Forum Discussion

Shack's avatar
Shack
Icon for Neophyte rankNeophyte
3 years ago

Get-ADReplicationFailure PowerShell DataSource

I created a datasource that runs Get-ADReplicationFailure on Domain Controllers.  It works great most of the time however on servers that do not have Active Directory Module for Windows PowerShell installed it isn't recognized.  I would like to add an Import-Module ActiveDirectory line somewhere in my script but I am not having much luck.  All of you probably know PowerShell better than me which has led me here.  :)/emoticons/smile@2x.png 2x" title=":)" width="20" />

Here is my AD script.

$name = '##system.hostname##'

# get an array of all partner servers
$partner_array = Get-ADReplicationFailure $name;

# iterate through the partmer array
foreach ($partner in $partner_array) 
{
    # get the information from the partner array
    $PartnerGuid      = $partner.PartnerGuid;
    $instance_name = "Partner: " + $partner.Partner;
    $instance_desc = $partner.Server;

    # write out the instance data
    Write-Host "$PartnerGuid##$instance_name";
}

Remove-PSSession $Session
## Make sure we fully terminate the script.
exit

# return with a response code that indicates we ran successfully
Exit 0;

5 Replies

  • Anonymous's avatar
    Anonymous

    I would look into creating a property source that determines whether the ActiveDirectory module can be imported on the target machine. (Side note: keep in mind that the powershell runs on the Collector, so if this code block is run in an invoke-command cmdlet, it will run on the target. Otherwise, you're running it on the Collector.) Anyway, create a PropertySource to check if it's an AD controller. If so, add some category like "ADController" to system.categories. Then your applies to for the DS would be hasCategory('ADController').

    The reason you'd want to do this is because you don't want this DS to show up on every windows box. Most of them would show the DS but not have any data, cluttering things up. By using a PropertySource in conjunction, you selectively choose which Windows boxes to apply the DS to.

  • I'm using hasCategory("MicrosoftDomainController") && system.domain =="xyz.local".  But on those devices without Active Directory Module for Windows PowerShell I get nothing so I'm going to have to figure out how to load it.  

  • Anonymous's avatar
    Anonymous

    Oh, i see. I misunderstood. It's not that you're targeting systems that shouldn't be. Rather, you're targeting systems that don't have the proper cmdlet for running the commands. Not a Psh guy, but is there some sort of try block you can do to attempt to load in the cmdlet and if it fails, you could return that code and alert on it. That would at least highlight which devices aren't loading the cmdlet properly. Someone else with psh expertise chime in here because we've reached the limit of my psh knowledge.

  • Wait a second - if the script is running on the collector then maybe that's the issue?  Maybe I need to install these features on the collector.  I went ahead and did that and it works now from the collector OS via PowerShell but tests fail via debug on the collector:  For some reason it doesn't like the token and I've tried ##system.sysname## & ##system.hostname##.

     

    ---POWERSHELL---

    returns 0
    error:
    Get-ADReplicationFailure : Invalid URI: The server name '##system.sysname##' could not be parsed. You might need to
    enable internationalized domain name support for class System.Uri. See help of class System.Uri for more details.
    At C:\Program Files (x86)\LogicMonitor\Agent\tmp\test.ps1:3 char:18
    + $partner_array = Get-ADReplicationFailure -Target $hostname;
    +                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidType: (##system.sysname##:String) [Get-ADReplicationFailure], UriFormatException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.UriFormatException,Microsoft.ActiveDirectory.Management.Com
    mands.GetADReplicationFailure

    output:
    0

  • Anonymous's avatar
    Anonymous

    Yeah, you have to decide where you want the script to run. If what you quoted above is the entire script, then it's running on the collector, not talking to the AD controller (unless the cmdlet does that under the hood). 

    If you want to run a script on the ADC, you can use the invoke-command cmdlet, which will "push" the script to the target from the collector, run it on the target, and take the output back to the parent script running on the collector.