21 Jul 2014 @ 8:48 AM 

As many of my readers now, last week I’ve finally released v1 of my AD Health Check PowerShell script.
In the future newer versions will come out, with fixes and more checks.
So, where can you find the latest version?

I’ve created a page on my blog named ‘Health Check’.
This is where you’ll be able to find the latest version of the Health Check.
For you convenience I’ve also created an easy way to get there.
On the top of my blog you’ll find a picture and when you click on it, you’ll get redirected to the Health Check page.

For each release I shall also write a blog post stating what’s changed since the last release.

Posted By: Jeff Wouters
Last Edit: 21 Jul 2014 @ 09:05 AM

EmailPermalinkComments (1)

 17 Jul 2014 @ 11:32 PM 

This is a PowerShell script which offers an Active Directory Health Check.
These checks are based on my personal best practices. Some of the checks may not be applicable to your environment.

The following fundamental guidelines apply to the script:

1) Must work for all domains in a forest tree.
2) Must work on PowerShell v3 and above.
3) Must work without module dependencies, except for the PowerShell core modules.
4) Must work without Administrator privileges.
5) Must work with Microsoft Word 2007 and above.


The following languages are supported for both Word and the operating system the script runs on:

Catalan Danish Dutch
English Finnish French
German Norwegian Portuguese
Spanish Swedish


The following checks are currently included in the script:

 Users  Direct member of Domain Local group
 Users  Password never expires
 Users  Password not required
 Users  Change password at next logon
 Users  Password not changed in last 12 months
 Users  Account without expiration date
 Users  Do not require Kerberos pre-authentication
 Users  Disabled
 Groups  Privileged with more than 5 members
 Groups  Privileged with no members
 Groups  With no members
 Sites  Without a description
 Sites  No server(s)
 Sites  Without a connection
 Sites  No sitelink(s)
 Sites  Without one or more subnet(s)
 Sitelinks  With one site
 Sitelinks  With more than two sites
 Sitelinks  Without a description
 Subnets in Sites  Available but not used
 Domain Controllers  No contact in last 3 months
 Member servers  Password never expires
 Member servers  Password older than 6 months
 Member servers  Account never expires
 Member servers  Account disabled
 Organisational Unit  GPO inheritance blocked



     Get your copy of the script here!

Release notes Download
Signed (.txt) Download
Unsigned (.txt) Download
Signed (.zip) Download
Unsigned (.zip) Download
All (.zip) Download
Posted By: Jeff Wouters
Last Edit: 17 Jul 2014 @ 11:32 PM

EmailPermalinkComments (7)

 Last 50 Posts
Change Theme...
  • Users » 1
  • Posts/Pages » 320
  • Comments » 462
Change Theme...
  • VoidVoid « Default
  • LifeLife
  • EarthEarth
  • WindWind
  • WaterWater
  • FireFire
  • LightLight


    No Child Pages.


    No Child Pages.


    No Child Pages.

Health Check

    No Child Pages.