1 / 27

Module 8: Implementing an Active Directory Domain Services Monitoring Plan

Module 8: Implementing an Active Directory Domain Services Monitoring Plan. Module Overview. Monitoring Active Directory Domain Services Using Event Viewer Monitoring Active Directory Domain Servers Using Reliability and Performance Monitor

lee-gregory
Download Presentation

Module 8: Implementing an Active Directory Domain Services Monitoring Plan

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Module 8: Implementing an Active Directory Domain Services Monitoring Plan

  2. Module Overview • Monitoring Active Directory Domain Services Using Event Viewer • Monitoring Active Directory Domain Servers Using Reliability and Performance Monitor • Configuring Active Directory Domain Services Auditing

  3. Lesson 1: Monitoring Active Directory Domain Services Using Event Viewer • Event Viewer Features • Demonstration: Overview of the Event Viewer • Active Directory Domain Services Logs • What Are Custom Views? • What Are Subscriptions? • Demonstration: Configuring Custom Views and Subscriptions

  4. Event Viewer Features

  5. Demonstration: Overview of the Event Viewer In this demonstration, you will see how to navigate the Event Viewer

  6. Active Directory Domain Services Logs The following logs can provide specific information about Active Directory issues: • Application log connections • System Log • DFS Replication log • Directory Service Log • DNS Server log • Group Policy\Operational

  7. What Are Custom Views? Custom views : • Allow you to aggregate and filter information from multiple logs into a single view • Are reusable • Can be exported to other computers Event 1. Security log Event 2. System log Event Viewer Event 3: DFS log

  8. What Are Subscriptions? Subscriptions collect events from multiple computers and store them locally

  9. Demonstration: Configuring Custom Views and Subscriptions In this demonstration, you will see how to: • Create a custom view and add the AD DS specific logs to the view. • Create a subscription to collect logs from multiple domain controllers

  10. Lesson 2: Monitoring Active Directory Domain Servers Using Reliability and Performance Monitor • Reliability and Performance Monitor Features • Demonstration: Overview of the Reliability and Performance Monitor • Monitoring AD DS Using Performance Monitor • What Is an Active Directory Baseline? • Monitoring Service Availability with Reliability Monitor • Monitoring Active Directory Domain Services Using Data Collector Sets • Demonstration: Monitoring AD DS

  11. Reliability and Performance Monitor Features Reliability and Performance Monitor allows you to: Perform real-time monitoring ü Collect data ü Track performance of applications and services ü Generate alerts ü Take action when thresholds are reached ü Generate reports ü

  12. Demonstration: Overview of the Reliability and Performance Monitor In this demonstration, you will see an overview of the Reliability and Performance monitor

  13. Monitoring AD DS Using Performance Monitor Useful NTDS Counters for Monitoring Active Directory: NTDS\ DRA Inbound Bytes Total/sec ü NTDS\ DRA Inbound Object ü NTDS\ DRA Outbound Bytes Total/sec ü NTDS\ DRA Pending Replication Synchronizations ü NTDS\ Kerberos Authentications/sec ü NTDS\ NTLM Authentications ü

  14. What Is an Active Directory Baseline? A baseline defines what a server looks like under normal workload conditions ü Servers performing different functions will have different baselines measurements ü Baseline measurements should include basic server counters and function specific counters ü Problems areas can be identified by comparing baseline measurements to current statistics ü

  15. Monitoring Service Availability with Reliability Monitor

  16. Monitoring Active Directory Domain Services Using Data Collector Sets • Organizes multiple data collection points into a single component • Can be grouped with other data collection sets • Can be incorporated into logs • Can be created individually or from templates Data Collector Sets can contain the following types of data collectors: • Performance counters • Event trace data • System configuration information (registry key values)

  17. Demonstration: Monitoring AD DS In this demonstration, you will see how to set up monitoring of Active Directory

  18. Lesson 3: Configuring Active Directory Domain Services Auditing • What Is Active Directory Domain Services Auditing? • Demonstration: Configuring an Audit Policy • Types of Events to Audit • Demonstration: Configuring AD DS Auditing

  19. What Is Active Directory Domain Services Auditing? • Active Directory auditing can show old values and new values of changed attributes in audit entries • Active Directory audit policy is divided into four subcategories • Directory service access • Directory service changes • Directory service replication • Detailed Directory service replication • Only directory service access is enabled for success by default • Use the Auditpol.exe command-line tool to view or set audit policy subcategories

  20. Demonstration: Configuring an Audit Policy In this demonstration, you will see how to configure a global audit policy with the GPMC and adjust it with Auditpol.exe

  21. Types of Events to Audit

  22. Demonstration: Configuring AD DS Auditing In this demonstration, you will see how to configure the site link object to manage replication between sites

  23. Lab: Monitoring Active Directory Domain Services • Exercise 1: Monitor AD DS Using Event Viewer • Exercise 2: Monitor AD DS Using Performance and Reliability Monitor • Exercise 3: Configure AD DS Auditing Logon information Estimated time: 60 minutes

  24. Lab Review • You want to enable the Directory Service Changes subcategory without enabling a global audit policy. How could you do this? • What services must be running on a source computer in order to provide information to a subscription? • You have enabled a global audit policy to collect directory service access events, but no events are showing up in the security log. What might the problem be?

  25. Module Review and Takeaways • Review questions • Considerations

  26. Beta Feedback Tool • Beta feedback tool helps: • Collect student roster information, module feedback, and course evaluations. • Identify and sort the changes that students request, thereby facilitating a quick team triage. • Save data to a database in SQL Server that you can later query. • Walkthrough of the tool

  27. Beta Feedback • Overall flow of module: • Which topics did you think flowed smoothly, from topic to topic? • Was something taught out of order? • Pacing: • Were you able to keep up? Are there any places where the pace felt too slow? • Were you able to process what the instructor said before moving on to next topic? • Did you have ample time to reflect on what you learned? Did you have time to formulate and ask questions? • Learner activities: • Which demos helped you learn the most? Why do you think that is? • Did the lab help you synthesize the content in the module? Did it help you to understand how you can use this knowledge in your work environment? • Were there any discussion questions or reflection questions that really made you think? Were there questions you thought weren’t helpful?

More Related