-
Notifications
You must be signed in to change notification settings - Fork 21
Recommended Tool Server Configuration
If you are familiar with the tiered access model you know that Domain Controllers are considered to be Tier0 systems. Our guidance is to create a Tier0 tool server, secure access to it as if it were another DC, and run these monitors from there.
If your environment is smaller and you don't have all your systems segregated into tiers, then our recommendation is to set up a server to run scheduled jobs/scheduled task from. Ideally, this server would only serve this function but we get it that not everyone can dedicate a server to just running batch jobs.
In either scenario, realize that this server is your method for finding and alerting on issues. Whether your org is big or small, access to this box should be limited and changes to this box should be minimal. If your tools server doesn't work correctly, you're blind to all the other issues, so treat this box accordingly. We cannot stress this point enough.
The main point here is that these scripts are meant to run on a repeatable schedule day in and day out, day after day. You want to run these scripts on a server that isn't going to be interrupted with other functions or fighting for resources. This is critical to these tools working as expected.
- Copy-Scripts
- Get-ADConfig
- Get-ADLastBackupDate
- Get-DCDiskSpace
- Restore-PSADHealthConfig
- Set-PSADHealthConfig
- Test-ADConfigMailer
- Test-ADObjectReplication
- Test-ADReplication
- Test-ADServices
- Test-DCsOnline
- Test-ExternalDNSServers
- Test-ExternalTimeSync
- Test-InternalTimeSync
- Test-SRVRecords
- Test-SYSVOLReplication