Skip to main content

Enable Auditing KCC in ServerCore


In a Windows Environment running Active Directory, Knowledge Consistency Checker (KCC) is responsible for creating connection objects and builds replication topology which is at the heart of Multi-Master Replication.

To audit if the KCC is up and running or actually the replication changes are occurring, We can enable auditing by changing a Registry Entry. But as I have a ServerCore running a Domain Controller I will do this on it

First Create a New PowerShell Session and then enter it.
Most of you will be familiar with PSDrives which are nothing but an abstraction which helps you see various datastores like Registry as Drives.




Now the HKLM:\ is the Drive for HKEY_LOCAL_MACHINE registry hive.
HKLM:\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics is the Registry key where we need to change the "1 Knowledge Consistency Checker" property to any value between 0-5 where 0 is no auditing and 5 is the  maximum auditing messages. I will select 2 just in case.
Go ahead and change the registry as shown below (or any other method like remote registry)



This will just enable auditing no reboot required. Unfortunately, I think I can't test it as I have only One DC running in my test environment. But good to know this.

Labels:

Popular posts from this blog

Test connectivity via a specific network interface

Recently while working on a Private cloud implementation, I came across a scenario where I needed to test connectivity of a node to the AD/DNS via multiple network adapters.  Many of us would know that having multiple network routes is usually done to take care of redundancy. So that if a network adapter goes down, one can use the other network interface to reach out to the node. In order to make it easy for everyone to follow along, below is an analogy for the above scenario: My laptop has multiple network adapters (say Wi-Fi and Ethernet) connected to the same network. Now how do I test connectivity to a Server on the network only over say Wi-Fi network adapter?
Get-FullPost »

PowerShell + SCCM : Run CM cmdlets remotely

Today I saw a tweet about using implicit remoting to load the Configuration Manager on my machine by Justin Mathews . It caught my eye as I have never really tried it, but theoretically it can be done. Note - The second tweet says "Cannot find a provider with the name CMSite", resolution to which is in the Troubleshooting section at the end.
Get-FullPost »

Azure DevOps Tips & Tricks - Find private REST APIs

Original source -  Azure DevOps Tip - Find private APIs Often working with Azure DevOps, I hit a wall trying to automate some tasks but there are no REST API's made public yet. It was one of those task of automating creation of Environments in multi-stage YAML based pipelines in AzDO. Quick research reveals that this has been requested in uservoice  (please upvote). Let's see one of the very simple ways to discover some of these APIs.
Get-FullPost »