Monitoring with System Center 2012 R2 Operations Manager

Hall Monitor

Monitoring Events on DCs

After you import the AD Management Pack and the necessary changes to reflect the conditions of the internal IT infrastructure, Operations Manager begins to write the data sent in by Operations Manager agents to its own separate database and to output alerts and notifications at the Administration workspace.

In the Monitoring workspace, you will find the individual monitoring elements provided by the Operations Manager Management Pack. The extent and nature of the information provided depends on the properties and functions of the Management Pack. The AD Management Pack provides the following information:

  • DC Active Alerts
  • DC events
  • DC Performance Data
  • DC State
  • Client Monitoring
  • Replication Monitoring
  • Topology Views

Some items of information, such as Topology Views (Figure 1), are broken down into further elements, such as the overview of AD Sites , Topology , and Connection Objects .

Figure 1: SCOM provides a graphical overview of the Active Directory topology.

The information for DC Events shows all events relating to communication between the Operations Manager and the monitored resource – in this case, a domain controller (Figure 2). By right-clicking on the item, you can open the Alert View , State View , and Performance View via the context menu, or configure Overrides Summary View to disable rules for the object or class.

Figure 2: SCOM lists events for all domain controllers.

AD Replication Monitoring

One of the most common causes of Active Directory troubleshooting is replication problems between domain controllers. Because of AD replication technology and multimaster replication between domain controllers, problems can occur during AD replication that can be analyzed and resolved using a variety of troubleshooting options. Options include command-line tools such as Repadmin and DCDiag, as well as graphical programs such as the Active Directory Replication Status tool.

The Operations Manager Management Pack for Active Directory complements these programs and tools, adding specific views for replication events and performance metrics for replication performance. You can use this information, in addition to the information from numerous other utilities, to analyze and resolve replication problems quickly (Figure 3).

Figure 3: The Active Directory Management Pack helps with detailed analysis of a replication failure.

In the properties of the AD Management Pack, you will find a list of all the active alerts from DCs that are not automatically resolved or are resolved by an Operations Manager administrator. This list is where you will find the greatest level of detail about which DC is causing problems. Common error messages include requests to one of the operations master roles (FSMO – Flexible Single-Master Operations), which occurs for various reasons, such as maintenance on domain controllers or short-term unavailability because of network interruptions. You can use the Netdom.exe command-line utility to check which DCs are running the operations master roles. The

netdom query fsmo

command displays all operations master roles in the Active Directory forest, allowing you to check DC functionality.

The message The domain controller has been terminated is a good indicator of a DC that has shut down or restarted for maintenance purposes. Operations Manager detects this condition because the event log service has stopped, which is not possible under normal circumstances through administrator intervention.

The information element Active alerts for domain controller lists all active alerts for all monitored DCs. This list must be given special attention as these active warnings may be genuine indicators of limited performance or functionality of the AD. You can also link automatic remediation actions to events. For instance, you can associate an event with restarting Windows services or applications.

In the Alert Properties dialog for the active alert, you can click on the Product Knowledge and Company Knowledge tabs to see if the manufacturer of the Management Pack already provides solutions for the alert event, or whether internal knowledge exists to solve the problem. The History tab gives you an overview of the development of the event in the past.

If this information is not sufficient, the Health Explorer in the Operations Manager Administration workspace provides more detailed information (Figure 4). You access this information by navigating the tree in the Health Explorer and displaying the information for each event. After fixing the problem, you can set the resolution state and close the alert. If you need to work on the monitored resource – in this case the domain controller – to solve the problem, you need to switch the resource to Maintenance mode. After completing the work and successfully resolving the problem, you can switch the resource out of Maintenance mode; Operations Manager then again starts monitoring the resource.

Figure 4: The Health Explorer provides data about the health state of a monitored resource.

For comprehensive monitoring of the Active Directory, import Management Packs for DNS, DHCP, and the distributed filesystem and adapt them to the special features of your IT infrastructure. Because Active Directory greatly depends on correct operation of DNS and other services (e.g., FRS, DFS, DHCP) and because many more use AD, it is important to monitor all of these subsystems.

Monitoring Exchange

Microsoft Exchange Server is a complex system that requires time-consuming troubleshooting and repairs because of its dependence on other Windows subsystems, such as Active Directory and the domain name service. For many versions, Exchange Server has provided integrated problem-solving wizards. The system is even capable of restarting its own individual Exchange components in case of failure. The examples for monitoring Exchange servers is based on Exchange 2013.

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus