Archive for the ‘GraphViz’ Category

Active Directory Topology Visualization part 2

Sunday, January 11th, 2015

If you have a look closer into Active Directory Topology Visualization part 1 solution developed some time ago you will find that vbs script queries one domain controller to find replication topology. It is quick approach to have overview of AD replication ASAP. However it represents viewpoint only of this domain controller and sometimes it doesn’t have to be objective true.

If domain controllers replicate each other without any issues and there isn’t any modification in numbers of them (adding, removing, etc.) topology should look very the same on every DC and above solution is absolutely enough. But to have proper recognition of condition of AD environment during its modification there is needed something more comprehensive.

Here is my trial to find full overview of AD physical topology and condition of replication as a side effect of quering every particular domain controller in our environment. Below vbs script queries all DCs found in AD, formats information about sites, servers and connection objects into dot syntax and controls pictures of nodes (here: domain controllers) and labels of edges (here: connection objects) to report issues in topology: orphan or not accessible DCs or connection objects just generated and not seen by other DCs.

Practice:

Vbs script to query all DCs:

getReplicationTopology.zip

usage:

Example of dot code generated by above vbs script:

and diagram:

fdp4

Note:

Pictures of nodes used in diagrams:

server DC queried by vbs script

noaccessDC not queried by vbs script because of communication issue

orphanOrphan DC not fully removed from AD during decommission

Gallery:

dot5

fdp6

fdp7

 

Theory:

1. How Active Directory Replication Topology Works

2. KCC and Topology Generation

3. Active Directory Topology Visualization part 1

 

DFS-R topology

Saturday, May 4th, 2013

Topology of DFS-R can be easily visualized by using GraphViz tool.

Based on Active Directory Topology Visualization part 1 solution I’ve developed next script to have clear picture how DFS replication looks like. Design of solution is very the same: vbs script queries AD regarding to DFS replication groups, folders, servers and connections and formats result into dot language file. Then dot file is used as input for GraphViz package to generate picture of DFS-R topology.

Vbs script can be downloaded here without any limitation of using:

getDFSRTopology.zip

usage:

Result:

Generated dot file can look like this:

and based on it here is the picture (command: fdp *.dot -Tjpg -O):

fdp4

Rectangles represent replication groups with replication partners. Opposite to Active Directory Topology Visualization part 1 or Site links topology solutions, where nodes occur only once, here is needed one trick to have the same server in various groups. In line 88 in vbs script I pin to node names additional counter to have group specific servers, however their labels stay the same. It allows to see the same server name in various groups but nodes are definitely different from dot language viewpoint.

 

Site links topology

Saturday, May 4th, 2013

Based on solution developed for Active Directory Topology Visualization part 1 purpose I’ve made very similar script to have nice picture of defined site links in AD.

I think it’s quite good to know if gap in replication is not caused by lack of site link, etc.

Details:

Nothing special was developed by me. I simply query via vbs script this DN:

CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=my,DC=domain

and result is presented in dot language formatted file.

Vbs code can be downloaded here and feel free to use it:

getSiteLinks.zip

usage:

Gallery:

Result of above vbs script can look like as follow:

and based on it GraphViz can generate:

dot diagram layout (command: dot *.dot -Tjpg -odot.jpg):

dot3

fdp diagram layout (command: fdp *.dot -Tjpg -ofdp.jpg):

fdp3

sfdp diagram layout (command: sfdp *.dot -Tjpg -osfdp.jpg):

sfdp3

Example of site node picture:

site

There is possible to use any other picture to present site in diagram than above one. The most important is to put picture file of site (site.png in this case) in the same location where dot file is stored before compilation.

 

Active Directory Topology Visualization part 1

Saturday, May 4th, 2013

Overview:

Except of Microsoft Active Directory Topology Diagrammer, which requires licensed MS Visio installed, there is no easy way to show how physical topology of Active Directory looks like. As the Chinese proverb goes, “A picture is worth a thousand words”, result of 17 repadmin /replsum <DC> commands even prepared in MS Excel will not tell as much as below screen:

circo

Details:

GraphViz is open-source tool based on dot language dedicated for drawing diagrams. It allows to present any graph or network in simple static form with information like direction of flow between nodes or node specific details. It is perfect tool to show how Active Directory Domain Controllers replicate each other and allows to find bottleneck or critical paths in AD physical topology.

Usage is very simple and requires GraphViz package installed locally and own developed script to prepare input for this tool based on dot language.

1. Below code is dot language script topology.dot used as input for GraphViz package to generate nice diagram:

note:

– AD Sites: EU, US and AS are specified as SUBGRAPH cluster_XX and are presented as rectangles in final diagram

– AD DCs: EUDC014, USDC014 and ASDC015 are simply nodes in diagram

– example of server picture to put into the same folder where topology.dot is located:

server

2. Command to generate picture of dot diagram layout:

 and result:

dot

3. Examples of commands to generate all kind of diagram layouts:

Practice:

Dot file can be prepared manually or a bit smarter. Below vbs is my own developed and many time used script which queries AD regarding to sites, domain controllers and connection objects and generates dot launguage file used later in GraphViz package.

Vbs script is available to download here and feel free to use it:

getReplicationTopologyLite.zip

usage:

Gallery:

Below diagrams are examples of AD replication topology:

dot2

fdp1However more complex environments (>100 DCs) require a few tricks to make pictures more readable. I usually add dotted style for connections for example:

or trying to generate all kind of diagram layouts to choose the most suitable to study. In most cases huge networks need specific approach.

A few useful links:

1. Official GraphViz web site: http://www.graphviz.org

2. Dot guide: http://www.graphviz.org/pdf/dotguide.pdf

3. Wikipedia about GraphViz: http://en.wikipedia.org/wiki/Graphviz

4. Active Directory Topology Visualization part 2

Let the “more readable replication topology” be with you.