You are here
Active Directory Monitoring
Active Directory Monitoring
Active Directory (AD) is a Microsoft product that consists of several services that run on Windows Server to manage permissions and access to networked resources. The main service in Active Directory is Domain Services, which stores directory information and handles the interaction of the user with the domain. AD stores information about objects on the network using a structured data store as the basis for a logical, hierarchical organization of directory information which makes this information easy for administrators and users to find and use.
What You Can Monitor in AD
This Opspack allows you to monitor all the metrics you need to efficiently run a Microsoft AD Service, providing service checks for high level status information about services, threads, Security Accounts Manager, and Address Book, as well as important metrics for the Active Directory Replication status.
Host Templates
The following Host Templates are provided within this Opspack for AD monitoring. Click the name of each Host Template to be taken to the relevant information page, including a full Service Check description and usage instructions.
Application - Active Directory - Replication
add_circle| Service Check Name | Description | Default Thresholds (Warning, Critical) | UOM |
|---|---|---|---|
| Active Directory - Replication - DRA I/O Bytes Rate | Shows the total number of bytes replicated in/out per second. | N/A | B/s |
| Active Directory - Replication - DRA I/O Objects Rate | Shows the number of objects received from neighbors through inbound replication and the number of objects replicated out per second | N/A | per_second |
| Active Directory - Replication - DRA I/O Values Rate | Shows the total number of object property values received from inbound replication partners and the number of object property values sent to outbound replication partners per second. | N/A | per_second |
| Active Directory - Replication - DRA Synchronizations | Shows the number of directory synchronizations that are queued for this server, but not yet processed. | N/A | N/A |
Application - Active Directory - Services
add_circle| Service Check Name | Description | Default Thresholds (Warning, Critical) | UOM |
|---|---|---|---|
| Active Directory - Services - DS Client Binds Rate | Shows the number of Ntdsapi.dll binds per second serviced by this domain controller. | N/A | per_second |
| Active Directory - Services - DS Directory I/O Rate | Shows the number of directory reads/writes per second. | N/A | per_second |
| Active Directory - Services - DS Directory Searches | Shows the number of directory searches per second. | N/A | per_second |
| Active Directory - Services - LDAP Bind Time | Shows the time, in milliseconds, taken for the last successful LDAP bind. | N/A | ms |
| Active Directory - Services - LDAP Client Sessions | Shows the number of currently connected LDAP client sessions. | N/A | N/A |
| Active Directory - Services - LDAP Searches | Shows the percentage of directory searches coming from LDAP. | N/A | % |
| Active Directory - Services - LDAP Searches Rate | Shows the rate at which LDAP clients perform search operations | N/A | per_second |
| Active Directory - Services - LDAP Successful Binds Rate | Shows the number of LDAP binds per second. | N/A | per_second |
| Active Directory - Services - LDAP Writes | Shows the percentage of directory writes coming from LDAP. | N/A | % |
| Active Directory - Services - LDAP Writes Rate | Shows the rate at which LDAP clients perform write operations. | N/A | per_second |
| Active Directory - Services - Knowledge Consistency | Shows the percentage of reads performed by the Knowledge Consistency Checker (KCC) on the directory. | N/A | % |
| Active Directory - Services - Local Security Authority | Shows the percentage of reads performed by the Local Security Authority (LSA) on the directory. | N/A | % |
| Active Directory - Services - Name Service Provider Interface | Shows the percentage of reads performed by the Name Service Provider Interface (NSPI) on the directory. | N/A | % |
| Active Directory - Services - AD Services Status | Shows the status of the services running on the AD server. | N/A | N/A |
Application - Active Directory - Threads
add_circle| Service Check Name | Description | Default Thresholds (Warning, Critical) | UOM |
|---|---|---|---|
| Active Directory - Threads - Total Asynchronous Thread Queue | Shows the total number of threads in use by the Active Directory. | N/A | N/A |
| Active Directory - Threads - LDAP Asynchronous Thread Queue | Shows the number of threads in use by the LDAP process. | N/A | N/A |
Application - Active Directory - Address Book
add_circle| Service Check Name | Description | Default Thresholds (Warning, Critical) | UOM |
|---|---|---|---|
| Active Directory - Address Book - Client Sessions | Shows the number of connected Address Book client sessions. | N/A | N/A |
| Active Directory - Address Book - Browses Rate | Shows the rate at which Address Book clients perform browse operations on the Active Directory. | N/A | per_second |
| Active Directory - Address Book - Lookups Rate | Shows the rate at which proxy clients perform search operations on the Active Directory. | N/A | per_second |
| Active Directory - Address Book - Property Reads Rate | Shows the rate at which Address Book clients perform read operations on the Active Directory. | N/A | per_second |
| Active Directory - Address Book - Searches Rate | Shows the rate at which Address Book clients perform key search operations on the Active Directory. | N/A | per_second |
Application - Active Directory - Security Accounts Manager
add_circle| Service Check Name | Description | Default Thresholds (Warning, Critical) | UOM |
|---|---|---|---|
| Active Directory - SAM - Reads/Writes | Shows the percentage of reads performed by the Security Authentication Server (SAM) on the directory. | N/A | % |
| Active Directory - SAM - Successful Computer Creations | Shows the number of successful computer accounts created per second. | N/A | per_second |
| Active Directory - SAM - Machine Creation Attempts Rate | Shows the number of attempts per second to create computer accounts. | N/A | per_second |
| Active Directory - SAM - Password Changes Rate | Shows the number of Security Authentication Manager (SAM) password changes per second. | N/A | per_second |
| Active Directory - SAM - Successful User Creations Rate | Shows the number of user accounts successfully created per second. | N/A | per_second |
| Active Directory - SAM - Global Catalog Evaluations Rate | Shows the number of universal group membership evaluations per second on a global catalog domain controller from non-global catalog domain controllers | N/A | per_second |
| Active Directory - SAM - User Creation Attempts Rate | Shows the number of attempts per second to create user accounts. | N/A | per_second |
Application - Active Directory - DNS
add_circle| Service Check Name | Description | Default Thresholds (Warning, Critical) | UOM |
|---|---|---|---|
| Active Directory - DNS - Total Queries | Shows the total number of queries made to the Microsoft DNS server including TCP and UDP. | N/A | N/A |
| Active Directory - DNS - Queries Rate | Shows the rate of queries made to the Microsoft DNS server including TCP and UDP. | N/A | per_second |
| Active Directory - DNS - Recursive Queries Rate | Shows statistics for recursive query rates including timeout and failures | N/A | per_second |
Application - Active Directory - Database
add_circle| Service Check Name | Description | Default Thresholds (Warning, Critical) | UOM |
|---|---|---|---|
| Active Directory - Database - Disk Usage | Shows the database disk usage where the Active Directory Database is stored | database_disk_usage=70,90 | % |
| Active Directory - Database - Disk Operational Status | Shows the operational status of the storage device where the Active Directory Database is stored | N/A | N/A |
| Active Directory - Database - Disk Health Status | Shows the health status of the storage device where the Active Directory Database is stored | N/A | N/A |
| Active Directory - Database - File Size | Shows the size of the Active Directory database file in bytes | N/A | B |
Active Directory Monitoring Prerequisites
Setup Windows Host for Monitoring
By default, Windows hosts will not allow remote PowerShell scripts to run, which is required for Opsview Agentless Monitoring plugins to work.
This can be configured manually by the Windows Host administrator, or automatically using our recommended approach by running the ConfigureRemoting.ps1 Powershell script on the Windows Host.
Powershell Agentless Monitoring requires at least version 5.0 of Powershell. Check the Powershell version on your Windows Host by running:
$PSVersionTable.PSVersion
Run the ConfigureRemoting.ps1 script with Administrator privileges using a Powershell terminal. This will configure firewall rules, self-signed SSL certificates and authentication for PowerShell remoting.
Check this has been configured properly by running:
winrm quickconfig
You should get the following output:
WinRM service is already running on this machine.
WinRM is already set up for remote management on this computer.
By default port 5985 must be opened from the Opsview monitoring server to the Windows host you wish to check. WinRM utilises the HTTP/HTTPS protocol and can be configured to use certificates to secure the data in transit.
Ensure the service is listening by running:
For HTTP: netstat -an | findstr 5985
For HTTPS: netstat -an | findstr 5986
When using basic authentication with WinRM, the following commands must also be run on the windows host:
winrm set winrm/config/service/auth '@{Basic="true"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/client/auth '@{Basic="true"}'
If you receive a 500 error, which is a known issue on Windows Server 2016, you may need to install WinRM-IIS-Ext. You can do so by running the following command:
Add-WindowsFeature winrm-IIS-ExtImporting this Opspack
Download the application-microsoft-active-directory.opspack file from the Releases section of this repository, and import it into your Opsview Monitor instance. Now you can add the Host Templates you want following the info links in the table at the top.
For more information, refer to Opsview Knowlege Center - Importing an Opspack.
