Active Directory Monitoring

Active directory monitoring feature takes OpManager a step further in proactive monitoring of Windows environment. The system resources of the Domain Controllers where the Active Directory (AD) database resides, and few critical Active Directory Services are monitored in OpManager. 

To make AD monitoring more simple and easily accessible, The Domain Controllers are classified under a separate category under Infrastructure Views. The categorization of the device as a Domain Controller is done automatically if SNMP is enabled. The system resources of the device and the AD services are monitored using WMI.

Domain Controller

The snapshot page of the Domain Controller shows the dial graphs for Availability, Packet Loss and Response Time. In addition to this, there are also provisions to monitor CPU, Disc and Memory utilization.

The other utilization data displayed in the snapshot page for the Domain Controller are:

  • Resource Utilization by LSASS ( Local Security Authority Subsystem Service)
  • Resource Utilization by NTFRS (NT File Replication Service)
  • Ad Store Utilization
  • Performance Counters showing information such as the AD Reads, the AD Replication objects etc

Besides these, following are the AD Services monitors associated by default:

  • Windows Time service : The service synchronizes the time between domain controllers, which prevents time skews from occurring.
  • DNS Client Service : This service resolves and caches (Domain Name Server) DNS names.
  • File Replication Service : This service maintains file synchronization of file directory contents among multiple servers.
  • Intersite Messaging Service : This service is used for mail-based replication between sites. Active Directory includes support for replication between sites by using SMTP over IP transport.
  • Kerberos Key Distribution Center Service : This service enables users to log on to the network using the Kerberos version 5 authentication protocol.
  • Security Accounts Manager Service : This service signals other services that the Security Accounts Manager subsystem is ready to accept requests.
  • Server Service : This service enables the computer to connect to other computers on the network based on the SMB protocol.
  • Workstation Service : This service provides network connections and communications.
  • Remote Procedure Call (RPC) Service : This service provides the name services for RPC clients.
  • Net Logon Service : This service supports pass-through authentication of account logon events for computers in a domain.

You can add more AD Monitors to be monitored by clicking the Add Monitor button.