Australia | Top 5 Active Directory Health Check Gotchas

Ross Kirk - 15.03.2022

Top 5 Active Directory Health Check Gotchas

Australia | Top 5 Active Directory Health Check Gotchas

Recently, I have been working on several Active Directory health check, design, and remediation projects. Active Directory is the identity building blocks for numerous critical systems within most businesses. Some organisations neglect to integrate Active Directory checks into their daily checks, but the impact of not having these daily checks can be catastrophic. I have listed my top 5 checks which I would recommend you integrate into your daily morning checks.

AD REPLICATION HEALTH

Regardless if you have 200 domain controllers or 2 domain controllers it is extremely important to ensure all the domain controllers are effectively communicating with one another. There are numerous prerequisites that are required for domain controllers to communicate with each other (hopefully that is already in place!) but regularly checking replication health can allow you to be proactive within your environment. You can also minimise downtime too – the best defence is offence! You can use Repadmin.exe to view the replication topology, as seen from the perspective of each domain controller, then you can troubleshoot accordingly.

BEING FRIENDLY WITH YOUR NETWORK TEAM

Sometimes changes are made in Active Directory and the network team is not informed. Sometimes network team make a topology change and the Active Directory team is not informed. These minor changes may not have a huge impact, but, if it is an architecture or topology change, this can have a huge impact! It is important to have regular checks with network teams to ensure both are aligned. If you are “the one who does it all” kudos to you, just make sure to ensure changes are reflected everywhere.

REGULARLY CHECKING GROUP POLICY

Believe it or not, we are all human after all, some admins apply incorrect group policies to domain controllers. I have seen this in practice. It is one of those issues which takes you days to find, but once you do find it, you are kicking yourself! Regularly checking Group Policy will ensure this does not happen to you.

KEEPING DOMAIN CONTROLLERS UP TO DATE

Domain Controllers can be underrated in the importance they hold. Depending on your infrastructure size they are processing millions of requests daily, or sometimes hourly. It is important to ensure they are patched regularly to ensure they kept away from all the nasties out there on the internet.

DNS

“It’s not DNS. There’s no way it is DNS… It was DNS”. This one is always my go to with AD Health Checks, design or remediations. Based on my experiences to date, DNS causes trouble 99 times out of 100. There is no “one size fits all” but it is of super importance that DNS is designed and implemented correctly. It is worthwhile building DNS checks into daily service desk checks too!

Hopefully this has been informative and helpful! If you need any further clarification, or a no thrills chat, please feel free to reach out to myself, or fellow Insentrons here at Insentra.

THANK YOU FOR YOUR SUBMISSION!

Australia | Top 5 Active Directory Health Check Gotchas

The form was submitted successfully.

Join the Insentra Community with the Insentragram Newsletter

Hungry for more?

If you’re waiting for a sign, this is it.

We’re a certified amazing place to work, with an incredible team and fascinating projects – and we’re ready for you to join us! Go through our simple application process. Once you’re done, we will be in touch shortly!

Who is Insentra?

Imagine a business which exists to help IT Partners & Vendors grow and thrive.

Insentra is a 100% channel business. This means we provide a range of Advisory, Professional and Managed IT services exclusively for and through our Partners.

Our #PartnerObsessed business model achieves powerful results for our Partners and their Clients with our crew’s deep expertise and specialised knowledge.

We love what we do and are driven by a relentless determination to deliver exceptional service excellence.

Australia | Top 5 Active Directory Health Check Gotchas

Insentra ISO 27001:2013 Certification

SYDNEY, WEDNESDAY 20TH APRIL 2022 – We are proud to announce that Insentra has achieved the  ISO 27001 Certification.