When did you run ISA best practice analyzer last time or you do not run at all? If both answer “negative” then its time to run run ISA best practice analyzer (BPA) in ISA server. It is always good to check health of ISA server whether it is running great or not. you can rectify any issues before get worse.
You can download ISA BPA from this link
Install ISA BPA in ISA server and run as follows. select all tasks.
read the report carefully. You might have configured rules that necessary for you but ISA BPA might show warning. Don’t worry about it. For example, I configured ISA using single NIC scenario but BPA gives me warning. Its ok to ignore this warning. Look for other issues and verify with your policies you have configured.
Note: don’t jump to modify ISA server after reading BPA report.
Check event log in all DCs to find everything ok specifically DNS, system and Application events.
This is a must and will always tell you if there is trouble with DCs and/or services associated with it
This will let me know if there are issues with the networking portion on the DC.
Netsh dhcp show server
This command identify DHCP in in AD infrastructure.
This shows all replication among DCs.
repadmin /replsum /errorsonly
reapadmin /syncall /AdeP
This will identify any issues with replication among DCs.
Active Directory DNS Check
Dnslint /ad domain_controller_ip_address /s dns_server_ip_address
Manage Engine AD Manager Plus, Wise Soft Bulk user Admin, Solarwinds Engineer’s toolset, Active Directory Cleaner are very handy tools to monitor and manage Active Directory.
These are little things that give me peace of mind. I reckon “assume nothing, believe nothing, check everything…..” is the best way to prevent disaster.