These are the commands that I use when I do an AD health check.
repadmin /replsum /bysrc /bydest /sort:delta
If the tests showed above fails:
dcdiag /s:<DomainControllerName> /test:knowsofroleholders /v
dcdiag /s:<DomainControllerName> /test:fsmocheck
I hope it help you!
If we want to do an schema upgrade the actions for to do there is:
Login with an schema admin to the fsmo schema role holder (you can know doing a “query fsmo roles” in a cmd)
Do a backup of System State
Go to cmd and run the command repadmin /replsum and check for some error.
Go to cmd and run the command repadmin /options serverhostname +DISABLE_OUTBOUND_REPL
Go to cmd and run the commandrepadmin /options serverhostname +DISABLE_INBOUND_REPL
Go to cmd and run the command repadmin /options serverhostname -DISABLE_INBOUND_REPL
Go to cmd and run the command repadmin /options serverhostname -DISABLE_OUTBOUND_REPL
Force to replicate from the DC schema holder to the others dc.
To verify if the AD replication (RFS) is working fine on the DC you can try with these examples:
Execute the following command on a cmd: repadmin /showreps
Execute the following command on a cmd: repadmin /replsum /bysrc /bydest /sort:delta
All domain controllers should show 0 in column “Fails”, and “Deltas” longer (indicating the time since the last synchronization) must be less than or at most equal to the time of replication used in the Site -Link domain Controller (30 minutes).