Thursday, June 11, 2009

How to Verify the AD Schema Level on All Domain Controllers

Whenever I perform schema extensions in Active Directory, I always want to verify that the new schema attributes have replicated throughout the domain's Domain Controllers. Schema extensions are usually necessary for Exchange installations and upgrades, or to prepare a domain for a new version of Windows.

The following batch file will display the value of the rangeUpper attribute for the ms-Exch-Schema-Version-Pt object on every Domain Controller in the target domain.

@echo off
dsquery server -o rdn >DC.lst
FOR /F "tokens=1" %%i in (DC.lst) do (
echo %%i
dsquery * CN=ms-Exch-Schema-Version-Pt,cn=schema,cn=configuration,dc=yourdomain,dc=com -scope base -attr rangeUpper -server %%i
)

Modify dc=yourdomain,dc=com as necessary for the target domain and save this file as CheckSchemaVersion.bat.

The output will display the name of each Domain Controller and the rangeUpper value. You will know that the schema changes have replicated throughout the domain when each Domain Controller returns the same (highest) value.

12:59 PM