Active Directory: понижение роли контроллера домена
AD_DC_Demoted (Rule)
Knowledge Base article:
Сводка
Это предупреждение создается при понижении контроллера домена.
Для очистки объектов монитора задержки Microsoft Operations Manager (MOM) на данном сервере автоматически запущен сценарий. В случае сбоя данный сценарий зарегистрирует другие предупреждения.
<Rule ID="AD_DC_Demoted" Enabled="onStandardMonitoring" Target="AD2008Core!Microsoft.Windows.Server.2008.AD.DomainControllerRole" ConfirmDelivery="false" Remotable="false" Priority="Normal" DiscardLevel="100">
<Category>Maintenance</Category>
<DataSources>
<DataSource ID="EventDS" TypeID="Windows!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>System</LogName>
<Expression>
<And>
<Expression>
<RegExExpression>
<ValueExpression>
<XPathQuery>PublisherName</XPathQuery>
</ValueExpression>
<Operator>MatchesMOM2005RegularExpression</Operator>
<Pattern>^(LSASRV|DirectoryServices-DSROLE-Server)$</Pattern>
</RegExExpression>
</Expression>
<Expression>
<RegExExpression>
<ValueExpression>
<XPathQuery>EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>MatchesMOM2005RegularExpression</Operator>
<Pattern>^(29224|29239)$</Pattern>
</RegExExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="WA" TypeID="Windows!Microsoft.Windows.ScriptWriteAction">
<ScriptName>AD_DC_Demoted.vbs</ScriptName>
<Arguments>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetbiosComputerName$</Arguments>
<ScriptBody><Script>
'*************************************************************************
' Script Name - AD Domain Controller Demoted
'
' Purpose - Cleans up the replication latency objects after a domain
' controller is demoted.
'
' Assumptions - Script is triggered by a demotion event.
'
' Parameters - If run from a command line, the first argument is the
' computer name to clean up.
'
' (c) Copyright 2002, Microsoft Corporation, All Rights Reserved
' Proprietary and confidential to Microsoft Corporation
'*************************************************************************
Set oParams = WScript.Arguments
if oParams.Count < 1 Then
Wscript.quit -1
End if
strDCName = oParams(0) ' TargetNetbiosComputer
Set oAPI = CreateObject("Mom.ScriptAPI")
On Error Resume Next
If Not(IsTargetAgentless) Then
bContinue = True
End If
If bContinue Then
Dim strSuccessfulNCs
If Len(strDCName) > 0 Then
Dim oRootDSE
Set oRootDSE = GetObject("LDAP://RootDSE")
Dim astrNamingContexts
astrNamingContexts = oRootDSE.Get("NamingContexts")
If IsArray(astrNamingContexts) Then
Dim i
For i = LBound(astrNamingContexts) To UBound(astrNamingContexts)
' Clean all the naming contexts (except for the schema context which we
' don't monitor).
If Instr(LCase(astrNamingContexts(i)), "schema") = 0 Then
If CleanUpDC(astrNamingContexts(i), strDCName) Then
strSuccessfulNCs = strSuccessfulNCs & astrNamingContexts(i) & vbCrLf
End If
End If
Next
End If
End If
If Len(strSuccessfulNCs) > 0 Then
CreateEvent EVENTID_SUCCESS, EVENT_TYPE_INFORMATION, "The script '" & SCRIPT_NAME & _
"' successfully removed the objects used by this DC '" & strDCName & _
"' from the following naming contexts:" & vbCrLf & vbCrLf & _
strSuccessfulNCs
End If
End If ' bContinue
'******************************************************************************
Function CleanUpDC(strNamingContext, strDCName)
'
' Purpose: To remove the object representing a DC in the specified naming
' context.
'
' Arguments: strNamingContext, the naming context to remove the object from
' strDCName, the name of the DC that we are trying to remove
'
' Returns: Boolean, True if the cleanup was successful, False if an error
' occurred. If no object exists to be cleaned up, True is returned.
'
On Error Resume Next
CleanUpDC = False
Dim oContainer
Set oContainer = GetObject("LDAP://CN=OpsMgrLatencyMonitors," & strNamingContext)
If Err.number <> 0 and Err.number <> &H80072030 Then
ScriptError "failed to bind to the OpsMgrLatencyMonitors container in the '" & _
strNamingContext & "' naming context." & GetErrorString(Err)
Else
If Err.number = 0 Then
oContainer.Delete "container", "CN=" & strDCName
' If we received error 0x80072030 then that is "There is no such object on the server"
' so we can assume that the object is not there for deletion.
If (Err.number <> 0) And (Err.number <> &H80072030) Then
ScriptError "failed to delete the object " & strDCName & " in the OpsMgrLatencyMonitors container " & _
"in the '" & strNamingContext & "' naming context." & GetErrorString(Err)
Else
CleanUpDC = True
End If
Else
CleanUpDC = False
End If
End if
End Function
'******************************************************************************
Sub ScriptError(strMessage)
'
' Purpose: To generate a script error message that will help the user
' clean up manually.
'
' Arguments: strMessage, the message to include in the event
'
' Returns: nothing
'
CreateEvent EVENTID_SCRIPT_ERROR, EVENT_TYPE_WARNING, "The script '" & SCRIPT_NAME & _
"' " & strMessage & vbCrLf & "This may mean that the object that this " & _
"script is attempting to remove may be left in the system. " & vbCrLf & _
"If this is the case then this may cause MOM to generate " & _
"Replication Latency errors." & vbCrLf & vbCrLf & _
"This script may be run manually by copying the script into " & _
"a file named 'AD_DC_Demoted.vbs' and typing " & _
"'cscript AD_DC_Demoted.vbs " & strDCName & "' " & _
"at a command prompt where the file resides."
End Sub
'******************************************************************************
Sub CreateEvent(lEventID, lEventType, strMessage)
'
' Purpose: To generate an event (will work when hosted either by MOM or by WSH)
'
' Arguments: lEventID, the event code
' lEventType, the severity of the event
' strMessage, the message to include in the event
'
' Returns: nothing
oAPI.LogScriptEvent "AD Domain Controller Demoted", lEventID, lEventType, strMessage
End Sub
'******************************************************************************
Function GetErrorString(oErr)
'
' Purpose: Attempts to find the description for an error if an error with
' no description is passed in.
'
' Parameters: oErr, the error object
'
' Return: String, the description for the error. (Includes the error code.)
'
Dim lErr, strErr
lErr = oErr
strErr = oErr.Description
On Error Resume Next
If 0 >= Len(strErr) Then
' If we don't have an error description, then check to see if the error
' is a 0x8007xxxx error. If it is, then look it up.
Const ErrorMask = &HFFFF0000
Const HiWord8007 = &H80070000
Const LoWordMask = 65535 ' This is equivalent to 0x0000FFFF
If (lErr And ErrorMask) = HiWord8007 Then
' Attempt to use 'net helpmsg' to get a description for the error.
Dim oShell
Set oShell = CreateObject("WScript.Shell")
If Err = 0 Then
Dim oExec
Set oExec = oShell.Exec("net helpmsg " & (lErr And LoWordMask))
Dim strMessage, i
Do
strMessage = oExec.stdout.ReadLine()
i = i + 1
Loop While (Len(strMessage) = 0) And (i < 5)
strErr = strMessage
End If
End If
End If
GetErrorString = vbCrLf & "The error returned was: '" & strErr & "' (0x" & Hex(lErr) & ")"
End Function
Home
RUS