Understanding Active Directory Domain Services Management Pack Operations]
This section describes the views, tasks, and various reports that are available through the Active Directory Domain Services Management Pack.
Views
After you import the Active Directory Domain Services Management Pack into Operations Manager, a number of new AD DS–specific views will be available in the Operations Manager Operator Console. The following table describes these views.
| View name | Description |
|---|---|
Alerts |
Lists all unresolved alerts on domain controllers, including:
|
Computer Groups |
Lists all Computer Groups for domain controllers. |
Computers |
All managed domain controllers. |
Events |
Lists all events that have been collected from domain controllers. |
Performance |
Lists all the performance data that is collected about domain controllers. |
Service Level Exceptions |
Lists unresolved alerts that have exceeded service levels on domain controllers. |
State |
Lists the state of all domain controllers. |
Task Status |
Lists the events that indicate task results. |
Client-Side Monitoring |
Reports client-side events. |
Discovery |
Displays the following:
|
Health Monitoring |
Lists collected performance data for selected domain controllers. The data is related to the health of the domain controller and its copy of the database, including:
|
Replication Monitoring |
Lists collected performance data for selected domain controllers. The data is related to replication health, including:
|
Replication Topology Diagrams |
Diagrams of replication topology, including:
|
Task Output |
Lists the status of all tasks that have been executed against the computers, including:
|
Tasks
After you import the Active Directory Domain Services Management Pack, a number of new AD DS–specific tasks will be available in the Operations Manager Operator Console. The following table describes these tasks.
| Task name | Description |
|---|---|
Active Directory Users and Computers Snap-In |
Opens the Active Directory Users and Computers snap-in on the local computer. (This task is located in the Microsoft Active Directory folder.) |
Active Directory Domains and Trusts Snap-In |
Opens the Active Directory Domains and Trusts snap-in on the local computer. (This task is located in the Microsoft Active Directory folder.) |
Active Directory Sites and Services Snap-In |
Opens the Active Directory Sites and Services snap-in on the local computer. (This task is located in the Microsoft Active Directory folder.) |
Create Replication Latency Monitoring Containers |
Creates the MOM Latency Monitor containers in the specified naming contexts. (This task is located in the Management Pack Configuration folder.) |
Remove DC Replication Latency Objects |
Removes the MOM Latency Monitor objects for the targeted domain controller. (This task is located in the Management Pack Configuration folder.) |
Replication Summary Snapshot |
Collects a snapshot of the current replication status from the perspective of the target computer by using the REPADMIN /replsum command. (This task is located in the Replication Troubleshooting folder.) |
Service Principal Name Health |
Confirms the service principal name (SPN) health on the target domain controllers. (This task is located in the Replication Troubleshooting folder.) The service principal name health is useful for diagnosing replication authentication errors that are caused by nonexistent, manipulated, or duplicate SPN registrations, Kerberos ticket refresh, admin tool startup, user and computer logon authorization, and service startup. |
Enumerate Trusts |
Enumerates the trust relationships between AD DS domains. (This task is located in the Trust Details folder.) |
ADSI Edit |
Opens the ADSI Edit console on the local computer. (This task is located in the Advanced folder.) |
DCDiag |
Runs DCDiag.exe on a remote domain controller by using parameters that are specified by the user. (This task is located in the Advanced folder.) |
LDP |
Opens LDP.exe on the local computer. (This task is located in the Advanced folder.) |
NETDIAG |
Runs Netdiag.exe on a remote domain controller by using parameters that are specified by the user. (This task is located in the Advanced folder.) |
NETDOM |
Runs Netdom.exe on a remote domain controller by using parameters that are specified by the user. (This task is located in the Advanced folder.) |
NLTEST |
Runs Nltest.exe on a remote domain controller by using parameters that are specified by the user. (This task is located in the Advanced folder.) |
REPADMIN |
Runs Repadmin.exe on a remote domain controller by using parameters that are specified by the user. (This task is located in the Advanced folder.) |
SETSPN |
Runs Setspn.exe on a remote domain controller by using parameters that are specified by the user. (This task is located in the Advanced folder.) |
Reports
To use the reports that are included in the Active Directory Domain Services Management Pack package, you must import them.
To import the Active Directory Domain Services Management Pack Reports file
In the MOM Administrator Console, right-click Management Packs, and then click Import/Export Management Pack.
The Import/Export Management Pack Wizard opens. Click Next.
Select the Import Management Packs option, and then click Next.
Type the path to the report file, or browse to the folder.
Click Import reports only, and then click Next.
Select the Active Directory Domain Services Management Pack Reports file, and then click Next.
If a Secure Socket Layer Confirmation dialog box opens, click Continue.
Click Finish.
If you need to install additional report files, repeat steps 1 through 7 for each report file.
After you have imported the Active Directory Domain Services Management Pack into Operations Manager 2005, a number of new AD DS–specific reports will be available in the Operations Manager Reporting Console, as listed in the following table.
| Report name | Report description and use cases |
|---|---|
AD Domain Controllers |
Lists all domain controllers in the selected domain, along with their Internet Protocol (IP) addresses and sites. |
AD Role Holders |
Lists which computers are holding one or more operations master roles or are global catalog servers. |
AD Replication Connection Objects |
Summarizes the AD DS replication topology by providing a list of connection objects. Indicates the source domain controllers and target domain controllers and their respective sites, the transport types, and whether the connection objects are manually configured. |
AD Replication Site Links |
Summarizes the current replication site link configuration for AD DS. |
AD DC Disk Space |
Summarizes AD DS disk space usage and free space for the database and log volumes. It is critical that adequate free space be available for AD DS. Use this report to trend and predict the size of volumes that you will need, given your current growth rate. |
AD Domain Changes |
Summarizes significant changes to the domain, such as movement of the PDC emulator operations master and the addition or removal of domain controllers. |
AD Machine Account Authentication Failures |
Summarizes which workstations (that are joined to the domain) are unable to authenticate. This failure can prevent Group Policy updates and software distribution to the computer. |
AD SAM Account Errors |
Summarizes events that indicate that the Security Accounts Manager (SAM) has detected an error. Corrective guidance is provided where applicable. |
AD Replication Bandwidth |
Summarizes the replication bandwidth (compressed and uncompressed) over the selected period. This report is useful for trending and capacity planning for replication bandwidth requirements. |
AD Replication Latency |
Summarizes the minimum, average, and maximum replication latency per naming context, per domain controller. This report is extremely useful in verifying any service level agreement (SLA) that you have for changes to replicate within the domain or forest. |