Monitoring Microsoft Active Directory

Version

This article was written for version 6.0, it could work on both lower and higher version if nothing else is stated.

check_ad

I noticed that the scripts in our how-to on monitoring Microsoft AD does not work and there are an issue with monitoring FSMO

I installed this check at Brio with great success.

http://exchange.nagios.org/directory/Plugins/Operating-Systems/Windows/Active-Directory-%28AD%29-Check/details

Additional monitoring points

A great deal of info can be found in this document published on ms technet:

http://technet.microsoft.com/en-us/library/cc180912.aspx

Also a great deal here in the documentation regarding the management pack for AD in Microsoft Systems Center:

http://www.microsoft.com/en-us/download/details.aspx?id=21357

check_nt

Some additional checks to do against AD: (More suggestions are welcome, just fill in).

This may overlap some of the functionality of check_ad, but anyhow, now it's documented atleast.

  • Test the bind time for AD
  • Do a test-login with a account
  • AD Ntlm authentications per second
  • Kerberos authentications per second
  • LDAP client sessions
command_name: check_ad_ldap_bind_timecommand_line: $USER1$/check_nt -H $HOSTADDRESS$ -v COUNTER -l "\NTDS\LDAP Bind Time","LDAP Bind Time %.2f ms" -w $ARG1$ -c $ARG2$check_command_args: 15!30command_name: check_ad_ldapcheck_command:$USER1$/check_ldap -H $HOSTADDRESS$ -b $ARG1$ -D $ARG2$ -P $ARG3$ -w $ARG4$ -c $ARG5$check_command_args: dc=webinar,dc=op5!monitoruser\@domain.com!password!5!10command_name: check_ad_ntlm_authenticationscommand_line: $USER1$/check_nt -H $HOSTADDRESS$ -v COUNTER -l "\NTDS\NTLM Authentications","NTLM Authentications %d times/sec" -w $ARG1$ -c $ARG2$check_command_args: 3!4 (adjust the limit according to the normal case in your AD-env.)command_name: check_ad_kerberos_authenticationscommand_line: $USER1$/check_nt -H $HOSTADDRESS$ -v COUNTER -l "\NTDS\Kerberos Authentications","Kerberos Authentications %d times/sec" -w $ARG1$ -c $ARG2$check_command_args: 3!4 command_name:check_ad_ldap_client_sessionscommand_line: $USER1$/check_nt -H $HOSTADDRESS$ -v COUNTER -l "\NTDS\LDAP Client Sessions","LDAP Client Sessions: %.0f" -w $ARG1$ -c $ARG2$check_command_args: 10!20 (again, adjust to your env.)