How do I monitor my Windows Server Active Directory replication status/health?

Today's post is about Windows administaration. When domain controllers (DCs) stop replicating their directory objects properly, the symptoms appear everywhere. Fortunately, there are built-in tools that make it easy to check replication health.

For a quick snapshot, open an elevated command prompt and run:

repadmin /replsummary

This summarizes replication attempts and failures across all DCs. To see details for a single DC, run:

repadmin /showrepl DC01 /verbose /all /intersite

If you prefer PowerShell, import the Active Directory module and then run:

Get-ADReplicationPartnerMetadata -Target DC01 | 
  Select-Object Server, LastReplicationSuccess, LastReplicationResult

And to test replication of the current directory partition:

Test-ReplicationHealth

If you see high failure percentages, stale timestamps, or "Access Denied" errors, check your DNS resolution, SYSVOL availability, and time synchronization between controllers. For constant monitoring, schedule a daily script that emails the output of repadmin /replsummary to you or your team.