Template Microsoft Active Directory Domain Services - itmicus/zabbix GitHub Wiki
Monitoring Domain controller:
AD services: "ADWS","BITS","CertPropSvc","CryptSvc","Dfs","DFSR","DNS","Dnscache","eventlog","gpsvc","kdc","LanmanServer","LanmanWorkstation","Netlogon","NTDS","NtFrs","RpcEptMapper","RpcSs","SamSs","W32Time"
Checks the SRV DNS records for _ldap.tcp.domainname _kerberos.tcp.domainname
- PDC
SRV
_ldap._tcp.pdc._msdcs.
One per domain Allows a client to locate the server that is acting as the primary domain controller (also known as a "PDC") in the mixed-mode domain named in DnsDomainName . Only the PDC emulator master of the domain registers this SRV record.
- GC
SRV
_ldap._tcp.gc._msdcs.
At least one per forest Allows a client to locate a Global Catalog (gc) server for this forest. Only domain controllers that are functioning as Global Catalog servers for the forest named in DnsForestName register this SRV record.
- KDC
SRV
_kerberos._tcp.dc._msdcs.
At least one per domain Allows a client to locate a domain controller that is running the Windows implementation of the Kerberos KDC service for the domain named in DnsDomainName . All Windows Server–based domain controllers that are running the KDC service (that is, that implement a public key extension to the Kerberos v5 protocol Authentication Service Exchange subprotocol) register this SRV record.
- DC
SRV
_ldap._tcp.dc._msdcs.
At least one per domain Allows a client to locate a domain controller (dc) of the domain named by DnsDomainName . All Windows Server–based domain controllers register this SRV record.
5 A
One per domain controller (domain controllers that have multiple IP addresses can have more than one A resource record) This record helps to locate the domain controllers IP address in a domain.
- GcIpAddress
A
gc._msdcs.
At least one per forest Allows a non-SRV-aware client to locate any Global Catalog server in the forest by looking up an A record. A name in this form is returned to the LDAP client through an LDAP referral. A non-SRV-aware client looks up this name; an SRV-aware client looks up the appropriate SRV resource record.
Net Logon also registers a DNS CNAME (alias) record for use by Active Directory replication The Locator does not use this record.
- DsaCname
CNAME
._msdcs.
One per domain controller Allows a client to locate any domain controller in the forest by looking up an A record. The only information that is known about the domain controller is the GUID of the directory system agent (also known as the "DSA") object for the domain controller and the name of the forest in which the domain controller is located. This record is used to facilitate renaming a domain controller.
Tests that common AD ports respond locally: (53,88,135,139,389,445,464,636,3268,3269,9389) (Test-netconnection -ComputerName $env:COMPUTERNAME -Port $_).TcpTestSucceeded
Global Catalog KDC - Key Distribution Center (Kerberos) LDAP DNS Group Policy
Distributed File System Service DNS Server Service Filer Replication Service Intersite Messaging Service Kerberos Key Distribution Service Windows Time Service DNS Client Service Security Accounts Manager Service Server Service Workstation Service Remote Procedure Call (RPC) Service Net Logon Service LDAP Version Script LDAP Active Threads LDAP Bind Time LDAP Client Sessions Directory Service Threads in Use Address Book Client Sessions Directory Service Notify Queue Size