I regularly see people asking for “monitoring” solutions. They often can’t afford a OpsMgr or a SCE solution. I also regularly see people with AD/authentication issues. Those can be nasty to isolate. Microsoft may have just released something to help small-medium businesses. It’s called the Microsoft IT Environment Health Scanner.
“The Microsoft IT Environment Health Scanner is designed for administrators who want to assess the overall health of their Active Directory and network infrastructure. The tool identifies common problems that can prevent your network environment from functioning properly.
The Microsoft IT Environment Health Scanner is a diagnostic tool that is designed for administrators of small or medium-sized networks (recommended up to 20 servers and up to 500 client computers) who want to assess the overall health of their network infrastructure. The tool identifies common problems that can prevent your network environment from functioning properly as well as problems that can interfere with infrastructure upgrades, deployments, and migration.
When run from a computer with the proper network access, the tool takes a few minutes to scan your IT environment, perform more than 100 separate checks, and collect and analyze information about the following:
- Configuration of sites and subnets in Active Directory
- Replication of Active Directory, the file system, and SYSVOL shared folders
- Name resolution by the Domain Name System (DNS)
- Configuration of the network adapters of all domain controllers, DNS servers, and e-mail servers running Microsoft Exchange Server
- Health of the domain controllers
- Configuration of the Network Time Protocol (NTP) for all domain controllers
If a problem is found, the tool describes the problem, indicates the severity, and links you to guidance at the Microsoft Web site (such as a Knowledge Base article) to help you resolve the problem. You can save or print a report for later review. The tool does not change anything on your computer or your network.
The computer where you run this tool must be joined to your Active Directory domain. You must use an account that is a member of the Domain Admins group (or, when prompted, provide appropriate credentials) to scan the network environment.
This tool uses Windows Management Instrumentation (WMI) to collect information from the servers on your network. Before you scan the environment, make sure that WMI is enabled on the servers and that Windows Firewall is configured to allow traffic on the TCP ports that are required for remote WMI access. In most cases, these are TCP ports 135 and 445 as well as dynamically assigned ports in the range 1024 to 1034”.