocumentName\"] = $DocumentName }\r\n\r\n        # These two types require more information to parse.\r\n        $NeedsOptions = \"DropDown\", \"MultiSelect\"\r\n\r\n        # Grabbing document values requires a slightly different command.\r\n        if ($DocumentName) {\r\n            # Secure fields are only readable when they're a device custom field\r\n            if ($Type -Like \"Secure\") { throw \"$Type is an invalid type! Please check here for valid types. https:\/\/ninjarmm.zendesk.com\/hc\/en-us\/articles\/16973443979789-Command-Line-Interface-CLI-Supported-Fields-and-Functionality\" }\r\n\r\n            # We'll redirect the error output to the success stream to make it easier to error out if nothing was found or something else went wrong.\r\n            Write-Host \"Retrieving value from Ninja Document...\"\r\n            $NinjaPropertyValue = Ninja-Property-Docs-Get -AttributeName $Name @DocumentationParams 2&gt;&amp;1\r\n\r\n            # Certain fields require more information to parse.\r\n            if ($NeedsOptions -contains $Type) {\r\n                $NinjaPropertyOptions = Ninja-Property-Docs-Options -AttributeName $Name @DocumentationParams 2&gt;&amp;1\r\n            }\r\n        }\r\n        else {\r\n            # We'll redirect error output to the success stream to make it easier to error out if nothing was found or something else went wrong.\r\n            $NinjaPropertyValue = Ninja-Property-Get -Name $Name 2&gt;&amp;1\r\n\r\n            # Certain fields require more information to parse.\r\n            if ($NeedsOptions -contains $Type) {\r\n                $NinjaPropertyOptions = Ninja-Property-Options -Name $Name 2&gt;&amp;1\r\n            }\r\n        }\r\n\r\n        # If we received some sort of error it should have an exception property and we'll exit the function with that error information.\r\n        if ($NinjaPropertyValue.Exception) { throw $NinjaPropertyValue }\r\n        if ($NinjaPropertyOptions.Exception) { throw $NinjaPropertyOptions }\r\n\r\n        # This switch will compare the type given with the quoted string. If it matches, it'll parse it further; otherwise, the default option will be selected.\r\n        switch ($Type) {\r\n            \"Integer\" {\r\n                # Cast's the Ninja provided string into an integer.\r\n                if (-not $NinjaPropertyValue) {\r\n                    throw \"CustomField $Name is empty!\"\r\n                }\r\n                [int]$NinjaPropertyValue\r\n            }\r\n            default {\r\n                # If no type was given or not one that matches the above types just output what we retrieved.\r\n                $NinjaPropertyValue\r\n            }\r\n        }\r\n    }\r\n\r\n    $ExitCode = 0\r\n}process {\r\n\r\n    # Grabbing the information from custom fields (if any)\r\n    if ($ErrorCustomField) {\r\n        try {\r\n            $FieldCount = Get-NinjaProperty -Name $ErrorCustomField -Type \"Integer\"\r\n            if ($FieldCount) { $ErrorCount = $FieldCount }\r\n        }\r\n        catch {\r\n            Write-Error -Message $_.ToString() -Category InvalidOperation -Exception (New-Object System.Exception)\r\n            exit 1\r\n        }\r\n    } \r\n    if ($EventLogCustomField) {\r\n        try {\r\n            $FieldStart = Get-NinjaProperty -Name $EventLogCustomField -Type \"Integer\"\r\n            if ($FieldStart) { $EventLogStart = $FieldStart } \r\n        }\r\n        catch {\r\n            Write-Error -Message $_.ToString() -Category InvalidOperation -Exception (New-Object System.Exception)\r\n            exit 1\r\n        }\r\n    }\r\n\r\n    $represult = (repadmin.exe \/showrepl \/csv | ConvertFrom-Csv)\r\n\r\n    if ($ExportCSV) {\r\n        try {\r\n            Set-NinjaProperty -Name $ExportCSV -Value (repadmin.exe \/showrepl \/csv)\r\n        }\r\n        catch {\r\n            Write-Error -Message $_.ToString() -Category InvalidOperation -Exception (New-Object System.Exception)\r\n            $ExitCode = 1\r\n        }\r\n    }\r\n\r\n    if ($ExportTXT) {\r\n        $String = $represult | Format-Table -Property \"Destination DSA\", \"Last Success Time\", \"Last Failure Status\", \"Number of Failures\", \"Naming Context\" | Out-String\r\n        try {\r\n            Set-NinjaProperty -Name $ExportTXT -Value $String\r\n        }\r\n        catch {\r\n            Write-Error -Message $_.ToString() -Category InvalidOperation -Exception (New-Object System.Exception)\r\n            $ExitCode = 1\r\n        }\r\n    }\r\n\r\n    if ($represult.\"Number of Failures\" -ge $ErrorCount) {\r\n        Write-Warning \"Replication has failed $ErrorCount or more times. See Diagnostic Info for more details\"\r\n\r\n        # The Table version is a bit more to the point but the description gives you more of an idea of what's going wrong than in the non-table version.\r\n        Write-Host '### Diagnostic Info ###'\r\n        repadmin.exe \/showrepl \/errorsonly\r\n        $represult | Format-Table -Property \"Destination DSA\", \"Last Success Time\", @{Name = \"Failures\"; Expression = { $_.\"Number of Failures\" } }, \"Naming Context\" | Out-String | Write-Host\r\n        \r\n        Exit 1\r\n    }\r\n    else {\r\n        Write-Host \"No errors found in repadmin \/showrepl \/csv\"\r\n    }\r\n\r\n    # Check Event Log for replication failure\r\n    $Date = (Get-Date).AddHours(-$EventLogStart)\r\n\r\n    $Events = Get-WinEvent -FilterHashtable @{LogName = \"Directory Service\"; Id = 1864; StartTime = $Date } -ErrorAction SilentlyContinue | \r\n        Where-Object { ($_.Message -replace \"`r`n\", \" \") -match \"More than a week: [1-9]+.*\" }\r\n\r\n    if ($Events) {\r\n        Write-Warning \"Directory Service Log Event ID 1864 shows failure to replicate in &gt; 1 week\"\r\n        $Events | Format-Table -Property TimeCreated, Id, LogName, @{Name = \"Level\"; Expression = { $_.LevelDisplayName } }, Message -AutoSize | Out-String | Write-Host\r\n\r\n        Exit 1\r\n    }\r\n    else {\r\n        Write-Host \"No bad event viewer events found since $Date.\"\r\n    }\r\n\r\n    # Check if Sysvol is present\r\n    $sysvol = (Get-CimInstance Win32_Share) | Where-Object { $_.name -eq \"SYSVOL\" }\r\n    if (!($sysvol.Path)) {\r\n        Write-Warning \"SYSVOL is Missing!\"\r\n        Get-CimInstance Win32_Share | Out-String | Write-Host\r\n        \r\n        Exit 1\r\n    }\r\n    else {\r\n        Write-Host \"SYSVOL appears to be present.\"\r\n    }\r\n\r\n    Write-Host \"AD Replication appears to be healthy. Please check script output and other sources to confirm.\"\r\n    $Report = $represult | Format-Table -Property \"Destination DSA\", \"Last Success Time\", @{Name = \"Failures\"; Expression = { $_.\"Number of Failures\" } }, \"Naming Context\" | Out-String\r\n    \r\n    if ($Report) {\r\n        $Report | Write-Host\r\n    }\r\n\r\n    exit $ExitCode\r\n\r\n}end {\r\n    \r\n    \r\n    \r\n}<\/pre>\n<p>&nbsp;<\/p>\n\n<div class=\"in-context-cta\"><p>Accedi a oltre 700 script nel Dojo NinjaOne<\/p>\n<p><a href=\"https:\/\/www.ninjaone.com\/it\/prova-gratuita\/\">Ottieni l&#8217;accesso<\/a><\/p>\n<\/div>\n<h2>Analisi dettagliata<\/h2>\n<p>Lo script svolge diverse funzioni chiave:<\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><strong>Controlli preliminari<\/strong>: Inizia verificando se \u00e8 in esecuzione su un controller di dominio (DC) e se dispone di privilegi amministrativi, assicurandosi che si trovi nell&#8217;ambiente corretto per svolgere le sue attivit\u00e0.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><strong>Gestione dei parametri<\/strong>: Lo script accetta parametri come <strong>ErrorCount<\/strong> ed <strong>EventLogStart<\/strong>, consentendo la personalizzazione in base a diversi ambienti o requisiti.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><strong>Controllo dello stato di replica<\/strong>: Utilizzando <strong>repadmin.exe<\/strong>, si controlla lo stato attuale di replica. Lo script avvisa se il numero di errori di replica supera una soglia definita.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><strong>Analisi del registro eventi<\/strong>: Esamina il registro eventi di Directory Service alla ricerca di eventi specifici (come l&#8217;ID 1864), che possono indicare problemi di replica in un periodo definito.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"5\" data-aria-level=\"1\"><strong>Controllo di SYSVOL<\/strong>: Lo script verifica la presenza della condivisione SYSVOL, un componente fondamentale per il funzionamento di AD.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"6\" data-aria-level=\"1\"><strong>Gestione dei risultati<\/strong>: A seconda dei risultati, viene emesso un report sull\u2019integrit\u00e0 o un avviso su potenziali problemi. Esiste anche una funzionalit\u00e0 per esportare i risultati in file CSV o TXT.<\/li>\n<\/ul>\n<h2>Casi d&#8217;uso potenziali<\/h2>\n<p>Immagina un amministratore IT, Alex, che lavora in un&#8217;azienda con un ambiente AD multisito. Alex utilizza questo script per monitorare regolarmente l\u2019integrit\u00e0 dell&#8217;AD su tutti i siti. Individuando tempestivamente un problema di replica su un sito, Alex \u00e8 in grado di prevenire una grave crisi di autenticazione, garantendo a tutti gli utenti un accesso ininterrotto alle risorse di rete.<\/p>\n<h2>Confronti<\/h2>\n<p>Normalmente, i controlli sullo stato di salute dell&#8217;AD vengono eseguiti manualmente o utilizzando script di base che offrono informazioni limitate. L&#8217;approccio completo di questo script, che include parametri per la personalizzazione e opzioni di esportazione, lo rende unico. \u00c8 pi\u00f9 completo del semplice utilizzo degli strumenti di Windows Server AD e meno complesso dell&#8217;implementazione di una soluzione di monitoraggio completa.<\/p>\n<h2>Domande frequenti<\/h2>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"7\" data-aria-level=\"1\"><strong>Con quale frequenza dovrei eseguire questo script?<br \/>\n<\/strong>Si consiglia un&#8217;esecuzione regolare, ad esempio settimanale, anche se pu\u00f2 variare in base alle dimensioni e alla complessit\u00e0 dell&#8217;organizzazione.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"8\" data-aria-level=\"1\"><strong>Quali privilegi sono necessari per eseguire lo script per visualizzare il report sull&#8217;integrit\u00e0 della replica di AD?<br \/>\n<\/strong>\u00c8 necessario disporre dei privilegi amministrativi su un controller di dominio.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"9\" data-aria-level=\"1\"><strong>Posso personalizzare le soglie degli avvisi?<br \/>\n<\/strong>S\u00ec, i parametri <strong>ErrorCount<\/strong> e <strong>EventLogStart<\/strong> consentono la personalizzazione.<\/li>\n<\/ul>\n<h2>Implicazioni<\/h2>\n<p>L\u2019errore di replica di AD pu\u00f2 comportare gravi rischi operativi e di sicurezza. Questo script favorisce il rilevamento preventivo, fondamentale per mantenere l&#8217;integrit\u00e0 e la sicurezza dell&#8217;ambiente IT. La capacit\u00e0 di esportare report dettagliati \u00e8 vitale per gli audit e la conformit\u00e0.<\/p>\n<h2>Raccomandazioni<\/h2>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"10\" data-aria-level=\"1\"><strong>Programmazione regolare<\/strong>: Automatizza l&#8217;esecuzione dello script a intervalli regolari.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"11\" data-aria-level=\"1\"><strong>Personalizzazione<\/strong>: Adatta parametri come <strong>ErrorCount<\/strong> in base al tuo ambiente specifico.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"12\" data-aria-level=\"1\"><strong>Verifica ed esegui<\/strong>: Esamina regolarmente i risultati e adottare misure proattive, se necessario.<\/li>\n<\/ul>\n<h2>Considerazioni finali<\/h2>\n<p>Nel campo della gestione IT, strumenti come NinjaOne possono migliorare l&#8217;utilit\u00e0 di script come il presente, fornendo una <a href=\"https:\/\/www.ninjaone.com\/it\/gestione-endpoint\/gestione-network\/\">piattaforma unificata per il monitoraggio e la gestione dei sistemi di rete<\/a>, compresi gli ambienti AD. Questo script integra tali strumenti, offrendo approfondimenti mirati e diagnosi fondamentali per mantenere l\u2019integrit\u00e0 e la sicurezza di Active Directory.<\/p>\n","protected":false},"author":35,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","_lmt_disableupdate":"no","_lmt_disable":""},"operating_system":[4212],"use_cases":[4275],"class_list":["post-248953","script_hub","type-script_hub","status-publish","hentry","script_hub_category-windows"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.ninjaone.com\/it\/wp-json\/wp\/v2\/script_hub\/248953","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ninjaone.com\/it\/wp-json\/wp\/v2\/script_hub"}],"about":[{"href":"https:\/\/www.ninjaone.com\/it\/wp-json\/wp\/v2\/types\/script_hub"}],"author":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/it\/wp-json\/wp\/v2\/users\/35"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/it\/wp-json\/wp\/v2\/comments?post=248953"}],"wp:attachment":[{"href":"https:\/\/www.ninjaone.com\/it\/wp-json\/wp\/v2\/media?parent=248953"}],"wp:term":[{"taxonomy":"script_hub_category","embeddable":true,"href":"https:\/\/www.ninjaone.com\/it\/wp-json\/wp\/v2\/operating_system?post=248953"},{"taxonomy":"use_cases","embeddable":true,"href":"https:\/\/www.ninjaone.com\/it\/wp-json\/wp\/v2\/use_cases?post=248953"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}