Active Directory
Active Directory monitoring plugin, collecting information from users and related
services.
- Introduction
- Compatibility matrix
- Prerequisites
- Configuration
- Manual execution
- Configuration in Pandora
- Modules generated
Introduction
Active Directory monitoring plugin, collecting information from users and related services.
Compatibility matrix
Developed to be used with Powershell v3.0 or higher
Prerequisites
This plugin uses PowerShell® 3.0 commands to collect information from users and services related to Active Directory®.
● PowerShell® v3.0 or higher.
● Active Directory Powershell® Module.
● Repadmin.
The deployment of this plugin by binaries has no special requirements.
Configuration
The Active Directory plugin configuration file is divided into blocks:
User
# User
user = all
user
Set “all” if you want to retrieve the full list of enabled users in Active Directory. If you just want to look for a single user, enter the name of the user instead of "all". Comment the line if you don’t want to extract any user data.
Unused
# Unused
unused = 1
unused
It will allow you to see the list of users that have not been used for at least two months. Set 1 to enable it and 0 to disable it.
SPN
# SPN
spnm = 0
SPN
It will allow you to see the SPN suffixes. Set 1 to enable it and 0 to disable it.
UPN
# UPN
upnm = 0
UPN
It will allow you to see the UPN suffixes. Set 1 to enable it and 0 to disable it.
tests
# tests
tests = 0
tests
It will allow to extract the information from the AD diagnostic tests that the dcdiag tool returns. Set 1 to enable it and 0 to disable it.
Manual execution
To run the plugin, configure the configuration file according to the preceding instructions. The execution itself would be the call to the executable .exe, passing the configuration file with its path as the first parameter.
Plugin execution:
[path_to_plugin]\active_directory.exe [path_to_conf]\adparams.txt
Configuration in Pandora
In order to fully manage the plugin execution from the web console, we will distribute the plugin through collections:
1. A new collection will be created in the Configuration>Collections section. With short name "ad_plugin" and name Active Directory plugin.
2. In the "Files" section of the collection, click on "Upload Files" to upload the plugin executable and the configuration file (previously edited according to the data to be extracted):
3. In the "Data" section of the collection, click on "Create File again" to generate the collection and then click on "Update".
4. In the Administration View of the agent in which the plugin needs to be launched (it must have a software agent installed), the collection created will be added in the "Collections" section:
5. Finally, the plugin execution needs to be added in the "Agent plugins" tab. As it has been added via collection, the executable and the configuration file will be created in the installation path of the software agent on the \collections\ad_plugin computer:
In a default installation path of the software agent and following the short name of the collection of this manual, the execution would be as follows:
"%ProgramFiles%\Pandora_Agent\collections\ad_plugin\active_directory.exe"
"%ProgramFiles%\Pandora_Agent\collections\ad_plugin\adparams.txt"
Modules generated
The standard execution of this plugin will return the following modules by default (with all optional blocks enabled):
Monitoring:
● AD Users
● Unused AD User
● AD Schema Master
● AD Root Domain
● AD Forest Domains
● AD Computer DNS Host Name
● AD Global Catalogs
● AD SPN suffixes
● AD UPN suffixes
● Connectivity
● Replication admin
● Service DNS status
● Service DFS Replication status
● Service Intersite Messaging status
● Service Kerberos Key Distribution Center status
● Service NetLogon status
● Service Active Directory Domain Services status
● Test Advertising status
● Test FrsEvent status
● Test SysVolCheck status
● Test KccEvent status
● Test KnowsOfRoleHolders status
● Test MachineAccount status
● Test NCSecDesc status
● Test Netlogons status
● Test ObjectsReplicated status
● Test Replication status
● Test RidManager status
● Test Services status
● Test SystemLog status
● Test VerifyReferences status