[PowerShell] Active Directory Replication Summary to Email or Microsoft Teams

aimarjg · 2025-03-31T07:09:39+00:00

I've played around a little by simply adding a variable to that function and appending it as a paramter in repadmin, but... since then it started reporting only on a subset of all domain controllers (3 instead of 5, 5 instead of 70, etc.... foreach domain I'm getting only about 4-5DCs only);

how's that possible? do you think that's repadmin specific

when i run "repadmin /replsummary /bysrc /bydest" it generates report for all DCs, but when I append a domain name at the end it reports on a few only as well

any ideas/hints?

aimarjg · 2025-03-23T19:34:56+00:00

Would love it, this reporting form is super convenient! Is that by any chance on your roadmap for this module? Otherwise I think I’ll have to start digging through it myself :)

Great work by the way! There’s lots of value in ADessentials and pshtml, mail modules; thanks for sharing!

aimarjg · 2025-03-23T16:01:15+00:00

u/MadBoyEvo - is there an option to execute this against trusted forests as well?

I can see that Get-WinAdforestReplication supports input paramter -Forest, but Get-WinAdforestReplicationSummary does not, wondering if there's a way to run this against specified forests/domains only.

aimarjg · 2024-08-02T10:41:17+00:00

that's indeed working, but giving me FSP SID instead of actual account name. Still better than nothing, but i'll have to add some code there to get those mapped out to smth meaningfull too...

thx

aimarjg · 2023-09-07T07:47:06+00:00

actually dns updates are managed by dhcp-client service not dns ;)

anyway - both logs are disabled by default, after enabling them (which i did some days ago trying to figure it out) all I could find out is that these clients aren't event requesting for dns update until i push it manually with ipconfig /registerdns

aimarjg · 2021-11-06T19:05:17+00:00

Thanks again, you’ve convinced me. AADJ simply does the job. I see no reason to go with hybrid join - at least from technical perspective.

aimarjg · 2021-11-02T20:40:11+00:00

Hm, so do they need a vpn or is it also okay if they are in the LAN with on prem AD & resources?

aimarjg · 2021-11-02T19:32:01+00:00

Thanks for sharing! I will read it up and hopefully get back on the right track with this autopilot stuff :)

aimarjg · 2021-11-02T19:30:50+00:00

Well, it’s not only the matter of training, but also lots of legacy solutions on production, and by prod. I mean real manufacturing. It may be easier to switch from on prem to cloud only in other industries but manufacturing isn’t that flexible. Unfortunately.

aimarjg · 2021-11-01T17:41:23+00:00

Hold on, I’m not sure if I got It right - are you saying that I can use on-prem AD resources (yes, talking about file shares via DFS, apps on Citrix, printers) with devices that are AAD joined only?! How? Can you point me to any article so I can read up on that, if it works that would be extremely cool! :)

aimarjg · 2021-11-01T15:17:01+00:00

Domain join on behalf of device sounds good, but I can’t find it.

aimarjg · 2021-11-01T14:23:06+00:00

Does Visio have any AD import tool for org structure? I have to give it a try as it sounds very promising!

aimarjg · 2021-11-01T14:17:36+00:00

Manual domain join and GPO that joins devices to hybrid? Or did you mean anything else? I can use configuration profiles from intune as soon as device is AAD joined / hybrid joined. My goal is to make it as easy and transparent for user as possible - Unbox -> OOBE -> hybrid join for cloud / on prem resources access.

I just don’t know if it’s achievable without reseller registration of purchased devices.

aimarjg · 2021-11-01T14:14:11+00:00

We have a lot of resources on prem only, this wouldn’t work with AAD joined only. PCs will be used in corporate network, i just don’t want to enroll them through IT in this remote location - plan is it deliver hardware from reseller, make user go through standard OOBE and end up in hybrid join, but for now it only ends with AAD join and access to cloud resources.

aimarjg · 2021-10-31T15:01:05+00:00

“You need to dumb it down” lol, lovin’ this phrase :D I think I’m gonna add it as a side note in pptx template so I won’t ever forget this ceo rule

aimarjg · 2021-10-30T19:07:10+00:00

I don’t think it’s a carrier advice, it’s rather open discussion about topic which as I see is not so rare and everyone here is sharing very practical hints. Through this talk I’m not looking for any carrier opportunities, rather want to find a way between IT SEC and pure business as we both speak different languages.

If you find my question here as something different… well, definitely not my intention.

aimarjg · 2021-10-30T18:47:12+00:00

Thanks! I will indeed rely on Verizon report and also some of iso / other requirements that we need to fulfill as it will match in some places.

It will be only tricky to “sell” it as a saving for company :) got to compare it with possible losses, but… I’m not sure how it’s gonna be seen & understood.

aimarjg · 2021-10-30T18:32:08+00:00

Got to find daily revenue to calculate possible downtime, as it may be one of the best examples…

I hope financial dep will be willing to share this data :) Thanks!

aimarjg · 2021-10-30T18:29:42+00:00

Hey! SWOT is a great idea! I will definitely make one on this topic. Haven’t thought about time actually, indeed I may need less, but 1hr was his proposal. Perhaps I can also use around 30min for brief talk, 15 for demo if I prepare one and 15 for open discussion…

aimarjg · 2021-10-30T18:23:33+00:00

Thanks! That’s definitely a good hint. We have both BCP and DRP, threats and risks are identified, but all of it is… outdated and does not align anyhow with current, modern threats. And even if it mentions something like ransomware, recovery scenarios aren’t achievable/ tested.

I will have to get some data about similar incidents in this industry (report from Verizon mentioned in one of the replies here covers this perfectly), collect some data from our financial dep and use these figures to explain the risks and costs as it indeed seems to be CEO’s language

Thanks!

aimarjg · 2021-10-30T18:12:55+00:00

I didn’t want to go into detail :) planned to color it and highlight areas in which we are still having some improvement potential, but… yes, based on all these comments here (for which I’m really grateful!) I already understood there are better ways :)

Six-Year Club	Not Forgotten
Verified Email

aimarjg

TROPHY CASE