Options
Sign in to Download

Active Directory Health Checks

PowerShell commands to check the counts for Users, Computers, OUs, and GPOs in AD environment

Count how many users are...

  • Inactive, Expired, Locked, Disabled, Configured with Non-Expiring Passwords

Get computer counts

  • Disabled

Get OU counts

  • Empty OUs

Get group counts

  • Empty Groups

Get GPO counts

  • GPOs with No Links (UPDATED LOGIC)
  • GPOs with Disabled Links (NEW)

Subnet not Assigned to AD Site

  • **NEW** Added new monitor for subnet events. 5807 is the result of new subnets/vlans initiating authentication requests that are not accounted for in Sites and Services. This is just an indication for admins to check the netlogon.log file.

Pre-reqs

Runs on SAM poller Local Host so the SAM system must have...

1. RSAT + AD PowerShell module enabled (or change monitoring to Remote, may require some adjustments)

2. PowerShell 4.0 (standard with Windows Server 2012 R2+)

Note: If you're having issues with components showing up unknown, try extending the timeout on template. Default is 300 seconds. I have found going to 600 to help when running PowerShell queries.

00shep

  • Many thanks man, you have clear out many points for me,i am using the agentless all over my environment ,thank you a million...As an IT you have always a need for more template and tools to monitor and control the environments,wish if you have more tools and template for SAM emoticons_happy.png

  • First, I monitor my domain controllers with an agent. I do this mostly to separate the administrative accounts. i.e. in order to have a local admin on a DC you are effectively creating a domain administrator due to the built in security group "Administrators". So I have a SAM account that gets to most servers and a separate that gets to the DCs. The agent uses that second account.

    As for the locked out users, cgrizovic@tql.com covered how to accomplish that in previous comments. I can confirm that if you customize the locked user component in the template to include his script it works just fine. This is what it looks like in the component details WITH his change. I'm not clear if you're saying you want to know every failed logon attempt. That can be pretty noisy. Depending on the size of the environment SAM may not be the right tool for that. Now you're getting into SEIM tools like SolarWinds LEM. If you want alerts for something like "Expired Accounts >= 0" you could configure that easily in the template. You'd have to have it change the state to down or something then use a "component is down" alert to get the emails.

    pastedImage_0.png

  • ok man I tried what did you say but it didn't work, I am monitoring the domain using agentless, so what I did is that I have installed an agent on the domain and it worked, now I am able to see the active directory,mmmm it does not show you let say the locked out users or the disabled user, it only show you a number not a name, it will be great if it can show us the users and it will be great if we receive an email alert in case any failure log in for any user or expired password, many thanks man....

  • FYI, Here's how my system looks (no modifications to the template) - I just go to the domain controller this is assigned to, select the template, and look for this section in the "App Details" page.

    Note: May be obvious but you only need this assigned to 1 domain controller as all of the info is replicated. You just have to remember who you assigned the app to or go through the applications tree.

    pastedImage_0.png

  • Updated my my description for the template w/ Pre-reqs. Sorry if that caused you to waste any time.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.