Using Microsoft IT Environment Health Scanner to diagnose our Active Directory

Print Friendly, PDF & Email

Today we see a utility called Microsoft IT Environment Health Scanner, it will help us to diagnose our Microsoft environment, at the Active Directory level. First we will install it and see the number of tests it performs, indicating the status of them. In addition, if we have any problem, it will propose a document from the KB of the Microsoft Support website. It's important, as it can serve as support before making any migration or major change, knowing the state of everything.
We can run it from any computer on the network (in domain) that has the .Net Framework 2.0 installed and a resolution of 800 x 600. It will analyze the most common problems in a few minutes and generate a document with the point-to-point status of the analysis. The tool will be updated before installing it allowing the following analyses:

– Configuring sites and subnets in Active Directory.
– Active Directory Replication, File System, SYSVOL and shared folders.
– Name Resolution with DNS (Domain Name System)
– Configuring Network Adapters for All Domain Controllers, DNS servers and Exchange servers.
– Health of all domain controllers.
– NTP Status (Network Time Protocol) on domain controllers.

Supported Operating Systems: Windows Server 2003 Service Pack 2; Windows Server 2008; Windows Vista Service Pack 1; Windows XP Service Pack 2

To start we download the tool from the website of Microsoft, We run the installer “Next”,

We accept the license agreement “I accept the terms in the License Agreement” & “Next”,

If we want to send information to Microsoft (even if we say no, I'm sure they have us under control), “Next”,

Select the installation directory, default '%ProgramFiles%Microsoft IT Environment Health Scanner', “Next”,

If we want shortcuts, “Next”,

“Install” to install it (Finally!),

… It will take a few seconds…

GOOD, “Finish” To close the installation wizard,

Click on the Microsoft IT Environment Health Scanner icon,

An assistant will appear indicating which tests the tool will give us apart from a brief description, “Next”,

Mark “Install all available updates (recommended)” to update the application to the latest to perform the tests with the fully updated tool, “Update”,

We indicate the UP address of our gateway (o firewall) in addition to your netmask, “Next”,

We can add the rest of the subnets that we want to be analyzed, “Next”,

Click on “Scan” to scan our entire network, We will have to be careful if we have any firewalls on the way that can 'spoof' us’ the results or a firewall enabled on the servers themselves, Scan!

… We waited a long time (Of course, it will depend on the network(s) to be analyzed)…

And we check all the tests you do with your results, in total I have 4 Incidents of type 'Warning’ so we will have to review them and if I did not have them under control we will correct them. If we click on “Open larger view” it will open it in HTML format.

What I said, We'll go over everything, we will correct it and we can hit it again “Scan” so that you can check again that we no longer have any incidents.


Recommended Posts

Implementing FSSOs to integrate Fortigate with Active Directory
Read
Monitoring our firewall's UTM rules thanks to Eicar and Centreon
Read
Implementing Windows LAPS
Read
VPN with Citrix NetScaler III - Authentication with certificates
Read

Author

by Héctor Herrero 
nheobug@bujarra.com
Autor del blog Bujarra.com Cualquier necesidad que tengas, Do not hesitate to contact me, I will try to help you whenever I can, Sharing is living ;) . Enjoy documents!!!

Installing certificates for our users via GPO

18 of March of 2010

Backup Exec Migration 12.5 a Backup Exec 2010

7 de April de 2010