It’s one of my favourite commands when it comes to troubleshooting Active Directory and network connectivity. Suppose the following. A user tries to log on to the domain. The login is successful. Shortly thereafter, the user reports that he cannot access the files on the fileserver, nor he can send e-mails.
The default Active Directory setting allows the login without a domain controller, but only if the user has already logged on to the computer. The password is then stored locally. So far so good, but how can we find out whether we are logged on locally or not?
Test-ComputerSecureChannel verifies the secure channel to the domain.
Test-ComputerSecureChannel
True … is in good condition … that sounds great.
If Test-ComputerSecureChannel returns False, check your connection. Afterwards try to repair the channel with the parameter -repair.
Test-ComputerSecureChannel -Repair -Verbose
You can also test the connectivity for remote hosts.
I am logged on server dc01. Can server03 reach its Domain Controller?
Invoke-Command -ComputerName server03 {Test-ComputerSecureChannel -verbose}
Yes, server03 can reach its Domain Controller.
Technet: Test-ComputerSecureChannel.
Related Links
For checking name resoultion and network connectivity see also: The new nslookup: Resolve-DnsName and The modern version of ping: Test-Connection.
Categories: Windows 10, Windows Server
My name is Patrick Gruenauer. From Austria.
SID-500.COM 
Cool trying to remotely fix client machines both w7 and w10 via powershell, or psexec ideally?
LikeLike
Excellent article!!!
Keep up the good work.
LikeLike
Thank you for the kind words! Regards, P
LikeLike