Date post: | 30-Dec-2015 |
Category: |
Documents |
Upload: | virgil-norris |
View: | 217 times |
Download: | 0 times |
MOM Essentials 6 – Managing the Enterprise Part 1 Gordon McKenna MOM – MVP
Monitoring Active Directory
Agenda
Why Monitor Active Directory
Brief Intro to MOM 2005
Overview of the Active Directory MP
– Client Side Monitoring
– Replication Monitoring
Summary/Best Practices
Whitepapers, Install Guides, and other Resources
Why Monitor Active Directory?
Like any distributed systems, unexpected problems happen
–Hardware failures
–Low disk space
–Network connectivity issues
–User configuration error
– Name Resolution
– Sites and subnet configuration
–Errant applications overloading DCs
Why Monitor Active Directory?
Problems with Active Directory can be disruptive if left unresolved
– Slow login/login failures/password issues
– Group Policy problems
– Resource access problems
– Exchange e-mail
– Replication issues can lead to security related issues
Why Monitor Active Directory?
Problems are often easy to fix when detected early
Proactively fix before it is escalated to help desk
Lower TCO: Save yourself time and your company $$$
Maintain high directory availability
When To Monitor
Plan your monitoring solution before deploying Active Directory
Lab test your monitoring solution before deploying Active Directory
Monitor simultaneously with first DC deployment
Pause new DC deployment if monitoring detects problems OR your monitoring solution fails
Continue monitoring post deployment
Effective Monitoring
All production deployments need effective forest-wide Active Directory monitoring
You cannot do your job effectively with out it
Ad-hoc monitoring solutions are not enough
How much time are you willing to spend building your own monitoring solution?
– Active Directory management pack took multiple man-years
– Don’t forget AD’s dependencies: Windows OS, DNS, Group Policy, etc…
Agenda
Why Monitor Active Directory
Brief Intro to MOM 2005
Overview of the Active Directory MP
– Client Side Monitoring
– Replication Monitoring
Summary\Best Practices
Whitepapers, Install Guides, and other Resources
MOM Architectural OverviewKey Terms
Data sources
– Events: Windows, application, WMI, service change, SNMP traps, timed events, missing events, UNIX syslogs…
– Performance data: Used for graphs, reports and to set thresholds
Alerts
– MOMs indication of a particular issue What operators see first
– Based on events, performance thresholds, or script output
– Requires action from operator
Response
– Reaction to an alert (send e-mail, page, run script)
Management Pack (MP)
– Set of Processing Rules to monitor applications
– Supporting views and reports
MOM 2005 Architecture
Reporting Server
– SQL Reporting Services
MOM 2005 Database
– Data aggregation
– Knowledge – management packs
– Configuration data
MOM 2005 Server
– Database access
– Consolidator
– Agent manager
– User interfaces
– Agentless monitoring
MOM 2005 Agents
– Local monitoring
– Local management
– Encrypted Communications
DB
Reporting Reporting ServerServer
ReportingReporting
AgentsAgentsAgentsAgents
Ops ConsoleOps ConsoleAdmin ConsoleAdmin ConsoleWeb ConsoleWeb Console
MOMMOM ServerServer
ConsolesConsoles View Alerts/Server StateView Alerts/Server State
condition requiring condition requiring intervention intervention execute tasks execute tasks topological views topological views service level exceptions service level exceptions
OperatorOperatorConsoleConsole
SQL Reporting ServicesSQL Reporting Services
Internet Internet InformatioInformatio
nnServerServer
HTTPHTTP
AdministratorAdministratorConsoleConsole
ExamplesExamples Server Availability Server Availability Operational Health Operational Health Performance TrendingPerformance Trending
System Center System Center Reporting Reporting
ServerServer
MOM 2005MOM 2005 ServerServer
AgentsAgents AgentsAgents
WebWebConsoleConsole
MOM – Operator Perspective
What's new for management packs with MOM 2005?
State Monitoring– Live “at a glance” health view by role
Topology– Display relationships between servers
Reports – use SQL Server Reporting Services
– System Center Reporting Server
Tasks– Ad hoc diagnosis and resolution
Improved Product Knowledge
Alerts View / State View
Alerts View
Alert Ticket
Manually resolved
State View
Dynamic
Role-based
Component Details
MOM 2005 Introduction:• Topology View
• Alert View
• Product Knowledge
• Tasks
Demo
Agenda
Why Monitor Active Directory
Brief Intro to MOM 2005
Overview of the Active Directory MP
– Client Side Monitoring
– Replication Monitoring
Summary\Best Practices
Whitepapers, Install Guides, and other Resources
AD MP Design Goals
Customers will receive a very small # of highly relevant alerts identifying the “root cause” wherever possible
Very little configuration necessary Usable “out-of-the-box” for very large Active Directory deployments
Full end-to-end health monitoring for every Active Directory component Excellent Active Directory health definition
Easily customizable for very sophisticated implementations
AD MP Features
Monitors all aspects of Active Directory health
– Performance and availability
– Not a security management pack (e.g. auditing)
Monitors availability of all processes that are vital to the health of Active Directory
– NetLogon, FRS, ISM, W32Time, KDC
Collects key performance data
Reports on service availability, performance, and trending
End-to-end replication validation in accordance with your SLAs
Centralized monitoring console to collect all events that can adversely affect Active Directory
AD MP Features
Supports all Windows 2000 Server and Windows Server 2003 features
Utilizes WMI providers to monitor replication partner health and *Trust relationships (*Windows Server 2003 only)
All scripts provide simple clear messages
Quiet with a very low # of highly relevant alerts (OK for pagers)
Client pack for client-side monitoring
Extensive product knowledge
Globalization support
Active Directory Event Monitoring
Over 400 rulesDC Locator
DIT corruption
GC
ISM
KCC
KDC
NetLogon
Replication
Security Accounts Manager (SAM) errors
Site links
Sysvol
UserEnv
W32Time
These rules do the deep dive into the These rules do the deep dive into the internal health of the AD!internal health of the AD!
New in AD MP for MOM2005State View
– Server health (Time, Netlogon, FRS, ISM, KDC)
– AD Service health
– Replication (Inbound connection objects)
– Client view monitoring
Topology Views
– Site Links (Site Site)
– Connection Objects (DC DC)
– Broken Connection Objects (red DC DC)
Client Monitoring Enhancements
New Reports
Product Knowledge
– More than twice the volume know AD management pack knowledge compared to MOM 2000 SP1.
Active Directory State MonitoringState monitoring Active Directory:At a glance view of AD health
Client View Replication Health
Server Health Service Health
ComponentsComponents
Active Directory RoleActive Directory Role
Can clients connect within thresholds?
Client connectivity– Can clients connect to PDC, GCs
– Is Active Directory responsive to clients
Checks for:– Serverless bind. (Can it contact a DC and is it in a local site)
– PDC Available
– Minimum # of GC’s available
– Are the targeted DCs available\responsive
Is replication healthy?
Replication health
– Is each DC configured properly
– Are all DC’s replicating
– Is replication occurring in a timely fashion (SLA)
– Has initial replication completed in the last 24hours (configurable)
Checks for:
– End-to-end replication via change injection
– Health of inbound connection objects
– Appropriate # of replication partners
– Site islands
– Slow replication
Are all of the required services available?
Are the services on each DC healthy?– Active Directory service
– Processes that are vital to the health of AD
– Database growth and log file free space
Checks for:– Health of LSASS, Knowledge Consistency Checker (KCC), Userenv
– State of NetLogon, FRS, Intersite Messaging Service (ISM), W32Time, Kerberos Distribution Center (KDC)
– Name resolution\DC locator
– Is SYSVOL accessible
Is the Active Directory service available?
Service Availability– Are the necessary FSMO role holders responsive
– Is the Active Directory service responsive
– Can clients connect to the directory
Checks for:– Serverless bind threshold
– GC Search Time
– Lost object count
– Availability of LDAP and crucial roles (PDC, DC, GCs, etc)
– Name resolution\DC locator
– Client pack tests
Active Directory Topology Views
Three different topology views:
–Sites and site links
–Connection Objects
–Broken Connection Objects
Detailed tool tips
–Subnet configuration details, link cost, replication interval, transport type, consecutive failures, partition names
Topology View Example: Site and Site Links
Servers show with health state
Servers annotated for role (e.g. GC)
Site links shown
Tool tips shown with details for site links, sites and computers
Reports – Which And Why?
Current configuration– Domain Controller Report
– Active Directory Operation Masters
– Replication Site Links
– Replication Connection Objects
Diagnostics & Trending– Replication Latency
– Domain Controller Disk space
– Active Directory Domain Changes
– Computer Account Authentication Failures
Agenda
Why Monitor Active Directory
Brief Intro to MOM 2005
Overview of the Active Directory MP
– Client Side Monitoring
– Configuring Replication Monitoring
Summary/Best Practices
Whitepapers, Install Guides, and other Resources
Monitoring Service Level
Server health is important but doesn’t catch all problems
Clients can commonly experience issues even though servers are healthy
IT departments need to verify they are meeting their commitments to management
– Replication is occurring quickly (replication SLA)
– Client logins are quick
– E-Mail is available (Address Book)
Client Side Monitoring
“How do I really know AD is working properly for my customers who rely on it?”
redmond.fabricam.comredmond.fabricam.com
Exchange Exchange UserUser
ExchangeExchange
DC1DC1
DC2DC2
MOMMOM
DC3DC3 DC4DC4
phoenix.fabricam.comphoenix.fabricam.com
E-Mail is slow!
Everything is fine!
Help DeskHelp Desk
WHY ?WHY ?
Client Side Monitoring
Ensures AD is available for Exchangeand other directory-enabled applications at the application server
Tests all necessary AD interfaces– ICMP and LDAP ping
–LDAP bind and sub-search
Very granular control– (Automatically targets local site)
–List of domains, sites, computers
– + specific computers
–Text file
– Turn auto discovery off
Client Side Monitoring
Very WAN efficient
Can be placed near/on the application server of interest
Can run on any server which is running a MOM agent
Trends key LDAP perf indicators
“Closes the loop” by providing MOM the client’s perspective of Active Directory health
redmond.fabricam.comredmond.fabricam.com
ExchangeExchange
DC1DC1
DC2DC2
MOMMOMDC3DC3 DC4DC4
phoenix.fabricam.comphoenix.fabricam.com
CPCPAlert:Alert: Client is going to out of site DC
Alert:Alert: Server response time exceeded limits
DC3DC3 DC4DC4
phoenix.fabricam.comphoenix.fabricam.com
MOMMOM
redmond.fabricam.comredmond.fabricam.com
ExchangeExchange
DC1DC1
DC2DC2
CPCP
No impact to existing No impact to existing generic app servergeneric app server
Both boxes sit next to Both boxes sit next to each othereach other
Separate administrationSeparate administration
Client Monitoring ConfigurationAdd computers to “Active Directory Client Side Monitoring” computer group
Demo
Agenda
Why Monitor Active Directory
Brief Intro to MOM 2005
Overview of the Active Directory MP
– Client Side Monitoring
– Replication Monitoring
Summary/Best Practices
Whitepapers, Install Guides, and other Resources
Replication Monitoring
AD management pack creates new container:CN=MomLatencyMonitors
Periodic scripts adds timestamps for monitoring replication latency
Separate maximum replication time thresholds for
– Intrasite monitoring
– Intersite monitoring
Specify Computers for Replication Monitoring
Source DCsSource DCs
Target DCsTarget DCs
Source and target computers specified through computer Source and target computers specified through computer groups (a computer can be both a source and target)groups (a computer can be both a source and target)
Replication Latency Configuration
Demo
Replication Latency Configuration
Add computers to computer groups:
Active Directory Replication Latency Data Collection – Sources
Active Directory Replication Latency Data Collection – Targets
pecify the maximum replication latency in the rule:
Script - AD Replication Monitoring
Agenda
Why Monitor Active Directory
Brief Intro to MOM 2005
Overview of the Active Directory MP
– Client Side Monitoring
– Replication Monitoring
Summary/Best Practices
Whitepapers, Install Guides, and other Resources
MOM/AD Best Practices
Push out agents and rules incrementally (Initial deployment)
Be wary of monitoring auditing rules (disabled by default)
Size your MOM architecture
–Fast disk, RAM, and CPU all necessary
–Use upcoming MOM 2005 performance and sizing guide
Groom data aggressively from MOM database
MOM/AD Best Practices (2)
MOM Action Account should be in root domain
Always use MOM MP to manage MOM
Use management packs AD depends on:
– Windows Base OS
– Group Policy
– DNS
Review most common alerts\events
– Weekly review most common alerts/events report
Baseline your implementation
– Adjust thresholds with this data as necessary
Summary
Effective forest-wide monitoring is a must
Monitor during and after Active Directory deployment
Get the full picture – use the Client Pack
Deploy the MOM + AD MP and keep Active Directory healthy
Resources
AD Management Pack Users Guide– Installation, configuration, and best-practices
operations information
– Specific support for large branch office scenarios and extremely low-bandwidth wan links
– MOM 2005: http://www.microsoft.com/technet/prodtechnol/mom/mom2005/maintain/admpguideformom2005.mspx
AD Management Pack Technical Reference Guide– Typical scenarios that the AD MP was designed to monitor
– How ADMP defines “health” for AD components
– MOM 2005: http://www.microsoft.com/technet/prodtechnol/mom/mom2005/maintain/dirmgmtpackmom.mspx
Managing Windows Servers
Agenda
Why Monitor Windows Servers
Overview of the Windows Base O/s MP
– Capacity monitoring
– Performance Monitoring
Overview of Hardware Management Packs
– Capacity monitoring
– Performance Monitoring
Summary/Best Practices
Whitepapers, Install Guides, and other Resources
Why Monitor Windows Servers?
Windows Server O/s is crucial to the Health of the AD–Performance monitoring
–Storage Monitoring
–Health Checking
–Status Checking
–Security Checking
Hardware critical to health of Windows Base O/s–Component monitoring
–Peripheral Monitoring
–Capacity Monitoring
Agenda
Why Monitor Windows Servers
Overview of the Windows Base O/s MP
– Monitoring Scenarios
– Performance Monitoring
Overview of Hardware Management Packs
– Vendor available MP’s
– Performance Monitoring
Summary/Best Practices
Whitepapers, Install Guides, and other Resources
Monitoring Scenarios
Service and application management
–Core Windows service up/down status•
–Unexpected service terminations•
–Service configuration issues •
–Service account and authentication issues
Reliability
–Detects reoccurring application terminations
–Gathers data on system shutdowns (for shutdown reporting)
–Reports system failures (for stop error reporting)
Monitoring Scenarios cont….
Storage
–Share availability issues
–Share configuration issues
–Local storage resource availability
–Local storage free space
–File system integrity and corruption issues
Networking
– IP address conflicts
–Disconnected network adapters
–Duplicate network names
Agenda
Why Monitor Windows Servers
Overview of the Windows Base O/s MP
– Capacity monitoring
– Performance Monitoring
Overview of Hardware Management Packs
– Capacity monitoring
– Performance Monitoring
Summary/Best Practices
Whitepapers, Install Guides, and other Resources
Performance Monitoring
Performance measuring
-For most commonly used performance data
Performance threshold monitoring
–Physical Disk - Avg. Disk sec./
–Physical Disk - Avg. Disk sec./Read
–Memory - Pages/sec.
–Processor - % Processor
–Processor - % DPC
–Processor - % Interrupt Time
–Memory - % Committed bytes in use
–Memory - Available Megabytes
Performance Monitoring
State monitoring and service discovery
– Base OS services
– Storage
– Messenger service
– Computer browser
– Logical Disk Manager service
– Dynamic Host Configuration Protocol (DHCP) client
– Domain Name Service (DNS) client
– Remote Procedure Call (RPC) health
– Server service
– Transmission Control Protocol/Internet Protocol (TCP/IP)
– NetBIOS Helper service
– Hardware discovery
– Event log
– Workstation service
Agenda
Why Monitor Windows Servers
Overview of the Windows Base O/s MP
– Capacity monitoring
– Performance Monitoring
Overview of Hardware Management Packs
– HP
– Dell
– Fujitsu
– IBM
Demo
Whitepapers, Install Guides, and other Resources
HP Management Packs 1.1
Hardware resource management for HP ProLiant and Integrity servers
Hooks into HP Insight Manager Software
Support for Microsoft Windows Server 2003 and x64 Editions
Event rules for HP ProLiant Support Pack versions up to 7.4
Eveny rules for HP Integrity Support Pack versions up to 4.05
Topology Diagram View
State Roll-up component
Easy launch Tasks for server based webviews
Public View for troubleshooting
HP State View
System requirements
HP Insight Management Agents for ProLiant Servers, versions 5.5 to 7.40
HP Insight Management Agents for Integrity Servers, versions 2.3 to 4.05
SNMP for servers
–Required locally on each managed HP server to enable correct operations of the HP Insight Management Agents and to populate MOM 2005 with hardware state information
HTTP
–Required to enable tasks in MOM 2005 that access HP SIM, the HP System Management Homepage on individual managed systems, and HP Management Processors
Agenda
Why Monitor Windows Servers
Overview of the Windows Base O/s MP
– Capacity monitoring
– Performance Monitoring
Overview of Hardware Management Packs
– HP
– Dell
– Fujitsu
– IBM
Demo
Whitepapers, Install Guides, and other Resources
Dell Management Pack 2.0
Hardware Resource Management for Dell Servers
Hooks into Dell OpenManage Server Administrator and Dell OpenManage Array Manager Software
Dell State Monitoring Alerts View, Topology Views, and State Views
Task based Web link to launch a Dell Remote Access Controller when a warning or critical event occurs
Task to update State Views
Dell Knowledge Base information to support new event processing rules of Server Administrator (including the enhanced Storage Management Service) and Array Manager
Dell Diagram View
ROCKSDEV\CONN-NAS Dell Asset Tag: Dell-NAS Dell Server IPAddress: 192.168.234.235, 192.168.18.98 Dell Server Model Type: PowerVault 775N Dell Server OS: Microsoft Windows Powered Dell Service Tag: 3C1471S Status: Critical Error
System requirements
Microsoft Windows 2000 Server with Service Pack 4 or later, Windows 2000 Advanced Server with Service Pack 4 or later, Windows Server 2003 (Standard Edition, Web Edition, and Enterprise Edition), Windows Small Business Server (SBS) 2000, and Windows SBS 2003
Support for Dell OpenManage Server Administrator versions 1.6–2.0 (including the enhanced Storage Management Service version 1.0–1.1). For receiving alerts from the storage subsystem, you must have installed either Dell OpenManage Array Manager or the Server Administrator enhanced Storage Management Service.
Support for Array Manager versions 3.4–3.7.
Agenda
Why Monitor Windows Servers
Overview of the Windows Base O/s MP
– Capacity monitoring
– Performance Monitoring
Overview of Hardware Management Packs
– HP
– Dell
– Fujitsu
– IBM
Demo
Whitepapers, Install Guides, and other Resources
Fujitsu Siemens 2.0
Hardware Resource Management for Fujitsu Siemens PRIMERGY Servers
Hooks into Fujitsu Siemens ServerView Software
Server View State Monitoring Alerts View, Topology Views, and State Views
Tasks for ServerView Management Console, ServerView Frontend, ServerView WebVersion, Start ServerView
Fujitsu Siemens Knowledge Base information
System requirements
Operating system Windows 2000 (service pack 4 or higher ) or Windows Server 2003
ServerView Agents v 2.59 or higher must be installed
Simple Network Management Protocol (SNMP )for servers - required for correct operations of the ServerView Management
IBM Hardware
Most recently added
Pro-active management of IBM Hwardware
Hooks into IBM Director Software
Come with Knowledge Base Information
No task or diagram support
MP Downloads
HP
http://h18004.www1.hp.com/products/servers/management/mom2005/index.html
Dell
http://ftp.us.dell.com/sysman/DOMMP20.exe
Fujitsu Siemens
http://download.fujitsu-siemens.com/Download/ShowDescription.asp?SoftwareGUID=4190578B-A3E7-41F9-93B0-AED74F700B84
IBM
http://www-1.ibm.com/support/docview.wss?uid=psg1MIGR-61783
Management Update Notification
Sign up for Management Update Notification Service
–Notice of updates to
– New/Updated Management Packs
– Microsoft Management Product News
– Solutions
–http://www.microsoft.com/management/notifyme/
Ask The ExpertsGet Your Questions Answered
Questions
Community Resources
Community Resources
– http://www.microsoft.com/communities/default.mspx
Most Valuable Professional (MVP)
– http://www.microsoft.com/communities/mvp
Newsgroups
–Converse online with Microsoft Newsgroups,including Worldwide
– http://communities2.microsoft.com/communities/newsgroups/en-us/default.aspx
User Groups - Meet and learn with your peers
– http://www.microsoft.com/communities/usergroups/default.mspx
Microsoft Learning Resources
Come and talk to Microsoft Learning to find out more about developing your skills, you can kind us in the ‘Ask the Experts’ area
Special offers on Microsoft Certification from Microsoft Learning
Click here to access free Microsoft Learning Assessments http://www.microsoft.com/learning/assessment/ind/default.asp
and FREE elearning for Microsoft Visual Studio 2005 and Microsoft SQL Server 2005 with free Assessments and E-Learninghttp://www.microsoft.com/learning/mcp/
MOM Resources
Microsoft Operations Manager http://www.microsoft.com/MOM
Getting Started Resourceshttp://www.microsoft.com/MOM/Beginners
– Technical Walkthrough
– Key Documentation
– MOM Evaluation Download
Partner Product Cataloghttp://www.microsoft.com/MOM/ManagementPacks
MOM Communityhttp://www.microsoft.com/MOM/community/
Solution Acceleratorshttp://www.microsoft.com/mom/evaluation/solutions/default.mspx
What else does TechNet give you?
FREE TechNet Newsletter”
FREE Events and Webcasts
FREE quarterly “TechNet” magazine
FREE comprehensive technical website
FREE TechNet Radio, Security Centre, Learning Paths and Virtual Labs
TechNet Plus Subscription DVD
A range of tools and resources for IT professionals that let you plan, manage ,deploy
To subscribe to the newsletter or just to find out more, please visit www.microsoft.com/uk/technet
http://www.microsoft.com/uk/technet
PS (The evaluation form is now sent out electronically with your thank you e-mail. This can take up to 5 working days. Please do feedback as we read all the comments and use them to shape future event content)
Thank you for attending this TechNet Event