Hi, Recently, I inherited some Windows machines. Including a pair of Domain controllers.
I'm wondering what are somethings I'm going to want to monitor to make sure these things keep running?
I have the Powershell client installed no problem.
I see DNS and DHCP services, and am adding those. Then I see ADWS, the active director. Each machine has it as starting automatically, but only one is running. I assume that's correct, and that they watch each other so only one is running, right?
Is there a way to do a combo test to make sure it is running on only one?Thanks, Paul.
Paul Root Lead Engineer 390 Commerce Dr Woodbury, Mn 55125 651-312-5207 paul.root at centurylink.com
This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
NTDS is the core AD service, ADWS is only web services to allow connectivity to AD using http/https. All 12 of our DC's have them running at the same time.
Tim Williams
On Thu, Jan 31, 2019 at 1:37 PM Root, Paul T <Paul.Root at centurylink.com> wrote:
Hi,
Recently, I inherited some Windows machines. Including apair of Domain controllers.
I’m wondering what are somethings I’m going to want tomonitor to make sure these things keep running?
I have the Powershell client installed no problem. I see DNS and DHCP services, and am adding those. Then Isee ADWS, the active director. Each machine has it as starting automatically, but only one is running. I assume that’s correct, and that they watch each other so only one is running, right?
Is there a way to do a combo test to make sure it isrunning on only one?
Thanks,
Paul.
Paul Root
Lead Engineer
390 Commerce Dr
Woodbury, Mn 55125
651-312-5207
paul.root at centurylink.com
This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
Thanks, I’m obviously not a Windows guy.
Paul.
From: Timothy Williams <tlwilliams4 at vcu.edu> Sent: Thursday, January 31, 2019 12:48 PM To: Root, Paul T <Paul.Root at CenturyLink.com> Cc: Xymon MailingList <xymon at xymon.com> Subject: Re: [Xymon] monitoring Domain Controllers
NTDS is the core AD service, ADWS is only web services to allow connectivity to AD using http/https. All 12 of our DC's have them running at the same time.
Tim Williams
On Thu, Jan 31, 2019 at 1:37 PM Root, Paul T <Paul.Root at centurylink.com<mailto:Paul.Root at centurylink.com>> wrote: Hi, Recently, I inherited some Windows machines. Including a pair of Domain controllers.
I’m wondering what are somethings I’m going to want to monitor to make sure these things keep running?
I have the Powershell client installed no problem.
I see DNS and DHCP services, and am adding those. Then I see ADWS, the active director. Each machine has it as starting automatically, but only one is running. I assume that’s correct, and that they watch each other so only one is running, right?
Is there a way to do a combo test to make sure it is running on only one?Thanks, Paul.
Paul Root Lead Engineer 390 Commerce Dr Woodbury, Mn 55125 651-312-5207 paul.root at centurylink.com<mailto:paul.root at centurylink.com>
This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
Xymon mailing list Xymon at xymon.com<mailto:Xymon at xymon.com> http://lists.xymon.com/mailman/listinfo/xymon This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
On 31/01/2019 18:29, Root, Paul T wrote:
Hi,
Recently, I inherited some Windows machines. Including a pair of Domain controllers.
I’m wonderingwhat are somethings I’m going to want to monitor to make sure these things keep running?
I have the Powershell client installed no problem.
I see DNS and DHCP services, and am adding those.
Not quite answering your question, but: rather than testing those on the client, you could also consider a server-side test - e.g. a good way to check on a DNS server is to send a DNS query and check the response. You can do that just by adding the "dns" flag in hosts.cfg
http://xymon.sourceforge.net/xymon/help/manpages/man5/hosts.cfg.5.html#lbAP
Or to test a DHCP server, send a DHCP request to it - here's a script that uses the dhcping (sic) tool to do that:
https://wiki.xymonton.org/doku.php/monitors:dhcp
A functioning DC ought to respond to ldap queries, so...
http://xymon.sourceforge.net/xymon/help/manpages/man5/hosts.cfg.5.html#lbAS
Adam
That's not a bad idea.
Unfortunately, there is work to do there.
I created the DNS domain originally, and then another group got on "my" network and did windows. Then another group got on and used the domain.
The first group pulled out, after building up their own network, but the Windows Domain is still needed.
The first group never integrated the Windows DNS with the real DNS domain in the corporation. Somehow, I have to do that.
-----Original Message----- From: Xymon <xymon-bounces at xymon.com> On Behalf Of Adam Thorn Sent: Thursday, January 31, 2019 1:59 PM To: xymon at xymon.com Subject: Re: [Xymon] monitoring Domain Controllers
On 31/01/2019 18:29, Root, Paul T wrote:
Hi,
Recently, I inherited some Windows machines. Including a pair of Domain controllers.
I’m wonderingwhat are somethings I’m going to want to monitor to make sure these things keep running?
I have the Powershell client installed no problem.
I see DNS and DHCP services, and am adding those.
Not quite answering your question, but: rather than testing those on the client, you could also consider a server-side test - e.g. a good way to check on a DNS server is to send a DNS query and check the response. You can do that just by adding the "dns" flag in hosts.cfg
http://xymon.sourceforge.net/xymon/help/manpages/man5/hosts.cfg.5.html#lbAP
Or to test a DHCP server, send a DHCP request to it - here's a script that uses the dhcping (sic) tool to do that:
https://wiki.xymonton.org/doku.php/monitors:dhcp
A functioning DC ought to respond to ldap queries, so...
http://xymon.sourceforge.net/xymon/help/manpages/man5/hosts.cfg.5.html#lbAS
Adam
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
participants (3)
-
alt36@cam.ac.uk
-
Paul.Root@CenturyLink.com
-
tlwilliams4@vcu.edu