In case you are troubleshooting an Active Directory replication status (I sure hope for your sake you are not), there are many tools that you can use from the command line. However, if you happen to remember there used to be a GUI tool called the Active Directory Replication Status tool that was a visual representation of your replication status. Let’s look at an Active Directory Replication Status Tool replacement (unofficially) and where you can get it.
Brief overview of Active Directory replication
Replication in Active Directory is the way that all Windows Server domain controllers in an Active Directory Domain (in the multi-master model) keep themselves consistent with each other. So you can be confident that a user, group, etc exists on one DC as well as another.
If things go wrong with Active Directory Replication, the results are not always obvious. This is why AD replication problems are often hard to notice immediately. They often creep in and then rear their ugly head when you least expect it.
If you are like me, and you only troubleshoot deep problems every few months, you have to scratch your head on which tools do what exactly from the command line. That was the nice thing about the Active Directory Replication Status tool (ADReplStatus). It allows monitoring and troubleshooting from a GUI.
What is/was the AD Replication Status tool?
You likely remember but the tool was a visual status of AD replication. It provided some really good features like:
- Autodiscovery – would discover your DCs
- It had different views like Errors only to help quickly go to problem areas
- It discovers lingering objects, etc
- It integrates with resolution articles from Microsoft
- You can sort and group information
- Export replication status to excel or other tools
- You can customize the display columns.
the view of the environment is real-time and it displayed the replication status in a GUI that was fairly intuitive although looking old. You can filter the status of replication by domain controller, replication partner, or error type.
If you visit the official download site here: How to get and use the Active Directory Replication Status Tool – Windows Server | Microsoft Learn you will see the following message:
- As of June 2nd, 2023, the Active Directory REplication STatus Tool is no longer available for download…
- It sounds like on the GitHub site the developer of the new tool mentions an SSL error timebomb and unhandled exception possibly
So, long story short, the old version of the tool is no longer available. However, thanks to the work of an awesome developer (Ryan Ries) and contributor to the open-source community, the new version of the tool is available on GitHub for download.
The new version of the ADReplStatus tool
The new ADReplStatus tool is found on GitHub here: GitHub – ryanries/ADReplStatus: AD Replication Status Tool.
For the most part, it looks like the original tool and can do all the same things. However, it is not endorsed by Microsoft and is a personal project of Ries who is a Microsoft employee.
New AD Replication Status Tool
Launching the tool, you will see the status increment as it scans the environment. This might take a couple of minutes if you have a lot of sites and domain controllers:
The new ADReplStatus tool looks like the other with a face lift of sorts without the old style Office ribbon as the header. Here is a screenshot of the tool connected to an environment with the DC replication status and partners showing, as well as last sync message among other information.
Analyzing errors using the new tool
The new tool can make errors very obvious so you can dial in on these quickly:
Another view of AD replication status errors.
Advanced features of the tool
The latest version of the tool has some good features that are worth noting that make having everything you need to troubleshoot at your fingertips. This includes built in tools for:
- Ping
- Initate RDP connection
- Enter PowerShell session
- Port Tester
These are found when you right-click on a domain controller in the window.
Port tester
The port tester is an amazing addition since it will allow you to automatically test all the AD-specific ports needed and required by Active Directory without having to remember what these are:
- Remote Procedure Call // EndpointMapper
- LDAP
- LDAP SSL
- Domain Name Service
- Global Catalog LDAP
- Global Catalog LDAP SSL
- Kerberos authentication
- SMB, NetLogon, SamR
Wrapping up
If you are looking for the Active Directory Replication Status tool replacement, be advised it is no longer available. I am a bit worried about this tool as well since it wasn’t updated since May 2023. Hopefully this project will have enough momentum to continue development as it would be a shame to lose this version of the tool as well. Kudos to the developer and community contributions he has made to keep this tool alive and well for use to monitor and troubleshoot Active Directory domain replication.
