An entirely new Management Pack for Active Directory on Windows Server 2016 is now available

Reading Time: 4 minutes

When organizations embrace new versions of software in a structured way, they end up with checklists, much like the ones I wrote for Windows 7 and Windows 8. Migrating end-user device Operating Systems (OSs), however, is different to embracing a new version of the Windows Server Operating System (OS).

From an information security point of view organizations might have requirements for  (volume) activation, anti-malware, monitoring, (remote) management and disaster recovery. Legacy hardware might need to be replaced to conform to the latest Hardware Compatibility List (HCL).

Then again, not all Windows Servers offer business value based on Microsoft’s built-in Server Roles and Features. Instead, many software packages need to become available and/or supported for the new Operating System before organizations are ready to upgrade their entire server farm, for consistency.

Earlier this month, I wrote how Azure AD Connect v1.1.343.0 supports Windows Server 2016 and SQL Server 2016.

Today, I’m sharing the news that the System Center Management Pack (MP) needed to monitor Active Directory Domain Services on-premises is now available for Windows Server 2016. It was released on December 21, 2016. Not only that… It has been completely rewritten.

 

About the AD DS MP

The Active Directory Domain Services Management Pack provides both proactive and reactive monitoring of your Active Directory Domain Services deployment. It monitors the overall health of the Active Directory system and alerts you to critical performance issues.

The monitoring provided by this management pack includes monitoring of Active Directory Domain Controllers and monitoring of health from the perspective of clients utilizing Active Directory resources.

To monitor the Domain Controllers, the Active Directory Domain Services Management Pack provides a predefined, ready-to-run set of processing rules, monitoring scripts, and reports that are designed specifically to monitor the performance and availability of the Active Directory Domain Controllers.

End-users and devices in your environment might experience connectivity and service issues even though the Active Directory Domain Controllers appear to be operating correctly. The Active Directory Domain Member Management Pack, included in the Active Directory Management Pack, helps to identify these issues. This management pack monitors the services provided by the Active Directory Domain Controller. It provides information in addition to that collected directly on the Domain Controller about whether they are available by running synthetic transactions against the directory service, such as Lightweight Directory Access Protocol (LDAP) binds and LDAP pings.

In addition to health monitoring capabilities, this management pack provides a complete Active Directory monitoring solution by monitoring the health of vital processes that your Active Directory deployment depends upon, including the following:

  • Replication
  • Lightweight Directory Access Protocol (LDAP)
  • Domain Controller Locator
  • Trusts
  • Net Logon service
  • File Replication Service (FRS)
  • Inter-site Messaging service
  • Windows Time service
  • Active Directory Web Services (ADWS)
  • Active Directory Management Gateway Service
  • Key Distribution Center (KDC)
  • Monitoring service availability
  • Collecting key performance data
  • Providing comprehensive reports, including reports about service availability and service health and reports that can be used for capacity planning

With this Management Pack, administrators can automate one-to-many management of user and computer objects, simplifying administrative tasks and reduce IT costs. Administrators can efficiently implement security settings, enforce IT policies, and minimize service outages.

 

What’s New

Windows Server 2016 support

The new Active Directory Domain Services Management Pack supports monitoring Active Directory when the Active Directory Domain Controllers run Windows Server 2012, Windows Server 2012 R2 and/or Windows Server 2016.

The downside to this news is that Windows Server 2008 and Windows Server 2008 R2 are no longer supported. Active Directory Domain Controllers running these Windows Server versions need the previous version of the Active Directory Management Pack.

The upside is that all old code has been removed. This includes deprecated rules, alerts, and tools.

Event monitoring

In this Management Pack, the Event Alert rules were removed. All Error and Warning events from Active Directory-related event logs are now only collected in the Events collections. Informational events can be collected as well by turning on the Information Events rules.

Replication Monitoring replaced

The Replication Monitoring solution has been completely rewritten. It has been replaced with the following monitors:

  • Active Directory Replication Queue Monitor
  • Actve Directory Show Replication Check
  • Replication Partner Count Monitor
  • Replication Consistency Monitor

Removed Reliance on OOMADS.dll

Foor deployment of Management Packs to Domain Controller for monitoring, the team has removed oomads as a dependency from all Management Packs.

Removed dependency on down-level DC discovery MPs

Deploying this Management Pack no longer requires you deploy the Windows Server 2003, Windows Server 2008 and Windows Server 2008 R2 version of the Active Directory Domain Services Management Pack.

Created well defined aggregate roll-ups

With this Management Pack, the health monitors are rolled into well-defined and structured aggregates.

New server health monitors

This Management Pack introduces several new Server Health Monitors:

  • Strict replication
  • DNS service
  • Group Policy
  • Network adapters
  • Strict replication

New domain member monitors

The Active Directory Client Management Pack has been renamed to the Active Directory Domain Member Management Pack. The Active Directory Domain Member Management Pack features the following new monitors:

  • Reliable time server
  • Secure channel
  • DC health
  • Group policy

Additional Guidance

The team added additional information to alerts and monitors and updated the knowledge base information, so administrators learn the information to remediate situations faster.

 

Version

This is version 10.0.1.0 of the Active Directory Domain Services Management Pack.
It can be deployed to Windows Server 2012, Windows Server 2012 R2 and Windows Server 2016-based systems,

This Management Pack requires System Center 2012 R2 or newer and does not replace your 6.0.x Active Directory Domain Services Management Pack deployment.

 

Download

You can download version 10.0.1.0 of the Active Directory Domain Services Management Pack here. It is available in 17 languages and weighs between 756KB and 948KB per language. (or you can download a version including all languages weighing 1.2 MB)

 

Recommendation

Don’t let monitoring your Windows Server 2016-based Active Directory Domain Controllers slow down your migration to Microsofts latest and greatest.

Once you’ve upgraded all Domain Controllers to at least Windows Server 2012, you can safely remove the 6.0.x version of the Active Directory Domain Services Management Pack from your System Center deployment.

Related blogposts

Active Directory Domain Services Management Pack updated
Windows 8 Migration Checklist
Windows 7 Migration Checklist
Azure AD Connect version 1.1.343.0 with support for Windows Server 2016 and SQL Server 2016

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.