[SDP3][77b3e8c1-baf1-4bdd-94ff-3640fd9d6665] ADLDS and ADAM Troubleshooter

Applies to: Microsoft Windows XP Service Pack 3Microsoft Windows Server 2003 Service Pack 2Windows Vista Service Pack 2 More

Summary


This diagnostic gathers Actove Directory Application Mode (ADAM) and Active Directory Lightweight Directory Services (ADLDS) information from the system.

More Information


The manifest requires administrative access to the computer hosting LDS and have the "Administrators" role for the LDS instances and naming contexts that should be analyzed.

Information Collected


ADLDS/ADAM Diagnostics Tool
DescriptionFile name
Per-instance DCDiag{ComputerName}_Instance_dcdiag.txt
Per-instance Registry keys{ComputerName}_Instance_reg.txt
Per-instance LDAP Query Policy{ComputerName}_Instance_LdapQueryPolicy.txt
Per-instance Repadmin showreps{ComputerName}_Instance_repadmin_showreps.txt
Per-instance Repadmin replsum{ComputerName}_Instance_repadmin_replsum.txt
Per-instance Per-partition ADAM Sync Config File{ComputerName}_Instance_Partition_AdamSyncConfigFile.txt
User-selected Synchronization Log File{ComputerName}_*.zip

Event Logs - General
DescriptionFile name
Application (.csv .evtx .txt)
{ComputerName}_evt_Application.*
System (.csv .evtx .txt)
{ComputerName}_evt_System.*
Per-instance Event Log{ComputerName}_Instance_ADAM().*
Security (.csv .evtx .txt){ComputerName}_evt_Securty.*

Functional Levels and Group Membership Information
DescriptionFile name
Group Membership and Functional Levels information via 'net.exe localgroup' commands
{ComputerName}_DSMisc.txt

General Information
DescriptionFile name
Basic System Information including machine name, service pack, computer model and processor name and speed
resultreport.xml

List of User Rights (privileges) using showpriv.exe tool
{ComputerName}_UserRights.txt
List of user SID, group memberships, and privileges via the 'Whoami /all' output
{ComputerName}_Whoami.txt
Resultant Set of Policy (RSoP) generated by gpresult.exe utility
{ComputerName}_GPResult.*
System Information - MSInfo32 tool output
{ComputerName}_msinfo32.nfo
{ComputerName}_msinfo32.txt

Netlogon Logs
DescriptionFile name
Netlogon.bak from \Windows\Debug
{ComputerName}_Netlogon.bak
Netlogon.log from \Windows\Debug
{ComputerName}_Netlogon.log

NetSetup Log
DescriptionFile name
NetSetup Log file from \Windows\Debug
{ComputerName}_netsetup.log

Port Usage Log
DescriptionFile name
TCP and UDP port statistics
{ComputerName}_PortUsage.txt

Secure Channel Info
DescriptionFile name
Cached values for Secure Channel info from Netlogon such as Secure Channel Information, Secure Channel Info and General Domain Information
{ComputerName}_Secure Channels.txt

System Security Settings
DescriptionFile name
System Security Settings from secedit.exe utility output
{ComputerName}_Security-settings.inf

Whoami Log
DescriptionFile name
Whoami /all output
{ComputerName}_whoami.txt

Winlogon Log
DescriptionFile name
Winlogon Log file from windows\security\logs
{ComputerName}_winlogon.log


In addition to collecting the information that is described earlier, this diagnostic package can detect one or more of the following symptoms:

  • Detect Windows XP End-of-Support
  • Check for ADLDS/ADAM issues
  • Event Logs Messages
  • Check for ephemeral port usage
  • Check for ephemeral port usage
  • Check for potentially risky audit failure settings (CrashOnAuditFail)
  • Check for a possible STOP error caused by audit failure
  • Check for USN Rollback
  • Check state of Intersite Messaging service.
  • Detect if IPv6 was disabled on a domain controller
  • Detect MaxConcurrentApi NTLM bottlenecks or delays
  • Detect Certificates with Weak RSA Keys
  • Trusted Root Certificate Authority List Size Problem

References

For more information about the Microsoft Automated Troubleshooting Services and about the Support Diagnostics Platform, please open the following Microsoft Knowledge Base article:


2598970 Information about Microsoft Automated Troubleshooting Services and Support Diagnostic Platform