CartridgeForActiveDirectory Guide

Foglight ®
5.5.5
Managing Microsoft Active Directory
User and Reference Guide
© 2010 Quest Software, Inc.
ALL RIGHTS RESERVED.
This guide contains proprietary information protected by copyright. The software described in this guide is furnished
under a software license or nondisclosure agreement. This software may be used or copied only in accordance with
the terms of the applicable agreement. No part of this guide may be reproduced or transmitted in any form or by any
means, electronic or mechanical, including photocopying and recording for any purpose other than the purchaser’s
personal use without the written permission of Quest Software, Inc.
The information in this document is provided in connection with Quest products. No license, express or implied, by
estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of
Quest products. EXCEPT AS SET FORTH IN QUEST'S TERMS AND CONDITIONS AS SPECIFIED IN THE
LICENSE AGREEMENT FOR THIS PRODUCT, QUEST ASSUMES NO LIABILITY WHATSOEVER AND
DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL QUEST BE LIABLE FOR ANY
DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING,
WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF
INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF QUEST HAS
BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Quest makes no representations or warranties with
respect to the accuracy or completeness of the contents of this document and reserves the right to make changes
to specifications and product descriptions at any time without notice. Quest does not make any commitment to
update the information contained in this document.
If you have any questions regarding your potential use of this material, contact:
Quest Software World Headquarters
LEGAL Dept
5 Polaris Way
Aliso Viejo, CA 92656
www.quest.com
email: legal@quest.com
Refer to our Web site for regional and international office information.
Trademarks
Quest, Quest Software, the Quest Software logo, Foglight, IntelliProfile, PerformaSure, Spotlight, StealthCollect,
TOAD, Tag and Follow, and vFoglight are trademarks and registered trademarks of Quest Software, Inc in the United
States of America and other countries. For a complete list of Quest Software’s trademarks, please see http://
www.quest.com/legal/trademark-information.aspx. Other trademarks and registered trademarks are property of their
respective owners.
Third Party Contributions

Foglight Cartridge for Active Directory contains some third party components. For a complete list, see the License
Credits page in Foglight online help.

October 2010
Cartridge Version 5.5.6
Table of Contents
Introduction to this Guide ...................................................................................................................................9

About Quest Software, Inc. .............................................................................................................................................. 9
Contacting Quest Software.................................................................................................................................... 10
Contacting Quest Support ..................................................................................................................................... 10
Cartridge Navigation Basics .............................................................................................................................11

Foglight Browser Interface Panels ................................................................................................................................. 12
Navigation Panel ................................................................................................................................................... 13
Display Panel......................................................................................................................................................... 13
Action Panel .......................................................................................................................................................... 13
Drill Down Actions .......................................................................................................................................................... 14
Breadcrumb Trail............................................................................................................................................................ 14
Time Range.................................................................................................................................................................... 15
Lists ................................................................................................................................................................................ 15
Alarms and Status Indicators ......................................................................................................................................... 18
Mouse-over Actions........................................................................................................................................................ 18
Exploring the Cartridge for Active Directory Dashboards .............................................................................19

Accessing the Active Directory Dashboards .................................................................................................................. 20
Active Directory Environment Dashboard ...................................................................................................................... 20
Active Directory Environment Overview ................................................................................................................ 21
Quick View............................................................................................................................................................. 21
FAQts View - Navigation Tab ................................................................................................................................ 25
adAlarms Dashboard...................................................................................................................................................... 27
Alarms Overview ................................................................................................................................................... 27
Alarms List View .................................................................................................................................................... 28
adExplorer Dashboard ................................................................................................................................................... 29
4 Foglight Cartridge for Active Directory
Active Directory Enterprise View............................................................................................................................ 29

adExplorer Primary View ....................................................................................................................................... 31
Agent Management Dashboard...................................................................................................................................... 36
Rule Management Dashboard........................................................................................................................................ 37
Managing Active Directory Agents.................................................................................................................. 39

Agent Status Dashboard................................................................................................................................................. 39
Active Directory Agent Management Dashboard............................................................................................................ 40
Deploy Agent Package Dialog ............................................................................................................................... 40
Agent Setup Wizard ............................................................................................................................................... 41
Agent Management List ......................................................................................................................................... 45
Active Directory Agent Properties................................................................................................................................... 47
Reporting on Your Active Directory Enterprise ............................................................................................. 53

Cartridge for Active Directory Reports ............................................................................................................................ 54
Cartridge for Active Directory Views............................................................................................................... 59

Forest Views ................................................................................................................................................................... 60
Forests Environment Summary (All Forests) View ................................................................................................ 60
Forest Environment Summary View ...................................................................................................................... 61
Forests Explorer Summary (All Forests) View ....................................................................................................... 63
Forest Explorer Summary View ............................................................................................................................. 64
Domain Views................................................................................................................................................................. 66
Domains Environment Summary (All Domains) View............................................................................................ 66
Domain Environment Summary View .................................................................................................................... 67
Domains Explorer Summary (All Domains) View................................................................................................... 69
Domain Explorer Summary View ........................................................................................................................... 70
Site Views ....................................................................................................................................................................... 72
Sites Environment Summary (All Sites) View ........................................................................................................ 72
Site Environment Summary View .......................................................................................................................... 74
Sites Explorer Summary (All Sites) View ............................................................................................................... 76
Site Explorer Summary View ................................................................................................................................. 77
Domain Controller Views ................................................................................................................................................ 79
Domain Controllers Environment Summary (All DCs) View................................................................................... 79
Domain Controller Environment Summary View.................................................................................................... 80
Domain Controllers Explorer Summary (All DCs) View ......................................................................................... 82
Table of Contents 5
Domain Controller Explorer Summary View...........................................................................................................84

Resource Utilization Details View...........................................................................................................................86
Domain Controller Database View .........................................................................................................................88
Domain Controller LDAP View ...............................................................................................................................89
Domain Controller Replication View.......................................................................................................................90
Description of Embedded Views .....................................................................................................................................91
Core Services View ................................................................................................................................................92
Database Performance Health View ......................................................................................................................92
Domain Controller Details View..............................................................................................................................94
Domain Controllers View........................................................................................................................................95
FSMO Roles View (Domain) ..................................................................................................................................96
FSMO Roles View (Forest) ....................................................................................................................................97
Health View ............................................................................................................................................................97
Host Monitor View ..................................................................................................................................................98
Inter-Site Transports View......................................................................................................................................99
Inventory By Category View ..................................................................................................................................99
IP Subnets View ...................................................................................................................................................101
LDAP Performance Health View ..........................................................................................................................102
Memory View........................................................................................................................................................103
Network View .......................................................................................................................................................104
Processor View ....................................................................................................................................................105
Replication Performance Health View..................................................................................................................106
Resource Utilization View.....................................................................................................................................108
Server Health View...............................................................................................................................................110
Statistics View .....................................................................................................................................................111
Storage View .......................................................................................................................................................112
Summary and Resource Information View...........................................................................................................112
Top AD Metrics View............................................................................................................................................113
Top 3 Consumers View ........................................................................................................................................117
Top 3 CPU Consumers View ...............................................................................................................................118
Top 3 DS Directory Reads/Sec View ...................................................................................................................118
Top 3 LDAP Bind Times View ..............................................................................................................................119
Top 3 Memory Consumers View ..........................................................................................................................119
Top 3 Network Consumers View..........................................................................................................................120
Top 3 Replication Queue Length View.................................................................................................................120
Top 3 Storage Consumers View .......................................................................................................................... 121

Trusts View ......................................................................................................................................................... 121
Cartridge for Active Directory Rules ............................................................................................................. 123

Manage Rules Dashboard ............................................................................................................................................ 123
Active Directory Rule Management Dashboard............................................................................................................ 124
Managing Cartridge for Active Directory Rules............................................................................................................. 127
Rules Reference ........................................................................................................................................................... 129
Active Directory Host Services Rule .................................................................................................................... 133
Active Directory NTDS DIT Queue Length Rule .................................................................................................. 134
Database File Bytes Read Per/sec Rule.............................................................................................................. 134
Database File Bytes Written Per/sec Rule........................................................................................................... 135
Database File Operations Per/sec Rule............................................................................................................... 136
Database - Time to Fill Logical Disk for NTDS.DIT Rule ..................................................................................... 136
DC Connectivity Rule........................................................................................................................................... 137
DC ICMP Ping Response Rule ............................................................................................................................ 138
DNS Total Queries Received Per/sec Rule ......................................................................................................... 138
DNS Total Responses Sent Per/sec Rule ........................................................................................................... 139
DRA Inbound Bytes Compressed (Between Sites, Before Compression) Per/sec Rule ..................................... 140
DRA Inbound Bytes Not Compressed (Within Site) Per/sec Rule ....................................................................... 140
DRA Inbound Bytes Total Per/sec Rule............................................................................................................... 141
DRA Inbound Full Sync Objects Remaining Rule................................................................................................ 142
DRA Inbound Objects Applied Per/sec Rule........................................................................................................ 143
DRA Inbound Objects Filtered Per/sec Rule........................................................................................................ 144
DRA Inbound Objects Per/sec Rule..................................................................................................................... 145
DRA Inbound Object Updates Remaining in Packet Rule ................................................................................... 145
DRA Inbound Properties Applied Per/sec Rule ................................................................................................... 146
DRA Inbound Properties Filtered Per/sec Rule ................................................................................................... 147
DRA Inbound Properties Total Per/sec Rule ....................................................................................................... 148
DRA Inbound Values (DNs only) Per/sec Rule.................................................................................................... 148
DRA Inbound Values Total Per/sec Rule............................................................................................................. 149
DRA Outbound Bytes Compressed (Between Sites, After Compression) Per/sec Rule...................................... 150
DRA Outbound Bytes Compressed (Between Sites, Before Compression) Per/sec Rule................................... 151
DRA Outbound Bytes Not Compressed (Within Site) Per/sec Rule .................................................................... 152
DRA Outbound Bytes Total Per/sec Rule ............................................................................................................ 152
Table of Contents 7
DRA Outbound Objects Filtered Per/sec Rule .....................................................................................................153

DRA Outbound Objects Per/sec Rule ..................................................................................................................154
DRA Outbound Properties Per/sec Rule ..............................................................................................................155
DRA Outbound Values (DNs only) Per/sec Rule .................................................................................................155
DRA Outbound Values Total Per/sec Rule ..........................................................................................................156
DRA Pending Replication Synchronizations Rule ................................................................................................157
DRA Sync Requests Made Rule ..........................................................................................................................158
DS Security Descriptor Propagation Events Rule ................................................................................................159
DS Security Descriptor Suboperations Per/sec Rule ...........................................................................................159
ESE Database Cache Percent Hit Rule ...............................................................................................................160
ESE Database Cache Size Rule ..........................................................................................................................161
ESE Database Page Faults Per/sec Rule ............................................................................................................162
ESE Database Page Fault Stalls Per/sec Rule ....................................................................................................163
ESE Log Record Stalls Per/sec Rule ...................................................................................................................164
ESE Log Threads Waiting Rule............................................................................................................................165
ESE Log Writes Per/sec Rule ..............................................................................................................................166
ESE Table Open Cache Hits Per/sec Rule ..........................................................................................................167
ESE Table Open Cache Misses Per/sec Rule .....................................................................................................168
ESE Table Open Cache Percent Hit Rule............................................................................................................169
ESE Table Opens Per/sec Rule ...........................................................................................................................170
Global Catalog Demotion Rule.............................................................................................................................170
Global Catalog Promotion Rule............................................................................................................................171
Host ASP.NET Applications Requests in App Queue Rule..................................................................................172
Host ASP.NET Request Current Rule..................................................................................................................173
Host CPU Privileged Time Rule ...........................................................................................................................174
Host CPU User Time Rule ...................................................................................................................................175
Host CPU Utilization Rule ....................................................................................................................................176
Host DOT NET Framework Exceptions Rule .......................................................................................................177
Host DOT NET Framework Memory Rule............................................................................................................178
Host Logical Disk sec Avg Read Rule..................................................................................................................179
Host Logical Disk sec Avg Write Rule ..................................................................................................................180
Host Memory Available Rule ................................................................................................................................181
Host Memory Cache Rule ....................................................................................................................................182
Host Memory Paging Rule ...................................................................................................................................183
Host Memory Percent Committed Rule................................................................................................................184
Host Memory Pool Non Paged Bytes Rule .......................................................................................................... 185

Host Memory Pool Paged Rule............................................................................................................................ 186
Host Network Available Bandwidth Rule.............................................................................................................. 188
Host Network Outbound Errors Rule ................................................................................................................... 189
Host Physical Disk sec Avg Read Rule ............................................................................................................... 190
Host Physical Disk sec Avg Write Rule................................................................................................................ 191
Host Processor Queue Length Rule .................................................................................................................... 192
Host Storage Capacity Rule................................................................................................................................. 193
LDAP Bind Time Rule .......................................................................................................................................... 194
LDAP Client Sessions Rule ................................................................................................................................. 195
LDAP DS Directory Reads Per/sec Rule ............................................................................................................. 196
LDAP DS Threads in Use Rule............................................................................................................................ 196
LDAP Kerberos Authentications Rule .................................................................................................................. 197
LDAP NTLM Authentications Rule....................................................................................................................... 198
LDAP Searches Per/sec Rule.............................................................................................................................. 198
LDAP Successful Binds Per/sec Rule.................................................................................................................. 199
SVR Record Registered Rule .............................................................................................................................. 200
Index ................................................................................................................................................................. 201

Introduction to this Guide
Welcome to the Foglight for Active Directory User and Reference Guide. This guide
has been prepared to assist you in becoming familiar with the Cartridge for Active
Directory. It provides basic navigation techniques, describes the dashboards, views and
reports included with the Cartridge for Active Directory, and provides information
about the rules that are available for your monitored system.
For more information about the core Foglight product and functionality, see the
respective guides that are referenced throughout this document.
About Quest Software, Inc.

Quest Software simplifies and reduces the cost of managing IT for more than 100,000
customers worldwide. Our innovative solutions make solving the toughest IT
management problems easier, enabling customers to save time and money across
physical, virtual and cloud environments. For more information about Quest go to
www.quest.com.
Contacting Quest Software
Email info@quest.com
Mail Quest Software, Inc.

World Headquarters
5 Polaris Way
Aliso Viejo, CA 92656
USA
Web site www.quest.com
Refer to our web site for regional and international office information.
Contacting Quest Support

Quest Support is available to customers who have a trial version of a Quest product or
who have purchased a Quest product and have a valid maintenance contract. Quest
Support provides unlimited 24x7 access to SupportLink, our self-service portal. Visit
SupportLink at: http://support.quest.com.
From SupportLink, you can do the following:
• Retrieve thousands of solutions from our online Knowledgebase
• Download the latest releases and service packs
• Create, update and review Support cases
View the Global Support Guide for a detailed explanation of support programs, online
services, contact information, policies and procedures. The guide is available at: http://
support.quest.com/pdfs/Global Support Guide.pdf.
1
Cartridge Navigation Basics
This chapter describes the basic techniques used to navigate through the Cartridge for
Active Directory. It is intended to introduce you to the layout of the Foglight user
interface and how to navigate through the dashboards and views provided with the
Cartridge for Active Directory.
For more information about Foglight navigation, see the Foglight User Guide.
This chapter contains the following information:
• Foglight Browser Interface Panels
• Drill Down Actions
• Breadcrumb Trail
• Time Range
• Lists
• Alarms and Status Indicators
• Mouse-over Actions
Note The screen shots and procedures in this document reflect the latest features in the user
interface. If you are using an earlier version of Foglight (pre-5.5.7) you will see different
controls (for example, Search controls on lists). See the Foglight User Guide for the Foglight
version you are using.
Foglight Browser Interface Panels

Depending on who you log in as, you may see either the contents of the first bookmark
(the Welcome page is the default) listed under Bookmarks, or a home page. For further
details about these Foglight pages, see the Foglight User Guide.
Typically the browser interface is divided into three panels:
• Navigation Panel
• Display Panel
• Action Panel
Figure 1
Cartridge Navigation Basics 13
Foglight Browser Interface Panels
Navigation Panel
The navigation panel, at the left of the browser interface, operates like a drawer and is
open by default. To close the navigation panel, click the arrow to the far left of the
Foglight browser interface. Click the arrow again to open the navigation panel.
The navigation panel contains an expandable view of all the dashboards available to the
current user. To access a specific dashboard, open the appropriate module (for example,
Active Directory) and select the dashboard to view it in the display panel.
The navigation panel also provides access to the Foglight Administration and
Configuration areas, and may provide access to some cartridge-specific navigational
views (for example, the Active Directory Enterprise view for the adExplorer
dashboard.)
If you do not see any dashboards in the navigation panel, the user ID with which you
signed in may not have been assigned to a group. For details, see the Foglight User
Guide.
Display Panel
The display panel is the large panel in the middle of the browser interface and is used to
view current dashboards and reports, as well as to create new dashboards and reports.
You can increase the size of the display panel by resizing the navigation panel, or if
open, by closing the action panel.
Action Panel
The action panel, at the right of the browser interface, operates like a drawer and is
closed by default. To open the action panel, click the arrow to the far right of the
Foglight browser interface. Click the arrow again to close the action panel.
The action panel lists the actions and tasks you can perform within the currently
displayed dashboard. It also contains the views and data that you can add to a dashboard
or report, and provides access to the online help files.
Drill Down Actions

Use the graphical and text links in views to drill down to additional details that may
assist you in diagnosing problems. Depending on the link, you drill down to a different
dashboard or smaller view called a popup that appears over the dashboard you are
currently viewing.
You can drill down from many different parts of a view, including names of monitored
components (such as forests and domain controllers), the view in Explorer links in a
dashboard, and items like charts, tables, cylinders and icons.
Note When your cursor is positioned over a drillable component, the cursor will change to a
selector icon, typically a hand with a pointing finger.
For example, in the Forest Environment Summary (Individual Forest) view in the
Active Directory Environment dashboard, click the DNS Servers heading in the
Inventory By Category view. A Domain Controller Inventory popup appears that lists
the domain controllers (DCs) that are designated as DNS servers. Click a DC in this list
to drill down further to explore the selected DC’s health and alarms to diagnose
problems.
Breadcrumb Trail
As you drill down into more detailed views within a cartridge’s dashboard, the names of
the previous views are displayed in a breadcrumb trail at the top of the current
dashboard. In addition to providing you with context, this breadcrumb trail displays the
name of the current view and provides a simple mechanism for returning to any of its
related parent levels.
The following breadcrumb trail was created while drilling down from the Active
Directory Environment dashboard into the adExplorer dashboard. Each item within the
breadcrumb trail is a hyperlink to a previously viewed parent level.
Time Range
Time Range
By default, the Cartridge for Active Directory displays metrics, alerts and messages that
have occurred within the last four hours. This time range, however, is configurable
using the Time Range popup located in the upper right corner of the browser interface.
Using the Time Range popup, you can select from predefined time ranges or you can
specify a custom range using either the slide time bar or calendar precision controls to
specify a date and time. When you modify the time range for a dashboard or view, it
adjusts the range for all of the views contained within and drilldowns accessed from that
dashboard or view. It does not adjust the time range for any parent views.
For more information about modifying the time range, see the Foglight User Guide.
Lists
The lists displayed throughout the Cartridge for Active Directory allow you to define
the sort criteria and order, hide columns, and filter content based on user-defined search
criteria.
Sorting Content
Some views in the Cartridge for Active Directory dashboards contain sortable lists. An
example of a sortable list is the Domain Controllers view on the adExplorer dashboard.
An arrow in the column heading identifies the sort criteria and order, ascending or
descending, being used to display information.
To change the sort criteria in a list:
1 Click on the column heading to be used to sort the list.
2 The sort order is in ascending order, but can be changed to descending order by
clicking on the heading a second time.
The list is redrawn according to your specification.
Hiding Columns
The Cartridge for Active Directory lists display a default set of columns; however, you
can customize the content of the lists by hiding columns.
To hide columns in the list:
1 Select the button in the upper right corner of the list to display the Show
Columns dialog.
2 On the Show Columns dialog, click a column heading from the list to clear the
corresponding check box.
3 Select Apply to redisplay the list displaying only the columns that are currently
selected in the Show Columns dialog.
Filtering Content
Many of the lists displayed in the Cartridge for Active Directory dashboards and views
allow you to filter the information displayed using the search controls at the top of the
list. You can either conduct a search on all of the columns in the list or specify the
columns to be searched.
Figure 2
To filter a list based on content in any of the fields:
1 Enter a text string into the text field.
Note Select the Use Regular Expression option that appears when you select the arrow
control to the right of the Search field to specify a regular expression which allows
you to enter a search pattern using wildcard characters instead of a literal text string.
The list now displays the entries found as a result of your search.
2 To clear the search string and display the original list, select .
Lists
To specify individual fields to be searched:

1 Click the arrow control and select Advanced Search.
A dialog appears allowing you to enter the search criteria to be used to filter your
list and sort the results.
2 To define the number of items to be included in the list and the sort criteria and
order of the results, select the Limit to nn items from top check box.
3 By default, the top 10 items are displayed. To change this value, enter a different
number in the value field.
4 The Order by field contains the column heading currently selected as the sort
criteria. To change the sort criteria, click in the Order by field and select the
column heading to be used. Use the arrow control to define the sort order:
ascending or descending.
5 To define the search criteria, select the Match the following rule check box and
specify the following information:
• Click in the first field to specify the column to be searched.
• Use the arrow control to define the comparison operator to be used (for
example, does not contain, starts with, ends with.)
• Enter the text string to be matched.
• The Case Insensitive check box is selected by default and will find matches
regardless of case. For a case-sensitive search, clear this check box.
6 To add an additional search rule, select and repeat the previous step to
specify the additional search criteria.
Note When multiple rules are specified, the ‘and’ operator is used and all rules must be
met in order for an entry to be included in the search results.
7 Once you have entered your search criteria, select Search to close the dialog and
conduct the search.
8 The results of your search is displayed in the list.
9 To clear the search string and display the original list, select .
Alarms and Status Indicators

The Cartridge for Active Directory uses status indicators to show the alarm states of the
different Active Directory objects. The following status indicators and colors are used
throughout the cartridge:
Fatal (red)
Critical (orange)
Warning (yellow)
Normal (green)
The Foglight alarm types respond to thresholds that are defined within the Cartridge for
Active Directory rules. As metrics change and move through thresholds, alarms are
raised. As a metric moves through thresholds, the severity of an alarm changes, which
causes the associated status indicators to change.
For detailed information about the Cartridge for Active Directory rules and metrics, see
“Cartridge for Active Directory Rules” on page 123.
Mouse-over Actions
Many items within the Cartridge for Active Directory dashboards display additional
information when you hover your cursor over them. For example, when you hover the
cursor over a graph you will see the specific value(s) that correspond to the position of
the cursor. When you hover the cursor over an individual metric, you will see a small
descriptive popup.
2
Exploring the Cartridge for Active
Directory Dashboards
The Foglight Cartridge for Active Directory includes dashboards which aid in the
monitoring, analysis and investigation of Active Directory health and performance.
These dashboards provide real-time views into the present state and relationships of the
major components in your Active Directory environment, including:
• Forests - the top-level object within the Active Directory infrastructure which
consists of a group of Active Directory domains.
• Domains - a partition of the Active Directory forest used to implement directory
security and manage resources.
• Sites - a logical grouping of computers within Active Directory that have reliable
connectivity.
• Domain Controllers (DCs) - a server that is running a Windows Server operating
system and has Active Directory (or Active Directory Domain Services) installed,
which is tasked with managing a replica of an Active Directory domain.
This chapter explains how to access the Active Directory dashboards, describes the
layout of each dashboard, and explains how to navigate through the embedded views of
each dashboard. For a description of the metrics captured in each of the embedded
views, see “Cartridge for Active Directory Views” on page 59.
Accessing the Active Directory Dashboards

To access the dashboards:
1 On the navigation panel, under Dashboards, click the expansion state box to the
left of Active Directory.
2 Click one of the dashboard items.
• Click Active Directory Environment to display a summary of the Active
Directory objects being monitored and their current state.
• Click adAlarms to display a list of the current alarms triggered within the
Cartridge for Active Directory.
• Click adExplorer to display performance metrics and alarms for an Active
Directory object type container or individual object.
• Click Agent Management to create and activate Active Directory agents, and
start or stop collecting data.
• Click Rule Management to view and manage Cartridge for Active Directory
rules.
Active Directory Environment Dashboard

The Active Directory Environment dashboard provides a summary of the Active
Directory components and consists of the following views:
• Active Directory Environment Overview
• Quick View
• FAQts View - Navigation Tab
Exploring the Cartridge for Active Directory Dashboards 21
Active Directory Environment Overview

The Active Directory Environment Overview is located across the top of the Active
Directory Environment dashboard.
Purpose
The Active Directory Environment Overview provides you with an overview of your
Active Directory environment.
Figure 1
The overview contains a tile for the following object types in your Active Directory
infrastructure: forests, domains, sites, and domain controllers. Each tile shows the
number of corresponding objects of that type in your Active Directory infrastructure as
well as a count of objects of that type in each of the alarm states (fatal, critical, warning,
and normal).
Clicking a tile displays summary information for that object type in the Quick View.
Clicking an alarm state (for example, warning) on a tile displays summary information
in the Quick View for the objects of that type that are in the selected alarm state.
Quick View
The Quick View is located across the middle of the Active Directory Environment
dashboard.
Purpose
The Quick View displays summary information pertaining to the component selected
from the Active Directory Environment Overview and Object Tree view. For example,
• Select an object tile in the Active Directory Environment Overview to view
summary information for all objects of the selected type.
• Select an alarm indicator in an object tile in the Active Directory Environment
Overview to view summary information for the objects of that type in the selected
alarm state.
• Select an object item from the Object Tree view (as described below) to view
summary information for that individual object.
Description of Embedded Views

The Quick View consists of the following embedded views:
• Object Tree View
• Object Summary View
• FAQts View
• Alarms View
Object Tree View

The Object Tree view is located at the left of the Quick View and displays objects based
on the tile selected in the Active Directory Environment Overview. Use the Object Tree
view to select a single object or a group of objects of a particular type for display in the
Object Summary view.
Object Summary View

The Object Summary view is located to the right of the Object Tree view and displays
summary information for a single object or a group of objects, depending on what is
selected in the Object Tree view.
The Object Summary view displays tombstones or a number of embedded views which
is determined by the item selected in the Active Directory Environment Overview and
Object Tree view. An object tombstone provides a quick and easy view into the items
that make up the selected Active Directory object and the alarm states of these items.
In addition, in the top right of the Overview Summary view there is a link to the
adExplorer dashboard. This enables you to quickly navigate to the adExplorer for more
detailed metrics about the selected object or group of objects.
The following table lists the information displayed when the different object tiles are
selected.
Item Selected in Item Selected Views Displayed in Object Summary View

Overview in Object Tree
Forests Tile Summary A tombstone for each forest in your Active

Directory environment.

Forests Tile - Summary A tombstone for each forest in the selected

Alarm Indicator state.
Forests Tile or Forest Item In addition to a tombstone for the selected

Alarm Indicator forest, the following embedded views are
displayed:
• Inventory By Category View
• Statistics View
• FSMO Roles View (Forest)
• Trusts View
• Top 3 Consumers View
Domains Tile Summary A tombstone for each domain in your Active

Domains Tile - Summary A tombstone for each domain in the selected

Alarm Indicator state.
Domains Tile or Domain Item In addition to a tombstone for the selected

Alarm Indicator domain, the following embedded views are
displayed:
• Statistics View
• FSMO Roles View (Domain)
• Trusts View
Sites Tile Summary A tombstone for each site in your Active

Sites Tile - Summary A tombstone for each site in the selected state.
Alarm Indicator

Sites Tile or Site Item In addition to a tombstone for the selected site,
Alarm Indicator the following embedded views are displayed:
• IP Subnets View
• Domain Controller Details View
• Inter-Site Transports View
• Top 3 CPU Consumers View
Domain Summary A tombstone for each DC in your Active

Controllers Tile Directory environment.
Domain Summary A tombstone for each DC in the selected state.

Controllers Tile -
Alarm Indicator
Domain Domain In addition to a tombstone for the selected DC,

Controllers Tile Controller Item the following embedded views are displayed:
or Alarm • Host Monitor View
Indicator • Health View
• Server Health View
• Top AD Metrics View
FAQts View
A FAQts view is displayed in the lower left corner of the Quick View on the Active
Directory Environment dashboard and displays questions relating to the selected object.
The questions in this view are scoped to the object tile selected in the Active Directory
Environment Overview. For example, select the forest tile to view the questions about
forests.
Figure 2
Use the Previous and Next buttons to scroll through the questions available for the
selected object. Use the Show Me button to display the answer to the displayed
question. Select the button to display a list of all relevant questions from which to
select.
Alarms View
The Alarms view that appears at the bottom of the Quick View in the Active Directory
Environment dashboard displays a sortable list of all the outstanding alarms for the item
selected in the Object Tree view.
FAQts View - Navigation Tab

In addition to the FAQts embedded view in the Quick View, an FAQts view appears as a
navigation tab at the top of the dashboard. The FAQts navigation tab provides a list of
all the questions available for all Active Directory object types.
Note The FAQts navigation tab is also available in the adExplorer dashboard when you are
viewing an object in the adExplorer Primary view.
Purpose
The FAQts view enables you to get answers to common questions about your Active
Figure 3

The FAQts navigation tab is made up of the following embedded views:
• Categories View
• Questions View
• Answer View
Categories View
The Categories view lists the categories (that is, forests, domains, sites or domain
controllers) for which questions can be answered by Foglight.
Click a category to view a list of questions relating to that type of Active Directory
object.
Questions View
The Questions view lists the questions available for the category selected in the
Categories view.
Click a question from the list to have Foglight gather and report an answer.
If the list of questions is long, you can narrow it down by entering a text string in the
Search field at the top of the list. To clear the filter and return to the original list of
questions, click .
Note Select the Use Regular Expression option, that appears when you select the arrow control
to the right of the Search field, to specify a regular expression which allows you to enter a
search pattern using wildcard characters instead of a literal text string.
Answer View
The Answer view provides an answer to the question selected in the Questions view.
The answer is provided in the following form:
Top x <objects of category> ...
where x is the number of objects of the category selected in the Categories view.
adAlarms Dashboard
adAlarms Dashboard
The adAlarms dashboard shows the alarms that have been triggered but not cleared
within the Cartridge for Active Directory. It can be used to isolate alarms specific to
your Active Directory environment.
Figure 4
The adAlarms dashboard consists of the following views:

• Alarms Overview
• Alarms List View
Alarms Overview
The Alarms Overview is located across the top of the adAlarms dashboard.
Purpose
The Alarms Overview provides a quick and easy way for you to view Cartridge for
Active Directory alarms grouped by object type and severity level. You can use this
overview to monitor alarms and to identify the sources of problems with your Active
Directory infrastructure. Click an alarm count for a particular object type to display a
popup that shows alarms specific to the object type selected.
Alarms List View

The Alarms List view takes up the majority of the adAlarms dashboard.
Purpose
The Alarms List is a sortable list that displays the outstanding Cartridge for Active
Directory alarms. Each alarm row in the Alarms List contains the following
information:
Object The icon in the first column identifies the source of the
alarm:
Domain Controller
Domain
Forest
Site
General Active Directory (not DC, Domain, Forest or

Site)
Severity The icon in this column indicates the severity of the alarm.
Info Selecting the Info icon displays a metrics popup which

consists of a trend graph or history, the diagnostic time
range, a description of the metric and troubleshooting tips.
Domain Controller Displays the name of the DC where the alarm occurred.
Clicking the DC name displays a popup menu where you
can choose to view details about the selected DC in either
the adExplorer dashboard or Quick View.
Time Displays the date and time when the alarm occurred.
Alarm Message Displays the alarm message.

adExplorer Dashboard
Clicking an alarm’s severity icon, object icon, alarm message or time displays a popup
where you can acknowledge or clear the alarm. This popup provides pertinent
information about the selected alarm, such as the rule of origin of the alarm, the history
of the alarm, and all of the notes attached to the alarm. For more information about
managing alarms, see the Foglight User Guide or online help.
The adExplorer dashboard has a hierarchial interface that you can use to view various
performance metrics and alarms within your Active Directory infrastructure. It provides
informative views through which you can quickly and easily access detailed
information about any of the objects in your Active Directory environment.
The adExplorer dashboard contains the following views:
• Active Directory Enterprise View
• adExplorer Primary View
Active Directory Enterprise View

The Active Directory Enterprise view is located in the navigation panel, under the
Dashboard list.
Purpose
The Active Directory Enterprise view provides an organized view of the Active
Directory objects that are monitored by the Cartridge for Active Directory.
Figure 5
Clicking an object type container or object in the Active Directory Enterprise view
refreshes all of the views in the adExplorer Primary view to display information
pertaining to the selected object.

The Active Directory Enterprise view is made up of the following embedded views:
• Topology View
• Hierarchy View
• Mouse-over Status Popup
Use these views to display performance metrics and alarms for an individual Active
Directory object or group of objects of a particular type.
Topology View
The Topology view is organized into a tree using object type containers for branches.
The top-level containers are the main Active Directory object types (that is, forests,
domains, sites, and domain controllers) and each object type container contains every
object of that particular type that is managed by the cartridge. Click the expansion state
box to the left of a container to expand the view to display the individual objects.
To the left of each object, a status indicator represents the alarm of highest severity that
is outstanding for that object.
Hierarchy View
The Hierarchy view represents the logical layout of the containers in your Active
Directory environment. In the Hierarchy view, each forest container is organized into a
tree illustrating where each domain and domain controller resides within your Active
Directory environment. Click on the expansion state box to the left of a container to
expand the view to display subordinate objects.
To the left of each object, a status indicator represents the alarm of highest severity that
is outstanding for that object.
Mouse-over Status Popup

When you hover the cursor over an object in the Active Directory Enterprise view, a
popup appears that provides a summary of the present state of the selected object. For
example, the following popup appears when you hover the cursor over an individual DC
object in the Active Directory Enterprise view.
Figure 6
adExplorer Primary View

The adExplorer has a Primary view which takes up the entire display panel of the
browser interface. This view displays information based on the object type container or
object selected in the Active Directory Enterprise view.
Purpose
The adExplorer Primary view displays performance metrics and alarms related to the
objects within an object type container or an individual Active Directory object.
The heading area located across the top of the adExplorer Primary view consists of the
following main components:
• an object icon and name
• an alarm summary for the selected object type container or object
• navigation tabs
The object icon and name to the left of the heading specify the object type container or
individual object that is selected in the Active Directory Enterprise view.
The alarm summary at the right of the heading shows you the number of alarms at each
severity level that are outstanding for the selected object. Clicking an alarm count
displays a popup that lists the active alarms for the object. From this popup you can
display additional details about an individual alarm.
The navigation tabs are located immediately below the selected object’s name. These
navigation tabs vary from object to object, but generally contain an object summary tab,
a FAQts tab, and one or more tabs of other relevant information. The following table
lists the navigation tabs displayed based on the item selected in the Active Directory
Enterprise view.
Item Selected in Active Directory Tabs Displayed in adExplorer Primary View

Enterprise View
Object Container (Forests, Domains, • Summary (All)

Sites, or Domain Controllers) • FAQts
Forest Object • Summary

• FAQts
Domain Object • Summary

• FAQts
Site Object • Summary

• FAQts
Domain Controller Object • Summary

• Database
• LDAP
• Replication
• FAQts

The Primary view changes in appearance and content, depending on which navigation
tab is selected. The metrics and amount of detail displayed varies depending on the type
of object you selected in the Active Directory Enterprise view.
The Primary view may contain the following embedded views:

• Summary view
• Top 3 Consumers views
• Domain Controllers view
• Resource Utilization view
• Core Services view
• Summary and Resource Information view
• Performance Health view
• Alarms view
Summary View
Selecting the Summary navigation tab displays the Summary view just below the
heading. This view provides a hierarchical inventory, in the form of tiles, of the objects
that are related to the object or object container selected in the Active Directory
Enterprise view. Each tile shows how many objects of the corresponding object type
there are, as well as the count of objects of that type in each of the alarm states (fatal,
critical, warning, and normal).
More detailed information for the selected object or object container is displayed in
views below the Summary view.
On a tile, click the object type icon, the object type name, or the object count, to view an
inventory popup that lists all objects of the corresponding type, along with their
respective states. Click an object in the inventory popup to view details for that object in
the adExplorer Primary Summary view.
On a tile, click an alarm state or the number below it to view an alarms popup that
shows the outstanding alarms of that state for the corresponding object type. Click an
alarm in the alarms popup to view details about the selected alarm.
Note If the alarm state has a count of zero, you cannot select that alarm state. When you click a
normal state icon or count, the adExplorer page is refreshed, but you do not see the alarms
popup because there are no alarms associated with the normal state.
Top 3 Consumer Views

The Top 3 Consumer views displayed in the adExplorer Primary view depends on the
item selected in the Active Directory Enterprise view, as shown in the following table:
Item Selected in Active Directory Top 3 Consumer Views Displayed in

Enterprise View adExplorer Primary View
Object Container (Forests, Domains, • Top 3 CPU Consumers View

Sites, or Domain Controllers) • Top 3 Memory Consumers View
• Top 3 Network Consumers View
• Top 3 Storage Consumers View
Forest, Domain or Site Object • Top 3 DS Directory Reads/Sec View

• Top 3 LDAP Bind Times View
• Top 3 Replication Queue Length View
• Top 3 Memory Consumers View
Hovering the mouse over a data point in a graph displays a popup explaining the data
point.
To change the appearance of a graph, click the icon that appears at the upper right
corner of the graph when you hover the mouse over a Top 3 Consumer view. From the
dialog, select the type of chart and the bounds to be used to redraw the data. In addition,
you can click and drag the axis of a graph to zoom into the graph. For more information
on redrawing graphs, see the Foglight User Guide.
Domain Controllers View

The Domain Controllers view is a sortable list that is displayed when an object type
container, forest object, domain object, or site object is selected in the Active Directory
Enterprise view. This view lists the DCs that reside in the selected object type container
or object. Selecting an entry in this view displays the Domain Controller Explorer
Summary view for the selected DC.
Resource Utilization View

The Resource Utilization view is displayed in the adExplorer Primary view when a DC
object is selected in the Active Directory Enterprise view. This view provides numerical
and graphical representations of utilization metrics associated with the selected DC.
Selecting the Details link in the upper right corner of this view allows you to drill down
into even more detailed resource utilization metrics the selected DC.
Core Services View

The Core Services view is displayed below the Resource Utilization view in the
adExplorer Primary view when a DC object is selected in the Active Directory
Enterprise view. This view displays the core services that are being monitored and their
present state.
Summary and Resource Information View

The Summary and Resource Information view is displayed below the Core Services
view in the adExplorer Primary view when a DC object is selected in the Active
Directory Enterprise view. This view displays the following information about the
selected DC:
• IP Address
• Operating System
• FSDN
• Uptime
• Site
• Processors
• Memory Capacity
• Network Interfaces
• Storage Devices
Performance Health View

The Performance Health view displays performance metrics and is displayed when a
DC object is selected in the Active Directory Enterprise view. The content of this view
depends on the navigation tab (Database, LDAP, or Replication) selected on the
adExplorer Primary view.
Alarms View
The Alarms view appears at the bottom of the adExplorer Primary view and displays a
sortable list of the alarms that are outstanding for the object type container or object
selected in the Active Directory Enterprise view.
Agent Management Dashboard

The Agent Management dashboard allows you to deploy the Active Directory agent
package, create Active Directory agent instances on one or more servers at a time,
activate or deactivate Active Directory agents, and start and stop collecting data.
Using this dashboard you can add and configure Active Directory agents on one or more
DCs. Once added, the Agent Management List view displays all of the Active Directory
agents configured to monitor Active Directory metrics.
Figure 7
For more information on using the Agent Setup wizard and the Agent Management List
view to manage your Active Directory agents, see “Managing Active Directory Agents”
on page 39.
Rule Management Dashboard
Rule Management Dashboard

The Active Directory Rule Management dashboard contains a sortable list of all the
rules used by the Cartridge for Active Directory. From this dashboard you can quickly
see which rules are enabled/disabled, the states (fatal, critical or warning) with active
conditions, predefined alarm threshold values, rules with current alarms, and a brief
description of each rule.
Figure 8
For a description of the Active Directory Rule Management dashboard and for more
information on the Cartridge for Active Directory rules and how to enable, disable or
modify them, see “Cartridge for Active Directory Rules” on page 123.
3
Managing Active Directory Agents
The Active Directory agents collect data from remote Active Directory domain
controllers, which is then used to populate the health and performance metrics presented
throughout the Cartridge for Active Directory dashboards and views.
The Cartridge for Active Directory provides an additional dashboard that can be used to
manage Active Directory agent instances. Therefore, the Active Directory agent
instances can be created and managed using one of the following dashboards:
• Agent Status dashboard (Dashboards > Administration > Agents > Agent
Status)
• Active Directory Agent Management dashboard (Dashboards > Active
Directory > Agent Management)
This chapter provides a description of the Deploy Agent Package dialog, Agent Setup
wizard used to add and configure new Active Directory agents and the Agent
Management list which is populated with information about each Active Directory
agent instance. It also provides a description of the Active Directory agent properties
used to connect to the target server from which data is to be collected.
Agent Status Dashboard

The Agent Status dashboard allows you to deploy agent packages and create agent
instances one host at a time. Once an agent is created, use this dashboard to view agent
information and edit the properties of one or more agents.
See the Foglight Administration and Configuration Guide or online help for more
information about using the Agent Status dashboard to create and manage agent
instances.
Active Directory Agent Management Dashboard

The Active Directory Agent Management dashboard allows you to deploy the Active
Directory agent package, create Active Directory agent instances for one or more severs
at a time, activate or deactivate Active Directory agents, and start and stop collecting
data.
The Active Directory Agent Management dashboard consists of the following
components:
• Deploy Agent Package Dialog
• Agent Setup Wizard
• Agent Management List
Deploy Agent Package Dialog

The Deploy Agent Package dialog appears when you select the Deploy Agent Package
link in the Tasks list at the top of the Active Directory Agent Management dashboard.
This dialog contains a list of installed Foglight Agent Manager hosts.
Figure 1
To deploy the Active Directory agent package:
1 Select the Deploy Agent Package link.
2 On the Deployment Agent Package dialog, select the Foglight Agent Manager to
which the Active Directory Agent package is to be deployed.
3 Click Deploy.
4 Once successfully deployed, a confirmation dialog appears. Select the close
button in the upper right corner to close this dialog.
Note Because you are only deploying agent packages at this time, the newly deployed
package will NOT appear in the Agent Management list.
Managing Active Directory Agents 41
Agent Setup Wizard

The Agent Setup wizard steps you through the process of adding and configuring Active
Directory agent instances on one of more DCs. Use one of the following methods to
launch the Agent Setup wizard:
• Select the Add and Configure New Agents link in the Task list, located at the
top of the dashboard.
• Select the Add button at the top of the Agent Management List.
The following table describes the pages in the Agent Setup wizard and the information
required to add and configure an Active Directory agent instance.
Foglight Agent Manager Host
Figure 2
From this page, select the Foglight Agent Manager Host to be used for the new
Active Directory agent instances.
Select the selection button for the Foglight Agent Manager

Host to be used for the new Active Directory agent
instances.
Foglight Agent Displays the following information from the Agent Host
Manager Information dashboard (at Administration > Agents > Agent Hosts):
• Host Name
• FglAM Version
• OS
• OS Architecture
Has Agent Package Indicates whether the Active Directory agent package has
been deployed to the Foglight Agent Manager host(s). A
green check in this column indicates that the Active
Directory agent package has been deployed.
Note If the host you want to use does not contain a green check
mark, exit the Agent Setup wizard and select the Deploy
Agent Package task, back on the Active Directory Agent
Management dashboard.
Domain To Search for Domain Controllers
Figure 3
From this page, select the domain to be used to search for DCs where Active
Directory agent instances are to be created and activated.
Domain Enter the fully qualified domain name (myDomain.com) of

a domain to search for DCs.
User Enter the user name (myDomain\myUserName) of the

account to be used to query Active Directory on the
selected domain.
Password Enter the password associated with the user account

entered above.
Domain Controllers to Monitor
Figure 4
From this page, select one or more DCs that are to be monitored. This page displays
the following information for each DC found on the selected domain.
Note All selected servers will use the same user credentials for access.
Use the selection check box to select one or more DCs.
Domain Controller Displays the name of the DCs found on the selected
domain.
Has Agent Indicates whether an Active Directory agent instance has

already been created for a DC. A green check mark in this
check box indicates that an agent instance has already been
created for the DC.
Credentials for Domain Controller(s)
Figure 5
From this page, enter the credentials to be used to access the selected DCs.
User Enter the user name (myUserName) of an account in the

selected domain that has access to the selected DCs.
Note This account must be an Active Directory account with
elevated privilege (Domain Administrator) in the domain
where the server is located.
Note The sAmAccountName and the account CN for this account
should be identical and should not contain spaces or LDAP
authentication errors may occur.
Password Enter the password associated with the user name entered
above.
Agent Management List

Once Active Directory agent instances are added, the Agent Management list displays
all of the agent instances configured to monitor Active Directory metrics.
Figure 6
The Agent Management list contains the following information for each configured
Active Directory agent instance.
Column Description
Figure 7 Use the selection check boxes to select agent instances for
activation/deactivation, starting/stopping data collection,
editing properties, or removal.
Domain Controller Displays the name of the DCs being monitored by an

Active Directory agent instance.
Active Indicates whether the agent instance for a DC is activated.

A green check mark in this check box indicates that the
agent is active.
Data Collection Indicates whether the agent instance is currently collecting

data. A green check mark in this check box indicates that
the agent is collecting data.
Agent Name Displays the name of the agent instance created for a DC.
Foglight Agent Displays the name of the Foglight Agent Manager Host
Manager Host assigned to each Active Directory agent instance.
Use the buttons at the top of this list to manage your Active Directory agent instances,
as described in the following table:
Button Description
Figure 8 Select to launch the Agent Setup wizard to add and

configure new Active Directory agent instances.
Figure 9 Select to refresh the information displayed in the Agent list.

Note Neither the Browser refresh icon nor F5 will refresh the Agent
Management list.
Figure 10 Select to activate the selected agent instance(s).
Figure 11 Select to deactivate the selected agent instance(s).
Figure 12 Select to start collecting data on the selected agent

instance(s).
Figure 13 Select to stop collecting data on the selected agent

instance(s).
Figure 14 Select to edit the name of the DC or the credentials used to

access the selected agent instance(s).
Note To edit the other agent properties use the Agent Status
dashboard.
Figure 15 Select to remove the selected agent instance(s).

Active Directory Agent Properties

The primary properties for an Active Directory agent instance are required to connect to
the target server from which data is to be collected. These properties are either specified
when the agent instance is configured or they have a pre-defined default value. The
following table describes the primary properties that can be modified for either an
individual or all Active Directory agent instances.
Property Default Description
Host Name N/A The IP address or fully qualified domain

name (myServer.myDomain.com) of the
target server from which data is to be
collected.
Note When the Override Naming Validation
option is set to True, enter the fully
qualified domain name (not the IP
address) of the target server.
Host Domain Name N/A The fully qualified domain name

(myDomain.com) of the domain hosting the
target server.
Host User Name N/A A user account that has elevated privileges
(Domain Administrator) on the target
server.
Note If the target server is running Windows
2008 R2, this user account must have
access to the registry keys mentioned in
the Prerequisites and Troubleshooting
Tips chapter in the Managing Microsoft
Active Directory Installation Guide.
Host Password N/A The password associated with the user name
entered above.
Property Default Description
Is Virtual Machine False If you are not using the Cartridge for
VMWare to monitor this agent and the
target server is a virtual machine, set the Is
Virtual Machine setting to True.
Note The Cartridge for Active Directory can
collect data from virtual machines that are
not monitored by the VMWare cartridge
and also from physical machines.
Therefore, this setting must reflect the
type of target machine being used. That
is, if the target server is a physical
machine, set this setting to False.
Enable Extensible False Indicates whether ESE database queries are

Storage Engine (ESE) to be collected by the Active Directory
Queries agent instance.
Note If you enable this setting, ESENT must be
registered with WMI. See the Managing
Microsoft Active Directory Installation
Guide for more information on monitoring
ESE.
Override Naming False Set this option to True if the forest to which
Validation this server belongs has more than one tree
or contains more than one contiguous name
space for any other reason. For example, if
Domain.corp and Domain.local are in the
same forest, set this option to True.
Note When the Override Naming Validation
option is set to True, enter the fully
qualified domain name (not the IP
address) of the target server in the Host
Name field.
Network Connection 21000 Specifies how long (milliseconds) the

TimeOut system waits for a response from the remote
server before it times out.
In addition, there are global secondary properties used by all Active Directory agents
that define the services to be monitored and the data collection schedule to be used. The
following table lists the collectors being used by the cartridge and the default collection
interval for each.
Collector Name Default Collection Interval
trusts;subnets;child domains; functional lvls 1 minute
ad objects;accounts 1 minute
misc. low-priority 10 minutes
ldap;replication 30 seconds
global catalog 1 minute
database;esent;logical disk;sitelinks 1 minute
ping;fsmos 1 minute
dns 1 minute
host detail 0 minutes

Note This collection is disabled by
default. If the Cartridge for
VMWare is not being used to
monitor the selected agent, set
this collection interval to a value
between 1 and 10 minutes.
Dot Net Frameworks Detail 1 minute
The following procedure steps you through the process of modifying the properties for
the Active Directory agents. For more detailed instructions on using the Agent Status
dashboard to edit agent properties, see the Foglight Administration and Configuration
Guide or online help.
To modify an agent’s properties:
1 From the navigation panel, navigate to Dashboards > Administration > Agents
> Agent Status.
2 On the Agent Status dashboard, select an agent from the list and click Edit
Properties.
The Agent Status dashboard refreshes, showing the current properties of the
selected agent instance.
3 Select one of the following property scope options:
• Modify the private properties for this agent.
• Modify the properties for all Active Directory agents.
Note It is best to configure the agent properties that are to be applied globally to the
majority of the Active Directory agent instances. Then go back and modify the
private properties of those individual agents as required.
Selecting one of these options enables the agent’s properties allowing you to edit
them.
4 In the Configuration panel, modify the agent’s properties as required.
5 To modify the services being monitored, select the Monitored Services list to be
edited and select Edit.
This displays the Monitored Services dialog, which lists the currently monitored
services.
• To remove a service from the list, select the service to be removed and select
Delete Selected Row(s). To select multiple services, use the Ctrl or Shift
keys.
• To add a service to the list, select Add Row and enter the name of the service
to be monitored.
• After adding or removing services from the monitored services dialog, select
Save Changes.
• Click the close button in the upper right corner to close the dialog.
6 To change a collector, in the Data Collection Scheduler panel, select the Collector
Config list to be edited and select Edit.
This displays the Collector Config dialog, which lists all of the collectors and
their currents settings.
Note A zero value means that the collector is turned off and is not collecting data.
Note The Cartridge for Active Directory needs the basic host metrics (CPU, Memory,
Network, Storage). If the Cartridge for VMWare is collecting these metrics, the
Cartridge for Active Directory will use these host metrics. However, if the Cartridge
for VMWare in not collecting host metrics, you must enable the host detail collection
by setting its collection interval to a value between 1 and 10 minutes.
• To edit an entry in the list, double-click the cell containing the entry to be
changed, and enter a different value.
• To delete a collector, select the collector to be removed and select Delete
Selected Row(s). To select multiple collectors, use the Ctrl or Shift keys.
• After editing the list, select Save Changes.
• Click the close button in the upper right corner to close the dialog.
Note Advanced users can add custom collectors using the developers kit. See the
Foglight online help for details.
7 Back on the Agent Status dashboard, select Save to save your selections.
8 Select Back To Agent Status to return to the agent list on the Agent Status
dashboard.
4
Reporting on Your Active Directory
Enterprise
The Cartridge for Active Directory comes with a set of pre-defined reports that can be
run from the Reports dashboard. Using this dashboard, operators can run reports, build
custom reports, and view generated reports. Advanced Operators can also schedule and
manage reports.
To access the Reports dashboard, from the Foglight navigation pane, select
Dashboards > Reports. From the Reports dashboard, click the links provided as
described below:
• Click Generate a Report to select and generate a report using the Generate
Report wizard.
• Click Schedule a Report to select and schedule a report using the Schedule
Report wizard.
• Click Build a Custom Report to choose the building blocks for your custom
report using the Create Report wizard.
• Click Manage Reports to access the Manage Reports dashboard, where you can
download, delete and view details about generated reports.
For more information on using the Foglight reporting features, see the Foglight User
Guide or online help.
Cartridge for Active Directory Reports

Several different report templates are available with the Cartridge for Active Directory,
and together they provide a detailed analysis of the performance and health of your
Active Directory environment over time.
Each report template uses report parameters to define the content of the report. Use a
template’s default report parameters to quickly generate or schedule a report or
optionally change the report parameters to customize the report to better meet your
requirements.
The following table contains an alphabetical list of the Cartridge for Active Directory
reports. It also provides a brief description of the report and the report parameters used
to define the content. Report parameters marked with an asterisk (*) are required and
you must specify this parameter before the report can be generated.
Report Description Report Parameters: Default
adAlarms Displays the outstanding • Time Range: Last 4 hours

Active Directory alarms.
Domain Controller Shows all FAQts for the • Time Range: Last 4 hours
FAQts selected DCs. • * Domain Controllers
Domain Controller Shows domain controller • Time Range: Last 4 hours

FAQTS for Domain FAQts for the selected domain. • * Domain

FAQTS for Forest FAQts for the selected forest. • * Forest

FAQTS for Site FAQts for the selected site. • * Site
Domain Controller Shows the DCs in the selected • Time Range: Last 4 hours
Inventory for Domain domain. • * Domain
Domain Controllers Shows the top and bottom DCs • Time Range: Last 4 hours
Available CPU and based on available CPU and • DC Count: 25
Memory - Detail memory.
Reporting on Your Active Directory Enterprise 55
Domain Controllers Shows the top and bottom five • Time Range: Last 4 hours
Available CPU and DCs based on available CPU
Memory - Summary and memory.
Domain Controllers Displays the DC count, logical • Time Range: Last 4 hours
Logical Disks With disk count, total disk space • * Percent
X% Or Less Free available, and total disk space
Storage - Detail used for all DCs with x% or
less free storage. Plus
additional details.
X% Or Less Free available, and total disk space
Storage - Summary used for all DCs with x% or
less free storage.
X% Or More Free available, and total disk space
Storage - Detail used for all DCs with x% or
more free storage. Plus
additional details.
X% Or More Free available, and total disk space
Storage - Summary used for all DCs with x% or
more free storage.
Domain Controllers Shows the capacity and usage • Time Range: Last 4 hours
Storage of logical and physical disks
on the selected DCs.
Domain Controllers Shows the top and bottom DCs • Time Range: Last 4 hours
Utilization - Detail based on CPU Used Hz, CPU • DC Count: 25
percent privileged time,
memory consumed, disk
utilization, disk transfer rate
and network transfer rate for
the specified time range. Plus
additional details.
Note The CPU Used Hz metric
can be used to compare
relative CPU utilization
across different systems.
Domain Controllers Shows the top and bottom five • Time Range: Last 4 hours
Utilization - DCs based on CPU Used Hz,
Summary CPU percent privileged time,
memory consumed, disk
utilization, disk transfer rate
and network transfer rate for
the specified time range.
Note The CPU Used Hz metric
can be used to compare
relative CPU utilization
across different systems.
Domains FAQTS Shows the domain FAQts for • Time Range: Last 4 hours
the selected domains. • * Domains
Forest Domain Shows the DCs in each • Time Range: Last 4 hours
Inventory domain in the selected forest. • * Forest
Forest FAQTS Shows the forest FAQts for the • Time Range: Last 4 hours
selected forests. • * Forest
Resource Utilization Shows metrics for the CPU, • Time Range: Last 4 hours
network, memory and disk • * Domain Controller
utilization for the selected DC.
Reporting on Your Active Directory Enterprise 57
Site FAQTS Shows the site FAQts for the • Time Range: Last 4 hours
selected sites. • * Site
5
Cartridge for Active Directory
Views
Foglight displays monitoring data in views that group, format, and display data. The
main types are described below.
Dashboards are top-level views that contain lower-level views. The dashboards supplied
with Foglight, as well as those created by users, are accessible from the navigation
panel.
Lower-level views can be added to dashboards or can be accessed by drilling down
from a dashboard. They receive and display data directly from the Foglight
Management Server or from other views. Some views filter or select data that appears in
other views in the same dashboard. Some are tree views with expandable nodes for
selecting servers, applications or data.
This chapter provides a description of the lower-level views on the Cartridge for Active
Directory dashboards. The beginning of the chapter explains which views are available
to find specific information for each of the Active Directory objects. The latter part of
the chapter provides a detailed description of the information and metrics displayed in
embedded views.
Forest Views
A forest is the top-level object within the Active Directory infrastructure and consists of
a group of Active Directory domains. The following views are available to monitor the
health of your Active Directory forests:
• Forests Environment Summary (All Forests) View
• Forest Environment Summary View
• Forests Explorer Summary (All Forests) View
• Forest Explorer Summary View
Forests Environment Summary (All Forests) View

The Forests Environment Summary (All Forests) view displays a tombstone for each
forest in your Active Directory environment that provides summary data about the
different object types (domains, sites and DCs) within each forest and the number of
objects in each of the alarm states (fatal, critical and warning).
Figure 1
A forest tombstone displays the following information:
• name of the forest
• number of users in the forest
• number of alarms in each state in the forest
• number of domains in the forest and number of domains in each alarm state
• number of sites in the forest and number of sites in each alarm state
• number of DCs in the forest and number of DCs in each alarm state
• Forest Functional Level
Cartridge for Active Directory Views 61
Forest Views
How to Get Here

1 From the Foglight navigation panel, select Dashboards > Active Directory >
Active Directory Environment.
2 From the Active Directory Environment Overview (top panel), select the Forests
tile.
3 From the Object Tree view, select Summary.
The Forests Environment Summary (All Forests) view appears in the Object
Summary view of the Quick View on the Active Directory Environment
dashboard.
Forest Environment Summary View

The Forest Environment Summary view displays a tombstone for the selected forest,
showing the object types within this forest and the alarm states for each. In addition to
the forest tombstone, this display provides more detailed information about the
accounts, roles, and trusts in the selected forest. It also shows the top DCs in the forest
that are consuming the most computer resources.
Figure 2
How to Get Here

2 From the Active Directory Environment Overview (top panel), select the Forests
tile.
3 From the Object Tree view, select an individual Forest object.
The Forest Environment Summary view appears in the Object Summary view of
the Quick View on the Active Directory Environment dashboard.
Note You can also click a forest’s tombstone in the Forests Environment Summary (All Forests)
view to display this view.
Embedded Views
In addition to the forest tombstone, the following embedded views are displayed:
• Statistics View
• Trusts View
• FAQts View
• Alarms View
Forest Views
Forests Explorer Summary (All Forests) View

The Forests Explorer Summary (All Forests) view displays detailed resource metrics
and information for the DCs in all of the monitored forests in your Active Directory
environment.
Figure 3
How to Get Here

adExplorer.
2 From the Active Directory Enterprise view (under Dashboards in the navigation
panel), select the Forests object container.
The Forests Explorer Summary (All Forests) view appears in the Primary view on
the adExplorer dashboard.
Note You can also click the view in Explorer link on the Forests Environment Summary (All
Forests) view.
Embedded Views
This view is made up of the following embedded views:
• Domain Controllers View
• Alarms View
Forest Explorer Summary View

The Forest Explorer Summary view displays detailed resource metrics and information
about the DCs in the selected Active Directory forest.
Figure 4
Forest Views
How to Get Here

adExplorer.
panel), select an individual Forest object.
The Forest Explorer Summary view appears in the Primary view on the
adExplorer dashboard.
Note You can also click the view in Explorer link on the Forest Environment Summary view for
the selected forest.
Embedded Views
In addition to the forest tombstone, this view is made up of the following embedded
views:
• Top 3 DS Directory Reads/Sec View
• Alarms View
Domain Views
A Domain is a partition of the Active Directory forest used to implement directory
security and to manage resources.
The following views are available to monitor the health of your Active Directory
domains:
• Domains Environment Summary (All Domains) View
• Domain Environment Summary View
• Domains Explorer Summary (All Domains) View
• Domain Explorer Summary View
Domains Environment Summary (All Domains) View

The Domains Environment Summary (All Domains) view displays a tombstone for
each domain in your Active Directory environment. These domain tombstones display
summary data about the different sites and DCs that reside in each domain, as well as
the number of objects in each of the alarm states (fatal, critical and warning).
Figure 5
A domain tombstone displays the following information:
• name of the domain
• number of users in the domain
• number of domain alarms in each state
• number of sites in the domain and number of sites in each alarm state
• number of DCs in the domain and number of DCs in each alarm state
• Domain Functional Level
Domain Views
How to Get Here

2 From the Active Directory Environment Overview (top panel), select the
Domains tile.
The Domains Environment Summary (All Domains) view appears in the Object
dashboard.
Domain Environment Summary View

The Domain Environment Summary view displays a tombstone for the selected domain,
showing data about the object types within that domain and the number of objects in
each of the alarm states. In addition to the domain tombstone, this view displays more
detailed information about the accounts, roles, and trusts in the selected domain. It also
shows the top DCs in the domain that are consuming the most computer resources.
Figure 6
How to Get Here

2 From the Active Directory Environment Overview (top panel), select the
Domains tile.
3 From the Object Tree view, select an individual Domain object.
The Domain Environment Summary view appears in the Object Summary view
of the Quick View on the Active Directory Environment dashboard.
Note You can also click a domain’s tombstone in the Domains Environment Summary (All
Domains) view to display this view.
Embedded Views
In addition to the domain tombstone, the following embedded views are displayed:
• Statistics View
• Trusts View
• FAQts View
• Alarms View
Domain Views
Domains Explorer Summary (All Domains) View

The Domains Explorer Summary (All Domains) view displays detailed resource metrics
and information for the DCs in all of the monitored domains in your Active Directory
environment.
Figure 7
How to Get Here

adExplorer.
panel), select the Domain object container.
The Domains Explorer Summary (All Domains) view appears in the Primary
view on the adExplorer dashboard.
Note You can also click the view in Explorer link on the Domains Environment Summary (All
Domains) view.
Embedded Views
• Alarms View
Domain Explorer Summary View

The Domain Explorer Summary view displays detailed resource metrics and
information for the DCs in the selected domain.
Figure 8
Domain Views
How to Get Here

adExplorer.
panel), select an individual Domain object.
The Domain Explorer Summary view appears in the Primary view on the
Note You can also click the view in Explorer link on the Domain Environment Summary view for
the selected domain.
Embedded Views
In addition to the domain tombstone, this view is made up of the following embedded
views:
• Alarms View
Site Views
A Site represents a logical grouping of computers within Active Directory that have
reliable connectivity. Active Directory uses the site layout to create the best replication
topology for the DCs in the forest. Site topology is not related to the domain hierarchy.
That is, a domain can appear in many sites, and a site can contain many domains.
When you know the location of a directory problem, the Site views provide a quick way
to get the metrics about the site and DCs in that site.
The following views are available to monitor the health of the sites within your Active
Directory infrastructure:
• Sites Environment Summary (All Sites) View
• Site Environment Summary View
• Sites Explorer Summary (All Sites) View
• Site Explorer Summary View
Sites Environment Summary (All Sites) View

The Sites Environment Summary (All Sites) view displays a tombstone for each site in
your Active Directory environment and provides summary data about the DCs and
Global Catalog servers (GCs) within each site. It also displays the number of DCs and
GCs in each of the alarm states (fatal, critical and warning) for each site.
Figure 9
Site Views
A site tombstone displays the following information:

• name of the site
• number of subnets in the site
• number of site alarms in each state
• number of DCs in the site and number of DCs in each alarm state
• number of GCs in the site and number of GCs in each alarm state
How to Get Here

2 From the Active Directory Environment Overview (top panel), select the Sites
tile.
The Sites Environment Summary (All Sites) view appears in the Object Summary
view of the Quick View on the Active Directory Environment dashboard.
Site Environment Summary View

The Site Environment Summary view displays a tombstone for the selected site,
showing data about the object types within that site and the number of objects in each of
the alarm states. In addition to the site tombstone, this view displays details about the
DCs, subnets and transports that make up this site.
Figure 10
Site Views
How to Get Here

2 From the Active Directory Environment Overview (top panel), select the Sites
tile.
3 From the Object Tree view, select an individual Site object.
The Site Environment Summary view appears in the Object Summary view of the
Quick View on the Active Directory Environment dashboard.
Note You can also click a site’s tombstone in the Sites Environment Summary (All Sites) view to
display this view.
Embedded Views
In addition to the site tombstone, the following embedded views are displayed:
• IP Subnets View
• FAQts View
• Alarms View
Sites Explorer Summary (All Sites) View

The Sites Explorer Summary (All Sites) view displays detailed resource metrics and
information about the DCs in all of the monitored sites in your Active Directory
environment.
Figure 11
How to Get Here

adExplorer.
panel), select the Sites object container.
The Sites Explorer Summary (All Sites) view appears in the Primary view on the
Note You can also click the view in Explorer link on the Sites Environment Summary (All Sites)
view.
Site Views

• Alarms View
Site Explorer Summary View

The Site Explorer Summary view displays more detailed resource metrics and
information about the DCs in the selected site.
Figure 12
How to Get Here

adExplorer.
panel), select an individual Site object.
The Site Explorer Summary view appears in the Primary view on the adExplorer
dashboard.
Note You can also click the view in Explorer link on the Site Environment Summary view for the
selected site.
Embedded Views
In addition to the site tombstone, this view is made up of the following embedded
views:
• Alarms View
Domain Controller Views

A Domain Controller (DC) is a server that is running a version of the Windows Server
operating system and has Active Directory (Windows Server 2003) or Active Directory
Domain Services (Windows Server 2008 R2 and Windows Server 2008) installed. The
DC is tasked with managing a replica of an Active Directory domain.
The following views are available to monitor the health of your Active Directory
domain controllers:
• Domain Controllers Environment Summary (All DCs) View
• Domain Controller Environment Summary View
• Domain Controllers Explorer Summary (All DCs) View
• Domain Controller Explorer Summary View
• Resource Utilization Details View
• Domain Controller Database View
• Domain Controller LDAP View
• Domain Controller Replication View
Domain Controllers Environment Summary (All DCs) View

By default, the Domain Controllers Environment Summary (All DCs) view displays a
tombstone for each DC in your Active Directory environment and provides summary
data about the different roles performed by each DC. It also includes an alarm indicator
for each of these roles.
Figure 13
A Domain Controller tombstone displays the following information:

• name of the DC and its current alarm state
• list of roles performed by the DC and their current alarm state
• Windows operating system running on the server
• the icon in the lower left corner indicates that the DC is a virtual machine that
is being monitored by the Cartridge for VMWare or Cartridge for Hyper-V. In
addition, the tombstone is outlined in blue when it is a virtual machine that is
being monitored by one of these cartridges.
Note If you would prefer to view a list of DCs, instead of tiles for each DC, select .
You can then use the search controls to the right to filter your list of DCs.
How to Get Here

2 From the Active Directory Environment Overview (top panel), select the Domain
Controllers tile.
The Domain Controllers Environment Summary (All DCs) view appears in the
Object Summary view of the Quick View on the Active Directory Environment
dashboard.
Domain Controller Environment Summary View

The Domain Controller Environment Summary view displays a tombstone for the
selected DC and shows data relevant to that DC, the current alarm state for the DC, and
the roles being performed by the DC.
Note If the Server Health metrics are not appearing on this view, check the agent’s host detail
collection interval value. By default, the VMWare cartridge will be used to collect basic host
metrics (CPU, Memory, Network, Storage). If the VMWare cartridge is not being used to
monitor the agent instance on the selected DC, you must enable the host detail collection
by setting its collection interval to a value between 1 and 10 minutes.
Figure 14
How to Get Here

2 From the Active Directory Environment Overview (top panel), select the Domain
Controllers tile.
3 From the Object Tree view, select an individual DC object.
The Domain Controller Environment Summary view appears in the Object
dashboard.
Note You can also click a DC’s tombstone in the Domain Controllers Environment Summary (All
DCs) view to display this view.
Embedded Views
In addition to the DC tombstone, the following embedded views are displayed:
• Host Monitor View
• NOTE: When the host machine is a virtual machine that is being monitored by the
Cartridge for VMWare or Cartridge for Hyper-V, this view is replaced with two views: one
that displays the name of the virtual machine and one that displays the name of the host
server.
• Health View
• FAQts View
• Alarms View
Domain Controllers Explorer Summary (All DCs) View

The Domain Controllers Explorer Summary (All DCs) view displays more detailed
resource metrics and information about all of the monitored DCs in your Active
Figure 15
How to Get Here

adExplorer.
panel), select the Domain Controllers object container.
The Domain Controllers Explorer Summary (All DCs) view appears in the
Primary view on the adExplorer dashboard.
Note You can also click the view in Explorer link on the Domain Controllers Environment
Summary (All DCs) view.

• Alarms View
Domain Controller Explorer Summary View

The Domain Controller Explorer Summary view displays more detailed resource
metrics and information about the selected DC.
Note If the resource utilization metrics and data are not appearing on this view, check the agent’s
host detail collection interval value. By default, the VMWare cartridge will be used to collect
basic host metrics (CPU, Memory, Network, Storage). If the VMWare cartridge is not being
used to monitor the agent instance on the selected DC, you must enable the host detail
collection by setting its collection interval to a value between 1 and 10 minutes.
Figure 16
How to Get Here

adExplorer.
panel), select an individual DC object.
3 Select the Summary navigation tab.
The Domain Controller Explorer Summary view appears in the Primary view on
Note You can also click the view in Explorer link on the Domain Controller Environment
Summary view for the selected DC.

In addition to the domain tombstone, this view is made up of the following embedded
views:
• Resource Utilization View
• Core Services View
• Summary and Resource Information View
• Alarms View
Resource Utilization Details View

The Resource Utilization Details view displays more detailed information about the
selected DC’s resources.
Figure 17
How to Get Here

adExplorer.
3 Select the Summary navigation tab.
4 Click Details in the upper right-hand corner of the Resource Utilization view.
The Resource Utilization Details view appears in the Primary view on the
Embedded Views
• Processor View
• Memory View
• Storage View
• Network View
Domain Controller Database View

The Domain Controller Database view displays performance health information about
the selected DC’s database.
Figure 18
How to Get Here

adExplorer.
3 Select the Database navigation tab.
The Domain Controller Database view appears in the Primary view on the

• Database Performance Health View
Domain Controller LDAP View

The Domain Controller LDAP view displays performance health information about the
selected DC’s LDAP processes.
Figure 19
How to Get Here

adExplorer.
3 Select the LDAP navigation tab.
The Domain Controller LDAP view appears in the Primary view on the

• LDAP Performance Health View
Domain Controller Replication View

The Domain Controller Replication view displays performance health information
about the selected DC’s replication activity.
Figure 20
How to Get Here

adExplorer.
3 Select the Replication navigation tab.
The Domain Controller Replication view appears in the Primary view on the

This view is made up of the following embedded view:
• Replication Performance Health View

The remainder of this chapter provides a detailed description of the information and
metrics presented in the embedded views introduced earlier in this chapter .
• Core Services View
• Health View
• Host Monitor View
• IP Subnets View
• Memory View
• Network View
• Processor View
• Resource Utilization View
• Statistics View
• Storage View
• Summary and Resource Information View

• Trusts View
Core Services View

To display this view, select the Summary navigation tab for an individual DC in the
adExplorer dashboard. This embedded view is located below the Resource Utilization
view in the Primary view.
Core Services View

Description This view displays a list of the core services that are being
monitored and their present state.
Note This list corresponds to the Monitored Services list assigned to the
selected DC (Agent Properties).
Where to go next N/A
Database Performance Health View

To display this embedded view, select the Database navigation tab for an individual DC
in the adExplorer dashboard.

Description This view displays the database performance metrics for the
selected DC. These counters and indicators change colors based on
overall consumption or deviation from normal levels.
Data displayed NTDS.DIT Size. The counter displays the current size (in MB) of
the Active Directory database. The graph charts the size (in MB) of
the database on the selected DC over the specified time interval. It
provides a comparison of the NTDS.DIT Size counter against the
computed average.
Bytes Read. This counter displays the rate at which file bytes are
being read from the database each second.
File Bytes Read Per Second. This graph charts the total number of
file bytes read per second over the specified time interval. It
provides a comparison of the File Bytes Read counter against the
computed average.
Bytes Written. This counter displays the rate at which file bytes are
being written to the database each second.
File Bytes Written Per Second. This graph charts the total number
of file bytes written per second over the specified time interval. It
provides a comparison of the File Bytes Written counter against the
computed average.
File Operations. This counter displays the rate at which file
operations are being performed against the database each second.
File Operations Per Second. This graph charts the total number of
file operations performed per second over the specified time
interval. It provides a comparison of the File Operations counter
against the computed average.
NTDS.DIT Queue Length. The counter displays the current queue
length of the NTDS.DIT database. The graph charts the queue
length over the specified time interval. It provides a comparison of
the Queue Length counter against the computed average.
Database Transactions Per Second. This counter displays the rate
at which database transactions are taking place each second.
NTDS.DIT Transactions Per Second (Windows 2008 only). This
graph charts the number of transactions being performed per second
over the specified time interval.
Note This view will be empty if the DC is not running Windows 2008.
Where to go next Clicking a counter or graph in this view displays a metrics popup
that describes the counters and provides more detailed data points.
Domain Controller Details View

This embedded view is part of the Site Environment Summary for an individual site in
the Active Directory Environment dashboard.
Domain Controller Details View

Description This view provides the following details about the DCs in the
selected site.
Data displayed • State. Indicates the highest alarm triggered for each DC.
• Name. Displays the name of each DC.
• Roles. Displays the operations master roles ‘owned’ by the
server:
• Infrastructure Master - indicates that the DC is running the
inter-domain daemon process that resolves references to
objects in other domains that have been moved or renamed.
• PCD Master - indicates that the DC can act as the PDC for
down level backup domain controllers (BDCs) and clients.
• RID Master - indicates that the DC can allocate RID pools to
other DCs.
• Multiple FMSO - indicates that the server ‘owns’ more than
one operations master role. (Hovering your cursor over the
Multiple FMSO entry displays a list of the roles owned by the
server.)
• n/a - indicates that the server does not ‘own’ any operations
master roles.
• Bytes In. Displays the rate at which bytes are received by the
server.
• Bytes Out. Displays the rate at which bytes are sent from the
server.
Where to go next Drill down on:
• Domain Controller row. Displays the Domain Controller
Explorer Summary View for the selected DC.

To display this view, open the Summary navigation tab for an individual forest, domain
or site in the adExplorer dashboard.

Description This sortable list contains the following information for each DC in
the selected forest, domain or site.
Data displayed • State. Indicates the highest alarm triggered for each DC.
• Name. Displays the name of each DC.
• IP Address. Displays the IP address of each DC.
• Purpose. Global Catalog in this column indicates that the DC is
hosting a Global Catalog.
• Roles. Displays the operations master role ‘owned’ by the server:
• Infrastructure Master - indicates that the DC is running the
inter-domain daemon process that resolves references to
objects in other domains that have been moved or renamed.
• PCD Master - indicates that the DC can act as the PDC for
down level backup domain controllers (BDCs) and clients.
• RID Master - indicates that the DC can allocate RID pools to
other DCs.
• Multiple FMSO - indicates that the server ‘owns’ more than
one operations master role.
• n/a - indicates that the server does not ‘own’ any operations
master roles.
• CPU. Displays the current CPU utilization on the server.
• Memory. Displays the current memory utilization on the server.
• Bytes In. Displays the rate at which bytes are received by the
server.
• Bytes Out. Displays the rate at which bytes are sent from the
server.
• Replication. Indicates whether replication for the selected DC is
working properly.
• Operating System. Displays the Windows operating system

running on the server.
• Domain Controller row. Displays the Domain Controller
Explorer Summary View for the selected DC.
FSMO Roles View (Domain)

This embedded view is part of the Domain Environment Summary for an individual
domain in the Active Directory Environment dashboard.
FSMO Roles View (Domain)

Description This view contains a list of the operations master roles ‘owned’ by
DCs in the selected domain.
Data displayed • State. For each operations master role listed, this field indicates
the current state of the DC that ‘owns’ the role.
• Role. Lists the operations master roles ‘owned’ by DCs in the
selected domain.
• Name. For each operations master role listed, this field displays
the name of the DC that ‘owns’ the operations master role.
FSMO Roles View (Forest)

This embedded view is part of the Forest Environment Summary for an individual forest
in the Active Directory Environment dashboard.
FSMO Roles View (Forest)

Description This view contains the following information for the forest level
operations master roles ‘owned’ by DCs in the selected forest.
Data displayed • Domain. For each operations master role listed, this field displays
the name of the domain where the DC that ‘owns’ the operations
master role resides.
• Server. For each operations master role listed, this field displays
the name of the DC that ‘owns’ the operations master role.
Health View
This embedded view is part of the Domain Controller Environment Summary for an
individual DC in the Active Directory Environment dashboard.
Health View
Description This view displays a summary of the present state of the selected
DC’s computer resources.
Data displayed CPU. The status indicator represents the alarm of highest severity
that is outstanding for the host CPU counters.
Memory. The status indicator represents the alarm of highest
severity that is outstanding for the host memory counters.
Network. The status indicator represents the alarm of highest
severity that is outstanding for the host network counters.
Storage. The status indicator represents the alarm of highest severity
that is outstanding for the host storage counters.
Health View
AD. The status indicator represents the alarm of highest severity that
is outstanding for the Active Directory related counters.
• Health Counter. Displays an Alarms popup listing the current
alarms that are outstanding for the selected computer resource.
Host Monitor View

This embedded view is part of the Domain Controller Environment Summary for an
individual DC in the Active Directory Environment dashboard.
Note When the host machine is a virtual machine that is being monitored by the Cartridge for
VMWare or Cartridge for Hyper-V, this view is replaced with two views: one that displays the
name of the virtual machine and one that displays the name of the host server.
Host Monitor View

Description This view displays the name of the target server from which data is
being collected.
• Host Monitor Name. Displays the Host Monitor dashboard that
provides a real-time overview of how a host is performing. For
more information about the Host Monitor dashboard, see the
Foglight User Guide or online help.
Note When the host is a virtual machine that is being monitored by the
Cartridge for VMWare or Cartridge for Hyper-V, this link drills down to
the Explorer Summary page for the selected DC. There is also an
additional link that drills down to the metrics for the host of the virtual
machine. Both of these drill down views are part of the Cartridge for
VMWare or Cartridge for Hyper-V.
Inter-Site Transports View

Inter-Site Transports View

Description This sortable list contains the following information for each site
link in the selected site.
Data displayed • Name. Displays the name of the site link.
• Type. Displays the type of link.
• Description. If available, displays the description of the site link.
• Cost. Displays the relative cost of replication using the link.
• Replication Interval. Displays the replication frequency (number
of minutes between replications).
Inventory By Category View

This embedded view is part of the Forest Environment Summary, Domain Environment
Summary and Site Environment Summary, which is displayed when an individual
forest, domain or site is selected in the Object Tree view (Quick View) on the Active
Directory Environment dashboard.

Description This view displays the number of servers performing different tasks
for the selected forest, domain or site and the number of those
servers in each alarm state.
Data displayed For a forest object, the following is displayed:
• FSMO Holders. Indicates how many servers in this forest are
operation masters and the alarm state for each of these servers.
• DNS Servers. Indicates how many DNS servers reside in this
forest and the alarm state for each of these servers.
• Global Catalogs. Indicates how many servers in this forest are
hosting a Global Catalog and the alarm state for each of these
servers.
For a domain object, the following is displayed:
• Sub Domains. Indicates how many subordinate domains are in
this domain and the alarm state for each of these sub domains.
• DNS Servers. Indicates how many DNS servers reside in this
domain and the alarm state for each of these servers.
• FSMO Holders. Indicates how many servers in this domain are
operations masters and the alarm state for each of these servers.
• Global Catalogs. Indicates how many servers in this domain are
hosting a Global Catalog and the alarm state for each of these
servers.
For a site object, the following is displayed:
• Domains. Indicates how many domains reside in this site and the
alarm state for each domain.
• DNS Servers. Indicates how many DNS servers reside in this site
and the alarm state for each of these servers.
• FSMO Holders. Indicates how many servers in this site are
operation masters and the alarm state for each of these servers.
• Category Heading. Displays an Inventory popup that displays the
names of the servers performing the selected task.
• Domain Controller Inventory Popup - Domain Controller.
Displays the Domain Controller Explorer Summary view for the
selected DC.
• Alarm Icon or Number. Displays an Alarms popup that displays
the current alarms for the DCs performing the selected task.
• Alarms Popup - Domain Controller. Allows you to display the

metrics for the selected DC in either the adExplorer or Quick
View.
• Alarms Popup - AD object icon, Severity icon, Time, or Alarm
Message. Displays an Alarm Details popup containing details
about the selected alarm.
• Alarms Popup - Info icon. Displays a metrics popup containing a
trend graph, metric description and troubleshooting tips for the
selected alarm.
Note The popup trend graph is scoped to the time when the alarm was
triggered.
IP Subnets View
IP Subnets View
Description This view lists the IP subnets associated with the selected site.
LDAP Performance Health View

To display this embedded view, select the LDAP navigation tab for an individual DC in

Description This view displays LDAP performance metrics for the selected DC.
The counters and indicators change colors based on overall
consumption or deviation from normal levels.
Data displayed LDAP Bind Response Time. This metrics indicator shows the
amount of time it took (in milliseconds) to complete the last LDAP
bind request.
LDAP Bind Time. This graph charts the LDAP bind time (in
milliseconds) over the specified time interval. It provides a
comparison of the LDAP Bind Time counter against the computed
average.
DS Directory Reads. This counter displays the rate at which
directory reads are being performed per second.
DS Directory Reads Per Second. This graph charts the number of
directory reads performed per second during the specified time
interval. It provides a comparison of the DS Directory Reads
counter against the computed average.
Kerberos Authentications. This counter displays the rate at which
clients are using a Kerberos ticket to authenticate to the DC.
NTLM Authentications. This counter displays the rate at which
NTLM authentications are being serviced by the DC.
Authentication Requests. This graph provides a comparison of the
following authentication request counters:
• Kerberos Authentications/sec. Shows the number of times per
second that clients use a Kerberos ticket to authenticate to the DC.
• NTLM Authentications/sec. Shows the number of NTLM
authentications serviced by the DC each second.
Ping Response Time. This metrics indicator shows the round trip
time it is taking for packets from the local host to reach the
designated computer.
ICMP Ping Response Time. This graph charts the round trip time it
took for packets from the local host to reach designated computers
during the specified time interval. It provides a comparison of the
Ping Response Time counter against the computed average.
LDAP Binds and Searches. These indicators display the rate at
which LDAP clients perform bind and search operations.
DS Threads in Use. This graph charts the number of threads
currently servicing client API calls. It provides a comparison of the
DS Threads In Use counter against the computed average.
LDAP Client Sessions. The metrics indicator shows the current
number of connected LDAP client sessions. The graph charts the
number of LDAP client sessions connected to the selected DC over
the specified time interval. It provides a comparison of the LDAP
Client Sessions counter against the computed average.
Where to go next Clicking a graph in this view displays a metrics popup that describes
the counters and provides more detailed data points.
Memory View
This embedded view is part of the Resource Utilization Details view. To display this
view, select the Details link in the upper right corner of the Resource Utilization view
for an individual DC in the adExplorer dashboard.
Memory View
Description This view displays memory utilization metrics for the selected DC.
Data displayed Available Bytes. Displays the amount of memory (in MB) available.
Committed Bytes. Displays the percent of total bytes committed.
Memory Available and Consumed. This graph charts memory
capacity and memory consumed during the specified time interval.
It provides a comparison the following counters:
• Memory Capacity. Shows the maximum or minimum amount of
memory a computer or hardware device is capable of having.
• Memory Consumed. Shows the amount of memory being used.
Memory View
Memory Cache Bytes. This graph charts the size of the file system
cache over the specified time interval. It provides a comparison of
the Cache Bytes counter against the computed average.
Page Rate Per Second. The counter displays the rate at which pages
are currently being read from or written to memory in order to
resolve hard page faults.
Memory Pages Per Second. This graph charts the rate at which
pages are read from or written to memory in order to resolve hard
page faults for the specified time interval.
Memory Pool Paged and Non Paged Bytes. This graph shows a
comparison of the following counters:
• Memory\Pool Paged Bytes. Shows the portion of shared system
memory that can be paged to the disk paging file.
• Memory\Pool Nonpaged Bytes. Shows the portion of physical
memory that can be accessed from any address space without
incurring paging I/O.
.NET CLR Exceptions Thrown Per Second. This graph charts the
number of exceptions thrown per second during the specified time
interval.
.NET CLR Percent Time in Garbage Collection. This graph charts
the percentage of time being spent performing garbage collections
during the specified time interval.
.NET CLR Memory Bytes in All Heaps. This graph charts the
memory usage by all managed resources during the specified time
interval.
Network View
Network View
Description This view displays network utilization metrics for the selected DC.
Data displayed Network Interface. Displays a list of network interfaces available
on the selected DC. Selecting a network interface in this view
displays the following metrics for the selected interface.
• Available Bandwidth. This counter displays the current
percentage of bandwidth that is available.
• Bandwidth. This graph charts the network bandwidth (MB/sec)
for the selected network interface over the specified time interval.
It provides a comparison of this counter against the computed
average.
• Output Queue Length. This graph charts the length of the output
queue over the specified time interval. It provides a comparison of
this counter against the computed average.
• Send & Receive Rates. These counters display the rate at which
data is sent and received over the selected network interface.
• Packet Outbound Errors. This graph charts the number of
outbound packets that could not be transmitted due to errors. It
provides a comparison of this counter against the fatal, critical
and warning levels.
Processor View
Processor View
Description This view displays processor utilization metrics for the selected DC.
The counters and indicators in this view change color based on
overall consumption or deviation from normal levels.
Data displayed System\Processor Queue Length. This counter indicates the
number of threads each processor is currently servicing. This
number should not be greater than five per processor.
Processor Queue Length can be used to identify when processor
contention or high CPU utilization is caused by the processor
capacity being insufficient to handle the assigned workload.
Percent Processor Time. This graph provides a comparison of the
following counters:
• Processor(_Total)\% User Time. Shows the percentage of time
that is spent in user mode. User mode is a restricted processing
mode designed for applications, environment subsystems, and
integral subsystems.
• Processor(_Total)\% Privileged Time. Shows the percentage of
time that is spent in privileged mode. Privilege mode is a
processing mode designed for operating system components and
hardware-manipulating drivers. It allows direct access to hardware
and memory.
• Processor(_Total)\% Processor Time. Shows the percentage of
time that the processor is executing application or operation
system processes.
Replication Performance Health View

To display this embedded view, select the Replication navigation tab for an individual
DC in the adExplorer dashboard.

Description This view displays replication performance metrics for the selected
DC. The counters and indicators change colors based on overall
Data displayed Replication Queue Length. The metrics indicator displays the
current length of the replication queue. The graph charts the length
of the replication queue over the specified time interval. It provides
a comparison of the Replication Queue Length counter against the
computed average.
Replication Failures. This table displays the following information
about replication failures that have occurred during the specified
time interval:
• Time
• Partition
• Reason Code
• Reason
DRA Objects In/Out. These counters indicate the rate at which
objects are being replicated.
DRA Bytes In/Out. These counters indicate the rate at which bytes
of data are being replicated.
DRA Objects Filtered and Applied Per Second. This graph
provides a comparison of the following counters:
• DRA Inbound Objects Applied/Sec. Shows the rate at which
replication updates that are received from replication partners are
applied by the local directory service. This count excludes
changes that are received but not applied (for example, when a
change is already present).
• DRA Inbound Objects Filtered/Sec. Shows the number of
objects received from inbound replication partners that contained
no updates that needed to be applied.
• DRA Outbound Object Filtered/Sec. Shows the number of
objects looked at by outbound replication partners that were
determined to contain no updates that the needed to be applied by
the outbound partner.
Replication Requests. This counter displays the rate at which
replication requests are being made.
Replication Requests Per Second. This graph charts the number of

replication requests made per second during the specified time
interval. It provides a comparison of the Replication Requests
DRA Sync Requests Made. This graph charts the number of
directory synchronization requests made to the neighbors during the
specified time interval. It provides a comparison of the DRA Sync
Requests Made counter against the computed average.
DRA Pending Replication Synchronizations. This graph charts the
number of directory synchronizations that are queued for this server
awaiting to be processed during the specified time interval. It
provides a comparison of the DRA Pending Replication
Synchronizations counter against the computed average.
Replication Counters. This table displays additional replication
counters and the rate at which the related replication activity is
occurring over the specified time interval.
Where to go next Clicking a graph or replication counter in this view displays a
metrics popup that describes the counters and provides more
detailed data points.

To display this view, select the Summary navigation tab for an individual DC in the
adExplorer dashboard. This view is located at the top of the Primary view.
Note If the resource utilization metrics and data are not appearing on this view, check the agent’s
host detail collection interval value. By default, the VMWare cartridge will be used to collect
basic host metrics (CPU, Memory, Network, Storage). If the VMWare cartridge is not being
used to monitor the agent instance on the selected DC, you must enable the host detail
collection by setting its collection interval to a value between 1 and 10 minutes.

Description This view displays the resource utilization metrics for the selected
DC over the specified time interval. The counters and indicators
change colors based on overall consumption or deviation from
normal levels.
Data displayed CPU Load. This counter indicates the total CPU load per second for
the selected DC.
CPU Utilization. This graph charts CPU utilization for the selected
DC over the specified time interval. It provides a comparison of the
CPU Utilization counter against the defined warning, critical and
fatal alarm levels.
Total Memory. This metrics indicator displays the maximum
capacity of memory on the selected DC.
Memory In Use. This metrics indicator displays the actual amount
of physical memory currently being used.
Memory Utilization. This graph charts the memory utilization for
the selected DC over the specified time interval. It provides a
comparison of the Consumed Memory counter against the computed
average.
Network I/O. This counter displays the rate at which data is coming
in and going out over the network interface on the selected DC.
Network Utilization. This graph provides a comparison of the
following counters over the specified time interval:
• Send Rate. Displays how many bytes of data are being sent to the
NIC each second.
• Receive Rate. Displays how many bytes of data are coming in
from the NIC each second.
Disk I/O. This counter displays the rate at which the disk I/O system
on the selected DC is processing disk reads and writes.
Disk Utilization. This graph provides a comparison of the following
counters over the specified time interval:
• Read Rate. Displays the rate at which data is being read by the
disk.
• Write Rate. Displays the rate at which data is being written to the
disk.

• Details link. Displays the Resource Utilization Details View for
the selected DC.
• Clicking a counter in this view displays a metrics popup that
describes the counters and provides more detailed data points.
Server Health View

This embedded view is part of the Domain Controller Environment Summary when an
individual DC is selected in the Object Tree view (Quick View) in the Active Directory
Environment dashboard.
Note If the host metrics are not appearing on this view, check the agent’s host detail collection
interval value. By default, the VMWare cartridge will be used to collect basic host metrics
(CPU, Memory, Network, Storage). If the VMWare cartridge is not being used to monitor the
agent instance on the selected DC, you must enable the host detail collection by setting its
collection interval to a value between 1 and 10 minutes.
Server Health View

Description This view summarizes the current health of the selected DC. These
counters change colors based on overall consumption or deviation
from normal levels.
Data displayed CPU. This counter is displays the current CPU load.
Network. These counters indicate the present state of the network
utilization for the selected DC.
• Send Rate. Indicates the rate at which data is currently being sent
over the network.
• Receive Rate. Indicates the rate at which data is currently being
received over the network.
• Network I/O. These counters indicate the rate at which data is
currently being transferred through the network interface.
Memory. This counter displays what percent of memory is currently
being used. It can be used to determine whether you have memory
problems.
Server Health View
Storage. These counter indicate the present state of disk

performance.
• Write Rate. Indicates the rate at which data is being written to the
disk.
• Read Rate. Indicates the rate at which data is being read from the
disk.
• Used Space. Displays the amount of storage being used.
• Free. Displays the amount of storage available.
• Total. Displays the total storage capacity.
• Clicking a counter in this view displays a metrics popup that
describes the counters and provides more detailed data points.
• Used Space. Displays an additional view with details about the
logical disk.
Statistics View
This embedded view is part of the Forest Environment Summary and Domain
Environment Summary when an individual forest or domain is selected in the Object
Tree view (Quick View) in the Active Directory Environment dashboard.
Statistics View
Description This view provides statistics regarding the Active Directory
accounts in the selected forest or domain.
Data displayed • Users. Indicates how many Active Directory user accounts are in
the selected forest or domain.
• Groups. Indicates how many Active Directory group accounts are
in the selected forest or domain.
• Computers. Indicates how many computer accounts are in the
selected forest or domain.
Storage View
Storage View
Description This view displays storage utilization metrics for the selected DC.
Data displayed Logical Disk Read and Write Time. This graph charts the
following counters:
• Logical Avg. Disk sec/Read. Shows the average time, in seconds,
it takes to read data from the disk.
• Logical Avg. Disk sec/Write. Shows the average time, in seconds,
it takes to write data to the disk.
Physical Disk Read and Write Time. This graph charts the
following counters:
• Physical Avg. Disk sec/Read. Shows the average time, in seconds,
it takes to read data from the disk.
• Physical Avg. Disk sec/Write. Shows the average time, in
seconds, it takes to write data to the disk.

This embedded view is part of the Domain Explorer Summary view when an individual
DC is selected in the Active Directory Enterprise view on the adExplorer dashboard.

Description This view displays the following information about the selected DC:
Data displayed DC Name. Displays the name of the selected DC.
IP Address. Displays the IP address of the selected DC.
Operating System. Displays the operating system running on the
selected DC.
FQDN. Displays the fully-qualified domain name of the domain
where the selected DC resides.
Uptime. Displays how long the server has been up and running.
Site. Displays the name of the site to which the selected DC
belongs.
Processors. Displays the number of CPUs on the selected DC.
Memory Capacity. Displays the memory capacity of the selected
DC.
Network Interfaces. Displays the number of network interfaces
available on the selected DC.
Storage Devices. Displays the number of storage devices on the
selected DC.
Top AD Metrics View

The Top AD Metrics view is part of the Domain Controller Environment Summary
when an individual DC is selected in the Object Tree view (Quick View) on the Active
Directory Environment dashboard. The contents of this view depends on the heading
selected at the top of the view.
Note Click on the status indicator to the left of a heading to display an alarm popup listing the
active alarms for the selected category.
Top AD Metrics View - Database

Description When Database is selected, this view displays the following metrics
for the Active Directory database on the selected DC. These
counters and indicators change colors based on overall consumption
or deviation from normal levels:
Data displayed NTDS.DIT Size. The metrics indicator shows the size of the Active
Directory database and indicates the alarm level based on the
predefined threshold. The graph charts the size (in MB) of the
database over the specified time interval. It provides a comparison
of the NTDS.DIT Size counter against the computed average.
Time To Fill Logical Disk. Indicates how many days it will take to
fill the database.
Top AD Metrics View - Database
Bytes Read. This counter shows the rate at which file bytes are read
from the database.
Bytes Read/Sec. This graph charts the rate at which file bytes are
read from the database over the specified time interval. It provides a
comparison of the File Bytes Read counter against the computed
average.
Bytes Written. This counter shows the rate at which file bytes are
written to the database.
Bytes Written/Sec. This graph charts the rate at which file bytes are
written to the database over the specified time interval. It provides a
comparison of the File Bytes Written counter against the computed
average.
Top AD Metrics View - LDAP
Description When LDAP is selected, this view displays LDAP related metrics
for the selected DC. The counters and indicators change colors
based on overall consumption or deviation from normal levels.
Data displayed LDAP Bind Response Time. This metrics indicator shows the
amount of time it is took to complete the last LDAP bind request.
LDAP Bind Time. This graph charts the amount of time it took to
complete successful LDAP bind requests over the specified time
interval. It provides a comparison of the LDAP Bind Time counter
against the computed average.
DS Directory Reads. This counter shows the rate at which DS
directory reads are taking place.
DS Directory Reads Per Second. This graph charts the number of
DS directory reads taking place per second over the specified time
interval. It provides a comparison of the DS Directory Reads
Top AD Metrics View - Replication
Description When Replication is selected, this view display replication metrics

for the selected DC. These counters and indicators change colors
based on overall consumption or deviation from normal levels.
Data displayed Replication Failures. Displays the number of replication failures
encountered during the specified time interval.
DRA Objects In/Out. These indicators show the rate at which data
objects are replicated in and out of the selected DC.
DRA Bytes In/Out. These indicators show the rate at which data
bytes are replicated in and out of the selected DC.
Replication Requests. This counter displays the rate at which
replication requests are being processed by the DC.
Replication Requests Per Second. This graph charts the number of
replication requests being processed per second over the specified
time interval. It provides a comparison of the Replication Requests
Top AD Metrics View - Roles
Description When Roles is selected, this view displays additional data about the
roles being performed by this DC.
Data displayed FSMO. A green check icon indicates whether this DC ‘owns’ the
following operations master roles:
• Schema Master
• Domain Naming Master
• Infrastructure Master
• RID Master
• PDC Emulator
DNS.
• SVR Record for DC Registered. When this check box is selected
it indicates that the SVR record for the selected DC is registered.
• DNS Server. When this check box is selected it indicates that this
DC is a DNS Server. If the DC is a DNS server, this view also
displays the rate at which queries are received and responses are
sent.
Global Catalog.
• Global Catalog. When this check box is selected it indicates that
this DC is hosting a Global Catalog.
• Global Catalog Search Response. This value displays the rate at
which it takes to perform a Global Catalog search.
Total Queries Received. (DNS Servers only) Displays a metrics
popup that describes the counter and a graph that charts the number
of queries received over the specified time interval.
Total Responses Sent. (DNS Servers only) Displays a metrics
popup that describes the counter and a graph that charts the number
of responses sent over the specified time interval.
Global Catalog Search Response. Displays a metrics popup that
describes the counter and a graph that charts data over the specified
time interval.
Top 3 Consumers View

This view is part of the Forest Environment Summary, Domain Environment Summary
and Site Environment Summary, when an individual forest, domain or site is selected in
the Object Tree view (Quick View) on the Active Directory Environment dashboard.
Top 3 Consumers View

Description The sortable lists in this view display the top three DCs in the
selected forest, domain or site that are consuming the most
computer resources.
Data displayed Top CPU Consumers. Lists the top three DCs that are consuming
the most CPU processor time. This table includes the name of the
DCs and the CPU resources being consumed by each DC.
Top Memory Consumers. Lists the top three DCs that are
consuming the most memory. This table includes the name of the
DCs and the amount of memory being consumed by each DC.
Top Network Consumers. Lists the top three DCs that are
consuming the most network bandwidth. This table includes the
name of the DCs and the rate at which network resources are being
consumed by each DC.
Top Storage Consumers. Lists the top three DCs that are
consuming the most storage space. This table includes the name of
the DCs and the rate at which storage resources are being consumed
by each DC.
Top 3 CPU Consumers View

This view is part of a Forest Explorer Summary, Domain Explorer Summary or Site
Explorer Summary, which is displayed when an individual forest, domain or site is
selected in the Active Directory Enterprise view on the adExplorer dashboard. This
view is also displayed on the Summary views for the Forests, Domains, and Sites object
containers.
Top 3 CPU Consumers View

Description The graph charts the CPU utilization for the top three DCs in the
selected forest, domain or site. The list at the bottom of this view
displays the top three DCs that are consuming the most CPU
processor time during the specified time interval.
Top 3 DS Directory Reads/Sec View

selected in the Active Directory Enterprise view on the adExplorer dashboard.
Top 3 DS Directory Reads/Sec View

Description The graph charts the number of directory reads per second for the
top three DCs in the selected forest, domain or site. The list at the
bottom of this view displays the top three DCs that are generating
the most directory reads during the specified time interval.
Top 3 LDAP Bind Times View

Top 3 LDAP Bind Times View

Description The graph charts how long (in milliseconds) it took to perform the
last successful LDAP bind request on the top three DCs in the
displays the top three DCs that took the longest to perform the last
successful LDAP bind request during the specified interval.
Top 3 Memory Consumers View

view is also displayed on the Explorer Summary views for the Forests, Domains, and
Sites object containers.
Top 3 Memory Consumers View

Description The graph charts the memory utilization for the top three DCs in the
displays the top three DCs that are consuming the most memory
during the specified time interval.
Top 3 Network Consumers View

Top 3 Network Consumers View

Description The graph charts the network utilization for the top three DCs in the
displays the top three DCs that are consuming the most network
bandwidth during the specified time interval.
Top 3 Replication Queue Length View

Top 3 Replication Queue Length View

Description The graph charts the replication queue lengths for the top three DCs
in the selected forest, domain or site. The list at the bottom of this
view displays the top three DCs that have the longest replication
queue lengths during the specified time interval.
Top 3 Storage Consumers View

Top 3 Storage Consumers View

Description The graph charts the storage utilization for the top three DCs in the
displays the top three DCs that are consuming the most storage
space during the specified time interval.
Trusts View
This embedded view is part of the Forest Environment Summary and Domain
Environment Summary when an individual forest or domain is selected in the Object
Tree view (Quick View) on the Active Directory Environment dashboard.
Trusts View
Description This view contains a list of inbound and outbound trusts established
for the selected forest or domain.
Data displayed Inbound. Displays the name of the forests/domains that trust the
current forest or domain.
Outbound. Displays the name of the forests/domains that the
current forest or domain trusts.
Trusts View
Type. For both Inbound and Outbound trusts, this column displays
the state of each trust relationship:
• Tree Root - the trust relationship is between two tree root domains
in the forest.
• Parent - the trust relationship is from a parent domain to a child
domain.
• Child - the trust relationship is from a child domain to a parent
domain.
• External - the trust relationship is with a pre-Windows 2000 (NT)
domain.
• Non-Windows Kerberos Realm - the trust relationship is with a
Kerberos realm, which is a standard security and authentication
protocol.
• DCE Realm - the trust relationship is with a DCE realm.
• Shortcut - the trust relationship is between two domains in the
same forest that are not directly related.
Transitive. For both Inbound and Outbound trusts, this columns
indicates whether the trust is a transitive trust. Transitive trusts can
only exist between domains within the same domain tree or forest.
6
Cartridge for Active Directory
Rules
The Foglight Cartridge for Active Directory includes a number of predefined rules to
monitor all critical components of Active Directory on a continuous basis to ensure that
the directory is functioning properly. The rules included in this cartridge alert you to key
conditions that may affect the health of Active Directory. Foglight allows you to modify
these predefined rules or create your own rules to ensure you are monitoring statistics
and alerting on conditions specific to your Active Directory environment.
The Cartridge for Active Directory provides an additional dashboard that can be used to
manage the cartridge’s rules. That is, the Cartridge for Active Directory rules can be
managed using one of the following dashboards:
• Manage Rules dashboard (Dashboards > Administration > Rules &
Notifications > Manage Rules)
• Active Directory Rules Management dashboard (Dashboards > Active
Directory > Rule Management)
This chapter describes the Active Directory Rule Management dashboard and explains
the tasks that can be performed from this dashboard. It also provides a description of the
rules used by the Cartridge for Active Directory to monitor your Active Directory
infrastructure.
Manage Rules Dashboard

The Manage Rules dashboard lists all rules that exist in your environment and allows
you to drill down to rule definitions. From this dashboard you can create and manage
rules.
See the Foglight Administration and Configuration Guide or online help for more
information about using the Manage Rules dashboard to manage rules.
Active Directory Rule Management Dashboard

The Active Directory Rule Management dashboard contains a sortable list of all the
rules used by the Monitoring Microsoft Active Directory. From this dashboard you can
quickly see which rules are enabled/disabled, the states (fatal, critical or warning) with
active conditions, predefined alarm threshold values, rules with current alarms, and a
brief description of each rule.
Figure 1
Cartridge for Active Directory Rules 125
Active Directory Rule Management Dashboard
The Active Directory Rule Management dashboard displays the following information
about the Cartridge for Active Directory rules.
Column Description
Use the selection check box column to select one or more rules
in the list. Once selected, you can enable or disable the selected
rules using the buttons at the top of the table.
To select or clear all of the rules in the list, click on the check
box in the heading row.
Enabled Displays one of the following icons indicating whether the rule
is enabled or disabled:
- Enabled
- Disabled
Clicking the icon in this column will either disable or enable the
selected rule.
Rule Displays the name of the rule.

Selecting the rule name launches the rule editor where you can
view or edit the selected rule.
Figure 2 • A numeric value or a graph icon in this column indicates

that a fatal condition is defined and active for this rule.
Selecting a value displays a dialog allowing you to specify a
different value. Selecting a graph icon launches the rule editor
where you can view or edit the selected rule.
• A grayed out value or graph icon indicates that a fatal
condition is defined but not active for this rule. Selecting a
deactivated value displays a dialog allowing you to specify
the value and activate the condition. Selecting a deactivated
graph icon launches the rule editor where you can edit and
activate the condition.
• The set rule icon indicates that a fatal condition is not yet
defined for this rule. Selecting this icon displays a dialog
allowing you to specify a value for the rule or launches the
rule editor allowing you to define a fatal condition for this
rule.
Column Description

that a critical condition is defined and active for this rule.
• A grayed out value or graph icon indicates that a critical
• The set rule icon indicates that a critical condition is not
yet defined for this rule. Selecting this icon displays a dialog
rule editor allowing you to define a critical condition for this
rule.

that a warning condition is defined and active for this rule.
• A grayed out value or graph icon indicates that a warning
• The set rule icon indicates that a warning condition is not
yet defined for this rule. Selecting this icon displays a dialog
rule editor allowing you to define a warning condition for this
rule.
Managing Cartridge for Active Directory Rules
Column Description
Alarms Indicates the number of outstanding alarms for each rule.

Selecting the number in this column displays the alarms popup.
From the alarm list on this popup:
• Clicking the alarm message, time or severity icon for an
individual alarm displays the Alarm Details dialog from which
you can acknowledge or clear the alarm.
• Selecting the Info icon displays the Metrics and
Troubleshooting dialog. (When a service is stopped, the popup
displays the state of the selected service at different times over
the specified time interval.)
• Selecting a server allows you to view the performance metrics
in the adExplorer or Quick View.
Description Provides a brief description of the rule.
Managing Cartridge for Active Directory Rules

In addition to viewing the Cartridge for Active Directory rules, you can edit alarm
thresholds and enable/disable rules using the Active Directory Rule Management
dashboard.
To disable a rule:
1 Locate the rule to be disabled and click the icon in the corresponding Enabled
column.
Note To disable multiple rules, select the corresponding check boxes to the left of the
rules to be disabled and select the Disable Rule tool bar button.
2 On the confirmation dialog, select Yes.

To edit the condition of a rule:
1 Select the rule in the Rule column or its corresponding graph icon in the
Fatal, Critical or Warning columns.
Note Hovering the cursor over a numeric value or graph icon will display the current
condition that is defined.
Note To define a condition for a rule, select the set rule icon in the corresponding
Fatal, Critical or Warning columns.
2 On the Edit Rule view, edit the conditions, alarms, actions, schedules, behavior or
rule variables as required. After making your edits, select Save All.
For more detailed information on editing rules, see the Foglight Administration
and Configuration Help.
Note In the browser interface, open the Help tab in the action panel. Navigate to Using
Foglight > Administration and Configuration Help > Tuning Foglight for
Optimal Performance > Using Foglight Rules to Report on Bottlenecks. Scroll
to the bottom of that page to find a list of reference topics including procedures
explaining how to perform a variety of tasks related to rules.
To edit the alarm threshold assigned to a rule:

1 Select the numeric value in the Fatal, Critical or Warning columns.
2 Enter the new value and select Update.
To activate/deactivate a condition for a rule:
1 Select the deactivated value or graph icon in the corresponding Fatal, Critical
or Warning columns.
• If you selected a deactivated value, on the Threshold dialog, select the
Activate check box and if desired modify the threshold value displayed. Select
Update.
• If you selected a deactivated graph icon, on the Edit Rule view, select the
Activate check box on the Conditions, Alarms & Actions tab. If necessary,
edit the conditions, alarms, actions, schedules, behavior or rule variable as
required. After activating and/or modifying the condition, select Save All.
2 To deactivate a condition, select the rule, active value or chart icon in the
corresponding Fatal, Critical or Warning columns.
• If you selected a value, on the Threshold dialog, clear the Activate check box.
Select Update.
• If you selected a rule or a graph icon, on the Edit Rule view, clear the Activate
check box on the Conditions, Alarms & Actions tab. After deactivating the
condition, select Save All.
Rules Reference
Rules Reference
Foglight allows you to create flexible rules that can be applied to complex, interrelated
data from multiple sources within your distributed system. You can associate several
different actions with a rule, configure a rule so that it does not fire repeatedly, and
associate a rule with schedules to define when it should and should not be evaluated.
Different types of data can be used in rules, including registry variables, raw metrics,
derived metrics, and topology object properties.
There are two types of rules in Foglight: simple rules and multiple-severity rules. A
simple rule has a single condition, and can be in one of three states: Fire, Undefined, or
Normal. A multiple-severity rule can have up to five severity levels: Undefined, Fatal,
Critical, Warning, and Normal.
Rule conditions are regularly evaluated against monitoring data (metrics and topology
object properties collected from your monitored environment and transformed into a
standard format). Therefore, the state of the rule can change if the data changes. For
example, if a set of monitoring data matches a simple rule’s condition, the rule enters
the Fire state. If the next set does not match the condition, the rule exits the Fire state
and enters the Normal state.
A rule condition is a type of expression that can be true or false. When it evaluates to
true, the rule is said to fire, causing any actions that are associated with the rule or
severity level to be performed. You can configure a rule to perform one or more actions
upon entering or exiting each state. When a multiple-severity rule fires, an alarm also
appears in Foglight.
For more information, see the Foglight Administration and Configuration Guide or
online help.
The Cartridge for Active Directory includes the following Active Directory rules:
• Active Directory Host Services Rule
• Active Directory NTDS DIT Queue Length Rule
• Database File Bytes Read Per/sec Rule
• Database File Bytes Written Per/sec Rule
• Database File Operations Per/sec Rule
• Database - Time to Fill Logical Disk for NTDS.DIT Rule
• DC Connectivity Rule
• DC ICMP Ping Response Rule
• DNS Total Queries Received Per/sec Rule

• DNS Total Responses Sent Per/sec Rule
• DRA Inbound Bytes Compressed (Between Sites, Before Compression) Per/sec
Rule
• DRA Inbound Bytes Not Compressed (Within Site) Per/sec Rule
• DRA Inbound Bytes Total Per/sec Rule
• DRA Inbound Full Sync Objects Remaining Rule
• DRA Inbound Objects Applied Per/sec Rule
• DRA Inbound Objects Filtered Per/sec Rule
• DRA Inbound Objects Per/sec Rule
• DRA Inbound Object Updates Remaining in Packet Rule
• DRA Inbound Properties Applied Per/sec Rule
• DRA Inbound Properties Filtered Per/sec Rule
• DRA Inbound Properties Total Per/sec Rule
• DRA Inbound Values (DNs only) Per/sec Rule
• DRA Inbound Values Total Per/sec Rule
• DRA Outbound Bytes Compressed (Between Sites, After Compression) Per/sec
Rule
• DRA Outbound Bytes Compressed (Between Sites, Before Compression) Per/sec
Rule
• DRA Outbound Bytes Not Compressed (Within Site) Per/sec Rule
• DRA Outbound Bytes Total Per/sec Rule
• DRA Outbound Objects Filtered Per/sec Rule
• DRA Outbound Objects Per/sec Rule
• DRA Outbound Properties Per/sec Rule
• DRA Outbound Values (DNs only) Per/sec Rule
• DRA Outbound Values Total Per/sec Rule
• DRA Pending Replication Synchronizations Rule
• DRA Sync Requests Made Rule
• DS Security Descriptor Propagation Events Rule
Rules Reference
• DS Security Descriptor Suboperations Per/sec Rule

• ESE Database Cache Percent Hit Rule
• ESE Database Cache Size Rule
• ESE Database Page Faults Per/sec Rule
• ESE Database Page Fault Stalls Per/sec Rule
• ESE Log Record Stalls Per/sec Rule
• ESE Log Threads Waiting Rule
• ESE Log Writes Per/sec Rule
• ESE Table Open Cache Hits Per/sec Rule
• ESE Table Open Cache Misses Per/sec Rule
• ESE Table Open Cache Percent Hit Rule
• ESE Table Opens Per/sec Rule
• Global Catalog Demotion Rule
• Global Catalog Promotion Rule
• LDAP Bind Time Rule
• LDAP Client Sessions Rule
• LDAP DS Directory Reads Per/sec Rule
• LDAP DS Threads in Use Rule
• LDAP Kerberos Authentications Rule
• LDAP NTLM Authentications Rule
• LDAP Searches Per/sec Rule
• LDAP Successful Binds Per/sec Rule
• SVR Record Registered Rule
In addition, this cartridge may use the following Host Monitoring rules:
Note The host monitoring rules are only used if the Cartridge for VMWare is NOT collecting the
host metrics. If the host metrics are being collected by the Cartridge for VMWare, the host
monitoring rules defined for that cartridge will be used instead.
• Host ASP.NET Applications Requests in App Queue Rule

• Host ASP.NET Request Current Rule
• Host CPU Privileged Time Rule
• Host CPU User Time Rule
• Host CPU Utilization Rule
• Host DOT NET Framework Exceptions Rule
• Host DOT NET Framework Memory Rule
• Host Logical Disk sec Avg Read Rule
• Host Logical Disk sec Avg Write Rule
• Host Memory Available Rule
• Host Memory Cache Rule
• Host Memory Paging Rule
• Host Memory Percent Committed Rule
• Host Memory Pool Non Paged Bytes Rule
• Host Memory Pool Paged Rule
• Host Network Available Bandwidth Rule
• Host Physical Disk sec Avg Read Rule
• Host Physical Disk sec Avg Write Rule
• Host Storage Capacity Rule
Rules Reference
Active Directory Host Services Rule

Purpose
This rule determines when a core service is stopped on a DC. This rule monitors the
services specified in the Monitored Services list on the agent’s properties page. By
default, the following services are being monitored:
• DNS Server Service
• File Replication Service
• NETLOGON Service
• Windows Time Service
• Security Account Manager Service
• Kerberos Key Distribution Center Service
• DNS Client Service
• Intersite Messaging Service
• Workstation Service
• Remote Procedure Call (RPC) Service
• WMI Service
• NT LAN Manager Security Support Provider Service
Scope
HostService : host.agents.type = 'ActiveDirectory'
Rule Definition
Conditions State
#state#.get("value") != 'Running' Fatal
Views Which Render the Data on Which This Rule is Based

Active Directory NTDS DIT Queue Length Rule

Purpose
This rule monitors the queue length and updates to the NTDS.DIT database and fires an
alarm when this counter has significantly increased based upon historical and current
transactions.
An upward trend indicates that the DC is being heavily utilized and may be causing a
slower response that normal.
Note This rule is disabled by default. To enable this rule, click the icon in the corresponding
Enabled cell on the Active Directory Rule Management dashboard.
Scope
AD_Database
Rule Definition
Conditions State
#queueLength# > avg(#queueLength for 30 Warning

days#)+1.5*stddev(#queueLength for 30 days#)

Database File Bytes Read Per/sec Rule

Purpose
This rule monitors the number of file bytes read per second and fires an alarm when the
number of read operations against the NTDS.DIT database are abnormally high based
on current and previous levels.
Rules Reference
Scope
AD_Database
Rule Definition
Conditions State
try{ Warning
return positive_delta(#fileBytesReadPersec#) > 0;
}
catch (Exception e) {return false;}

Database File Bytes Written Per/sec Rule

Purpose
This rule monitors the number to file bytes written per second and fires an alarm when
the number of write operations against the NTDS.DIT database are abnormally high
based on current and previous levels.
Scope
AD_Database
Rule Definition
Conditions State
try{ return positive_delta(#fileBytesWrittenPersec#)> 0; } catch Warning

(Exception e) {return false;}

Database File Operations Per/sec Rule

Purpose
This rule monitors the rate at which file operations are being performed and fires an
alarm when the number of file operations against the NTDS.DIT database continues to
trend upward, exceeding the predefined threshold value.
Scope
AD_Database
Rule Definition
Conditions State
#fileOperationsPersec# > 60 Warning

Database - Time to Fill Logical Disk for NTDS.DIT Rule

Purpose
This rule determines the growth rate at which the NTDS.DIT database file on a server is
considered to be full.
Scope
AD_Database
Rules Reference
Rule Definition
Conditions State
try{ totalSpaceStr = (#size# + #freeMegs#).toString(); def Critical

totalSpace; if(totalSpaceStr!=null) { totalSpace = new
Double(totalSpaceStr); } timeToFill = ADGetTimeToFull(#size for 7
days 1 day ago#, totalSpace); if((timeToFill!=0) &&
(scope.get("localState") <= 4) && (timeToFill < 5)) return true; else
return false; } catch (Exception e) {return false;}

DC Connectivity Rule
Purpose
This rule determines if a DC is reachable from the Foglight Management Server
installation. That is, can you ping the server using its DNS name or IP address.
Scope
AD_DomainController
Rule Definition
Conditions State
#isReachable# < 100 Critical

• N/A
DC ICMP Ping Response Rule

Purpose
This rule monitors the ICMP Ping Response Time counter and fires an alarm when the
counter is abnormally high based upon previous and current levels.
An upward trend may cause a slower response from the DC.
Scope
AD_DomainController
Rule Definition
Conditions State
#pingResponseTime# > avg(#pingResponseTime for 30 Warning

days#)+1.5*stddev(#pingResponseTime for 30 days#)

DNS Total Queries Received Per/sec Rule

Purpose
This rule monitors the total number of queries received on a DNS server per second and
fires an alarm when the counter continues to trend upward, which could result in issues
with DNS-dependent services.
Scope
AD_Dns
Rules Reference
Rule Definition
Conditions State
try{ return positive_delta(#totalQueriesReceivedPersec#)> 0; } catch Warning


• N/A
DNS Total Responses Sent Per/sec Rule

Purpose
This rule monitors the total number of responses sent from a DNS server per second and
fires an alarm when the counter continues to trend upward, which could result in issues
with DNS-dependent services.
Scope
AD_Dns
Rule Definition
Conditions State
try{ return positive_delta(#totalResponsesSentPerse#)> 0; } catch Warning


• N/A
DRA Inbound Bytes Compressed (Between Sites, Before

Compression) Per/sec Rule
Purpose
This rule monitors the number of bytes of inbound compressed replication data (size
before compression, from DSAs in other sites).
An upward trend indicates growing replication traffic that could be hazardous to the
Active Directory environment if it continues.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAInboundBytesCompressedBetweenSitesBeforeCompressi Warning
onPersec for 1 minutes#).values(scope).size() > 0 &&
last(#DRAInboundBytesCompressedBetweenSitesBeforeCompressi
onPersec for 1
minutes#).values(scope).iterator().next().getValue().getMin() <
#DRAInboundBytesCompressedBetweenSitesBeforeCompressionP
ersec#

DRA Inbound Bytes Not Compressed (Within Site) Per/sec Rule

Purpose
This rule monitors the number of bytes replicated that were not compressed at the
source (i.e., from DSAs in the same site).
Rules Reference
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAInboundBytesNotCompressedWithinSitePersec for 1 Warning

minutes#).values(scope).size() > 0 &&
last(#DRAInboundBytesNotCompressedWithinSitePersec for 1
#DRAInboundBytesNotCompressedWithinSitePersec#

DRA Inbound Bytes Total Per/sec Rule

Purpose
This rule monitors the total number of bytes that are received on the server per second
through replication with other DCs. This counter sums the total number of bytes of
uncompressed data (never compressed) and compressed data (after compression).
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAInboundBytesTotalPersec for 1 Warning

last(#DRAInboundBytesTotalPersec for 1
#DRAInboundBytesTotalPersec#

DRA Inbound Full Sync Objects Remaining Rule

Purpose
This rule monitors the number of objects remaining until a full synchronization
completes (when set).
An upward trend indicates growing replication traffic that could be hazardous to the AD
environment if it continues.
Scope
AD_Replication
Default Registry Value

AD.DRAInboundFullSyncObjectsRemaining.warning = 300.0
AD.DRAInboundFullSyncObjectsRemaining.critical = 1000.0
AD.DRAInboundFullSyncObjectsRemaining.fatal = 2000.0
Rules Reference
Rule Definition
Conditions State
return #DRAInboundFullSyncObjectsRemaining# > Warning

registry("AD.DRAInboundFullSyncObjectsRemaining.warning");
return #DRAInboundFullSyncObjectsRemaining# > Critical

registry("AD.DRAInboundFullSyncObjectsRemaining.critical");
return #DRAInboundFullSyncObjectsRemaining# > Fatal

registry("AD.DRAInboundFullSyncObjectsRemaining.fatal");

DRA Inbound Objects Applied Per/sec Rule

Purpose
This rule monitors the rate at which replication updates received from replication
partners are applied by the local directory service. This counter excludes changes that
are received but not applied (for example, when the change is already present). This
indicates how much replication update activity is occurring on the DC as a result of
changes generated by other DCs.
Scope
AD_Replication

AD.DRAInboundObjectsAppliedPersec.warning = 40.0
AD.DRAInboundObjectsAppliedPersec.critical = 100.0
AD.DRAInboundObjectsAppliedPersec.fatal = 200.0
Rule Definition
Conditions State
return #DRAInboundObjectsAppliedPersec# > Warning

registry("AD.DRAInboundObjectsAppliedPersec.warning");
return #DRAInboundObjectsAppliedPersec# > Critical

registry("AD.DRAInboundObjectsAppliedPersec.critical");
return #DRAInboundObjectsAppliedPersec# > Fatal

registry("AD.DRAInboundObjectsAppliedPersec.fatal");

DRA Inbound Objects Filtered Per/sec Rule

Purpose
This rule monitors the DRA Inbound Objects Filtered counter and fires an alarm when
the counter continues to trend upward on a DC.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAInboundObjectsFilteredPersec for 1 Warning

last(#DRAInboundObjectsFilteredPersec for 1
#DRAInboundObjectsFilteredPersec#
Rules Reference

DRA Inbound Objects Per/sec Rule

Purpose
This rule monitors the number of inbound objects received on the DC per second from
its replication partners.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAInboundObjectsPersec for 1 Warning

last(#DRAInboundObjectsPersec for 1
#DRAInboundObjectsPersec#

DRA Inbound Object Updates Remaining in Packet Rule

Purpose
This rule monitors the number of object updates received in the current directory
replication update packet that are waiting to be applied to the local DC. This counter
indicates that the monitored DC is receiving changes, but is taking a long time to apply
them to the database.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAInboundObjectUpdatesRemaininginPacket for 1 Warning

last(#DRAInboundObjectUpdatesRemaininginPacket for 1
#DRAInboundObjectUpdatesRemaininginPacket#

DRA Inbound Properties Applied Per/sec Rule

Purpose
This rule monitors the number of properties that are updated due to incoming property
winning the reconciliation logic.
Scope
AD_Replication
Rules Reference
Rule Definition
Conditions State
last(#DRAInboundPropertiesAppliedPersec for 1 Warning

last(#DRAInboundPropertiesAppliedPersec for 1
#DRAInboundPropertiesAppliedPersec#

DRA Inbound Properties Filtered Per/sec Rule

Purpose
This rule monitors the number of property changes that are received during the
replication that have already been seen.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAInboundPropertiesFilteredPersec for 1 Warning

last(#DRAInboundPropertiesFilteredPersec for 1
#DRAInboundPropertiesFilteredPersec#

DRA Inbound Properties Total Per/sec Rule

Purpose
This rule monitors the total number of object properties received from inbound
replication partners.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAInboundPropertiesTotalPersec for 1 Warning

last(#DRAInboundPropertiesTotalPersec for 1
#DRAInboundPropertiesTotalPersec#

DRA Inbound Values (DNs only) Per/sec Rule

Purpose
This rule monitors the number of object property values received from inbound
replication partners that are Distinguished Names (that is, that reference other objects).
DN-values, such as group or distribution list members, are generally more expensive to
apply than other types of values.
Rules Reference
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAInboundValuesDNsonlyPersec for 1 Warning

last(#DRAInboundValuesDNsonlyPersec for 1
#DRAInboundValuesDNsonlyPersec#

DRA Inbound Values Total Per/sec Rule

Purpose
This rule monitors the total number of object property values received from inbound
replication partners. Each inbound object has one or more properties, and each property
has zero or more values. A zero value indicates property removal.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAInboundValuesTotalPersec for 1 Warning

last(#DRAInboundValuesTotalPersec for 1
#DRAInboundValuesTotalPersec#

DRA Outbound Bytes Compressed (Between Sites, After

Purpose
This rule monitors the number of bytes of outbound compressed replication data (size
after compression, from DSAs in other sites). An upward trend indicates growing
replication traffic that could be hazardous to the AD environment if it continues.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAOutboundBytesCompressedBetweenSitesAfterCompression Warning
Persec for 1 minutes#).values(scope).size() > 0 &&
last(#DRAOutboundBytesCompressedBetweenSitesAfterCompression
Persec for 1
#DRAOutboundBytesCompressedBetweenSitesAfterCompressionPers
ec#
Rules Reference

DRA Outbound Bytes Compressed (Between Sites, Before

Purpose
This rule monitors the original size, in bytes, of outbound compressed replication data
(size before compression, from DSAs in other sites).
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAOutboundBytesCompressedBetweenSitesBeforeCompres Warning
sionPersec for 1 minutes#).values(scope).size() > 0 &&
last(#DRAOutboundBytesCompressedBetweenSitesBeforeCompres
sionPersec for 1
#DRAOutboundBytesCompressedBetweenSitesBeforeCompression
Persec#

DRA Outbound Bytes Not Compressed (Within Site) Per/sec

Rule
Purpose
This rule monitors the number of bytes replicated out that were not compressed (that is,
from DSAs in the same site).
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAOutboundBytesNotCompressedWithinSitePersec for 1 Warning

last(#DRAOutboundBytesNotCompressedWithinSitePersec for 1
#DRAOutboundBytesNotCompressedWithinSitePersec#

DRA Outbound Bytes Total Per/sec Rule

Purpose
This rule monitors the total number of bytes sent per second during replication to other
DCs. This counter sums the total number of bytes of uncompressed data (never
compressed) and compressed data (after compression).
Rules Reference
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAOutboundBytesTotalPersec for 1 Warning

last(#DRAOutboundBytesTotalPersec for 1
#DRAOutboundBytesTotalPersec#

DRA Outbound Objects Filtered Per/sec Rule

Purpose
This rule monitors the DRA Outbound Objects Filtered counter and fires an alarm when
the counter continues to trend upward on a DC.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAOutboundObjectsFilteredPersec for 1 Warning

last(#DRAOutboundObjectsFilteredPersec for 1
#DRAOutboundObjectsFilteredPersec#

DRA Outbound Objects Per/sec Rule

Purpose
This rule monitors the number of objects sent each second to replication partners
through outbound replication.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAOutboundObjectsPersec for 1 Warning

last(#DRAOutboundObjectsPersec for 1
#DRAOutboundObjectsPersec#
Rules Reference

DRA Outbound Properties Per/sec Rule

Purpose
This rule monitors the number of properties replicated out to replication partners.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAOutboundPropertiesPersec for 1 Warning

last(#DRAOutboundPropertiesPersec for 1
#DRAOutboundPropertiesPersec#

DRA Outbound Values (DNs only) Per/sec Rule

Purpose
This rule monitors the number of property values containing Distinguished Names sent
to outbound replication partners. DN-values, such as group and distribution list
members, are generally more expensive to read than other types of values.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DRAOutboundValuesDNsonlyPersec for 1 Warning

last(#DRAOutboundValuesDNsonlyPersec for 1
#DRAOutboundValuesDNsonlyPersec#

DRA Outbound Values Total Per/sec Rule

Purpose
This rule monitors the number of object property values sent to outbound replication
partners.
Scope
AD_Replication
Rules Reference
Rule Definition
Conditions State
last(#DRAOutboundValuesTotalPersec for 1 Warning

last(#DRAOutboundValuesTotalPersec for 1
#DRAOutboundValuesTotalPersec#

DRA Pending Replication Synchronizations Rule

Purpose
This rule monitors the number of directory synchronizations from replication partners
that are queued for this DC, waiting to be processed.
Scope
AD_Replication

AD.DRAPendingReplicationSynchronizations.warning = 2.0
AD.DRAPendingReplicationSynchronizations.critical = 4.0
AD.DRAPendingReplicationSynchronizations.fatal = 8.0
Rule Definition
Conditions State
return #DRAPendingReplicationSynchronizations# > Warning

registry("AD.DRAPendingReplicationSynchronizations.warning");
return #DRAPendingReplicationSynchronizations# > Critical

registry("AD.DRAPendingReplicationSynchronizations.critical");
return #DRAPendingReplicationSynchronizations# > Fatal

registry("AD.DRAPendingReplicationSynchronizations.fatal");

DRA Sync Requests Made Rule

Purpose
This rule monitors the number of synchronization requests made to the neighbors.
Scope
AD_Replication
Rule Definition
Conditions State
#DRASyncRequestsMade# > 450000 Warning

Rules Reference
DS Security Descriptor Propagation Events Rule

Purpose
This rule monitors the number of Security Descriptor Propagation events that are
queued, waiting to be processed.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DSSecurityDescriptorPropagationsEvents for 1 Warning

last(#DSSecurityDescriptorPropagationsEvents for 1
#DSSecurityDescriptorPropagationsEvents#

DS Security Descriptor Suboperations Per/sec Rule

Purpose
This rule monitors the number of Security Descriptor propagation sub-operations per
second. One Security Descriptor propagation operation is made up of many sub-
operations. A sub-operation roughly corresponds to an object the propagation causes the
propagator to execute.
Scope
AD_Replication
Rule Definition
Conditions State
last(#DSSecurityDescriptorsuboperationsPersec for 1 Warning

last(#DSSecurityDescriptorsuboperationsPersec for 1
#DSSecurityDescriptorsuboperationsPersec#

ESE Database Cache Percent Hit Rule

Purpose
This rule monitors the percent of database page requests that were successfully
performed by the database cache that did not cause a file operation. This counter
indicates how database requests are performing.
Note In order to monitor ESE counters, you must enable the Enable Extensible Storage Engine
(ESE) Queries option on the agent’s properties page. In addition, ESENT must be
registered with WMI. See the Managing Microsoft Active Directory Installation Guide for
prerequisite information regarding monitoring ESE counters.
Scope
AD_Database
Rules Reference
Rule Definition
Conditions State
last(#DatabaseCachePercentHit for 1 minutes#).values(scope).size() Fatal

> 0 && last(#DatabaseCachePercentHit for 1
#DatabaseCachePercentHit#

• N/A
ESE Database Cache Size Rule

Purpose
This rule monitors the ESE Database Cache Size and fires an alarm when the database
cache size continues to trend upward on a domain controller.
Scope
AD_Database
Rule Definition
Conditions State
last(#DatabaseCacheSize for 1 minutes#).values(scope).size() > 0 Fatal

&& last(#DatabaseCacheSize for 1
#DatabaseCacheSize#

• N/A
ESE Database Page Faults Per/sec Rule

Purpose
This rule monitors the number of page requests (per second) for the database file that
cause the database cache manager to allocate a new page from the database cache. This
counter indicates how the database cache is performing.
Scope
AD_Database
Rule Definition
Conditions State
last(#DatabasePageFaultsPersec for 1 minutes#).values(scope).size() Fatal

> 0 && last(#DatabasePageFaultsPersec for 1
#DatabasePageFaultsPersec#

• N/A
Rules Reference
ESE Database Page Fault Stalls Per/sec Rule

Purpose
This rule monitors the number of page faults that cannot be serviced per second due to
the lack of available pages for allocation from the database cache.
Scope
AD_Database
Rule Definition
Conditions State
last(#DatabasePageFaultStallsPersec for 1 Fatal

last(#DatabasePageFaultStallsPersec for 1
#DatabasePageFaultStallsPersec#

• N/A
ESE Log Record Stalls Per/sec Rule

Purpose
This rule monitors the number of log records that could not be added to the log buffers
each second because the buffers are full.
Scope
AD_Replication
Rule Definition
Conditions State
last(#LogRecordStallsPersec for 1 minutes#).values(scope).size() > Fatal

0 && last(#LogRecordStallsPersec for 1
#LogRecordStallsPersec#

• N/A
Rules Reference
ESE Log Threads Waiting Rule

Purpose
This rule monitors the number of threads waiting on pending log writes in order to
complete an update of the database.
Scope
AD_Database
Rule Definition
Conditions State
last(#LogThreadsWaiting for 1 minutes#).values(scope).size() > 0 Fatal

&& last(#LogThreadsWaiting for 1
#LogThreadsWaiting#

• N/A
ESE Log Writes Per/sec Rule

Purpose
This rule monitors the ESE Log Writes counter and fires an alarm when the counter
continues to trend upward on a DC.
Scope
AD_Database
Rule Definition
Conditions State
last(#LogWritesPersec for 1 minutes#).values(scope).size() > 0 && Fatal

last(#LogWritesPersec for 1
#LogWritesPersec#

• N/A
Rules Reference
ESE Table Open Cache Hits Per/sec Rule

Purpose
This rule monitors the number of database tables that are opened per second using
cached schema information. This counter indicates how the Active Directory database is
performing.
Scope
AD_Database
Rule Definition
Conditions State
last(#TableOpenCacheHitsPersec for 1 Fatal

last(#TableOpenCacheHitsPersec for 1
#TableOpenCacheHitsPersec#

• N/A
ESE Table Open Cache Misses Per/sec Rule

Purpose
This rule monitors the number of database tables that are opened per second without
using cached schema information.
Scope
AD_Database
Rule Definition
Conditions State
last(#TableOpenCacheMissesPersec for 1 Fatal

last(#TableOpenCacheMissesPersec for 1
#TableOpenCacheMissesPersec#

• N/A
Rules Reference
ESE Table Open Cache Percent Hit Rule

Purpose
This rule monitors the ESE Table Open Cache Percent Hit counter and fires an alarm
when the counter continues to trend upward on a DC.
Scope
AD_Database
Rule Definition
Conditions State
last(#TableOpenCachePercentHit for 1 Fatal

last(#TableOpenCachePercentHit for 1
#TableOpenCachePercentHit#

• N/A
ESE Table Opens Per/sec Rule

Purpose
This rule monitors the ESE Table Opens counter and fires an alarm when the counter
continues to trend upward on a DC.
Scope
AD_Database
Rule Definition
Conditions State
last(#TableOpensPersec for 1 minutes#).values(scope).size() > 0 && Fatal

last(#TableOpensPersec for 1
#TableOpensPersec#

• N/A
Global Catalog Demotion Rule

Purpose
This rule determines when a DC is demoted and is no longer reflecting a Global Catalog
status.
Scope
AD_GlobalCatalog
Rules Reference
Rule Definition
Conditions State
#isResponsive# && !#isGlobalCatalog# && Warning

last(#isGlobalCatalog#)

Global Catalog Promotion Rule

Purpose
This rule determines when a DC is promoted and is now reflecting a Global Catalog
status.
Scope
AD_GlobalCatalog
Rule Definition
Conditions State
#isResponsive# && #isGlobalCatalog# && Warning

last(!#isGlobalCatalog#)

Host ASP.NET Applications Requests in App Queue Rule

Purpose
This rule determines if the number of ASP.NET application requests in the Application
Queue on a server exceeds the predefined threshold value.
This additional load on the server may cause some delay in the delivery of mail.
Scope
ASPNETApplications

Host.ASPNETApplicationsRequestinAppqueue.warning = 500
Rule Definition
Conditions State
return #requestsInApplicationQueue# > Warning

registry("Host.ASPNETApplicationsRequestsinAppqueue.warning")

• N/A
Rules Reference
Host ASP.NET Request Current Rule

Purpose
This rule determines if the total number of current ASP.NET requests on a server
exceeds the predefined threshold value.
This additional load on the server may cause some delay in the delivery of mail.
Scope
ASPNET

Host.ASPNETRequestsCurrent.warning = 500
Rule Definition
Conditions State
return #requestsCurrent# > Warning

registry("Host.ASPNETRequestsCurrent.warning");

• N/A
Host CPU Privileged Time Rule

Purpose
This rule monitors the percentage of processor time that is spent in privileged mode and
determines if the percentage exceeds the predefined threshold value.
Privileged mode is a processing mode designed for operating system components and
hardware manipulating drivers. It allows direct access to hardware and all memory.
Excessive CPU privileged time may cause a slower response from the server.
Scope
HostCPUs : host.agents.type in {'ActiveDirectory', 'ExchangeAgent'}

Host.CPUPrivilegedTime.warning = 75 %
Host.CPUPrivilegedTime.critical = 75 %
Host.CPUPrivilegedTime.fatal = 75 %
Rule Definition
Conditions State
return #percentSystemTime# > Warning

registry("Host.CPUPrivilegedTime.warning");
return #percentSystemTime# > Critical

registry("Host.CPUPrivilegedTime.critical"); (Not Active)
return #percentSystemTime# > Fatal

registry("Host.CPUPrivilegedTime.fatal");
Rules Reference

Host CPU User Time Rule

Purpose
This rule monitors the percentage of processor time that is spent in user mode and
determines if the percentage exceeds the predefined threshold value.
User mode is a restricted processing mode designed for applications, environment
subsystems and integral subsystems. Excessive CPU user time may cause a slower
response time from the server.
Scope

Host.CPUUserTime.warning = 75 %
Host.CPUUserTime.critical = 75 %
Host.CPUUserTime.fatal = 99 %
Rule Definition
Conditions State
return #percentUserTime# > Warning

registry("Host.CPUUserTime.warning");
return #percentUserTime# > Critical

registry("Host.CPUUserTime.critical"); (Not Active)
Rule Definition
Conditions State
return #percentUserTime# > registry("Host.CPUUserTime.fatal"); Fatal

(Not Active)

Host CPU Utilization Rule

Purpose
This rule determines if the percentage of processor utilization exceeds the predefined
threshold value. This may cause a slower response from the server.
Scope

Host.CPUUtilization.warning = 75 %
Host.CPUUtilization.critical = 90 %
Host.CPUUtilization.fatal = 95 %
Rule Definition
Conditions State
return #utilization# > registry("Host.CPUUtilization.warning"); Warning

Rules Reference
Rule Definition
Conditions State
return #utilization# > registry("Host.CPUUtilization.critical"); Critical
return #utilization# > registry("Host.CPUUtilization.fatal"); Fatal

Host DOT NET Framework Exceptions Rule

Purpose
This rule monitors the .NET Framework exceptions that are thrown per second and
determines if the number of exceptions exceeds the predefined threshold value.
Scope
DotNetFrameworkMemory
Rule Definition
Conditions State
true Warning

Host DOT NET Framework Memory Rule

Purpose
This rule monitors the percentage of time the .NET Framework process is spent
performing the last garbage collection and determines if the percentage exceeds the
predefined threshold value.
Excessive time in garbage collection may cause a slower response from the server.
Scope
DotNetFrameworkMemoryInstance

Host.dotNETFrameworkMemory.warning = 10 %
Host.dotNETFrameworkMemory.critical = 10 %
Host.dotNETFrameworkMemory.fatal = 10 %
Rule Definition
Conditions State
return #percentTimeinGC# > Warning

registry("Host.dotNETFrameworkMemory.warning");
return #percentTimeinGC# > Critical

registry("Host.dotNETFrameworkMemory.critical"); (Not Active)
return #percentTimeinGC# > Fatal

registry("Host.dotNETFrameworkMemory.fatal"); (Not Active)

Rules Reference
Host Logical Disk sec Avg Read Rule

Purpose
This rule monitors how long it takes to read data from the disk and determines if the
average read time (in ms) exceeds the predefined threshold value. Excessive average
read time may cause a slower response from the server.
Scope
LogicalDisk : host.agents.type in {'ActiveDirectory', 'ExchangeAgent'}

Host.LogicalDiskAvgRead.warning = 1000
Host.LogicalDiskAvgRead.critical = 1000
Host.LogicalDiskAvgRead.fatal = 1000
Rule Definition
Conditions State
return #averageReadTime# > Warning

registry("Host.LogicalDiskAvgRead.warning");
return #averageReadTime# > Critical

registry("Host.LogicalDiskAvgRead.critical"); (Not Active)
return #averageReadTime# > Fatal

registry("Host.LogicalDiskAvgRead.fatal"); (Not Active)

Host Logical Disk sec Avg Write Rule

Purpose
This rule monitors how long it takes to write data to the disk and determines if the
average write time (in ms) exceeds the predefined threshold value. Excessive average
write time may cause slower response from the server.
Scope
LogicalDisk : host.agents.type in {'ActiveDirectory', 'ExchangeAgent'}

Host.LogicalDiskAvgWrite.warning = 1000
Host.LogicalDiskAvgWrite.critical = 1000
Host.LogicalDiskAvgWrite.fatal = 1000
Rule Definition
Conditions State
return #averageWriteTime# > Warning

registry("Host.LogicalDiskAvgWrite.warning");
return #averageWriteTime# > Critical

registry("Host.LogicalDiskAvgWrite.critical"); (Not Active)
return #averageWriteTime# > Fatal

registry("Host.LogicalDiskAvgWrite.fatal"); (Not Active)

Rules Reference
Host Memory Available Rule

Purpose
This rule monitors the amount of memory that is available after nonpaged pool
allocations, paged pool allocations, process’ working sets, and the file system cache
have all taken their piece.
When a server is running low on available memory, performance may be degraded.
Scope
Memory

Host.MemoryAvailableUtil.warning = 75
Host.MemoryAvailableUtil.critical = 90
Host.MemoryAvailableUtil.fatal = 95
Rule Definition
Conditions State
return (#capacity#*((100-#utilization#)/100)) < Warning

registry("Host.MemoryAvailableUtil.warning");
return (#capacity#*((100-#utilization#)/100)) < Critical

registry("Host.MemoryAvailableUtil.critical"); (Not Active)
return (#capacity#*((100-#utilization#)/100)) < Fatal

registry("Host.MemoryAvailableUtil.fatal"); (Not Active)

Host Memory Cache Rule

Purpose
This rule determines if the memory cache on a server is abnormally high based on
previous and current levels, which may be causing slower response to the storage group.
Scope
Memory

Host.MemoryCachedStdDev.warning = 1.2
Host.MemoryCachedStdDev.critical = 2.0
Host.MemoryCachedStdDev.fatal = 3.0
Rule Definition
Conditions State
history = #fileSystemCache for 90 min#; mean = avg(history); std = Warning

stddev(history); if(std < 0.001 * mean) std = 0.001 * mean;
if(#fileSystemCache# > (mean +
registry("Host.MemoryCachedStdDev.warning") *std)) return true;
else return false;
history = #fileSystemCache for 90 min#; mean = avg(history); std = Critical

stddev(history); if(std < 0.001 * mean) std = 0.001 * mean; (Not Active)
registry("Host.MemoryCachedStdDev.critical") *std)) return true;
else return false;
Rules Reference
Rule Definition
Conditions State
history = #fileSystemCache for 90 min#; mean = avg(history); std = Fatal

stddev(history); if(std < 0.001 * mean) std = 0.001 * mean; (Not Active)
registry("Host.MemoryCachedStdDev.fatal") *std)) return true; else
return false;

Host Memory Paging Rule

Purpose
This rule monitors the rate at which pages are read from or written to resolve hard page
faults. Excessive page in/page out rates indicates that the server is running low on
available memory and performance may be degraded.
This counter is a primary indicator of the kinds of faults that cause system-wide delays.
Scope
Memory

Host.MemoryPaging.warning = 1000
Host.MemoryPaging.critical = 1000
Host.MemoryPaging.fatal = 1000
Rule Definition
Conditions State
return #pageInRate#+#pageOutRate# > Warning

registry("Host.MemoryPaging.warning");
return #pageInRate#+#pageOutRate# > Critical

registry("Host.MemoryPaging.critical"); (Not Active)
return #pageInRate#+#pageOutRate# > Fatal

registry("Host.MemoryPaging.fatal"); (Not Active)

Host Memory Percent Committed Rule

Purpose
This rule determines if the percentage of memory committed bytes exceeds the
predefined threshold value.
When the server is running low on available memory, performance may be degraded.
Scope
Memory

Host.MemoryPercentCommitted.warning = 90 %
Host.MemoryPercentCommitted.critical = 90 %
Host.MemoryPercentCommitted.fatal = 90 %
Rules Reference
Rule Definition
Conditions State
return (#consumed#/#capacity#)*100 > Warning

registry("Host.MemoryPercentCommitted.warning");
return (#consumed#/#virtualMemorySize#)*100 > Critical

registry("Host.MemoryPercentCommitted.critical"); (Not Active)
return (#consumed#/#virtualMemorySize#)*100 > Fatal

registry("Host.MemoryPercentCommitted.fatal"); (Not Active)

Host Memory Pool Non Paged Bytes Rule

Purpose
This determines if the memory pool non-paged bytes on a host server is abnormally
high based on previous and current levels, which may be causing a slower response.
Memory\Pool Nonpaged Bytes consists of system virtual addresses that are guaranteed
to be resident in physical memory at all times and can be accessed from any address
space without incurring paging I/O.
Scope
Memory

Host.MemoryPoolNonPagedStdDev.warning = 1.5
Host.MemoryPoolNonPagedStdDev.critical = 2.0
Host.MemoryPoolNonPagedStdDev.fatal = 3.0
Rule Definition
Conditions State
history = #nonPagedKernelMemory for 90 min#; mean = Warning

avg(history); std = stddev(history); if(std < 0.001 * mean) std =
0.001 * mean; if(#nonPagedKernelMemory# > (mean +
registry("Host.MemoryPoolNonPagedStdDev.warning") *std))
return true; else return false;
history = #nonPagedKernelMemory for 90 min#; mean = Critical

avg(history); std = stddev(history); if(std < 0.001 * mean) std = (Not Active)
registry("Host.MemoryPoolNonPagedStdDev.critical") *std)) return
true; else return false;
history = #nonPagedKernelMemory for 90 min#; mean = Fatal

avg(history); std = stddev(history); if(std < 0.001 * mean) std = (Not Active)
registry("Host.MemoryPoolNonPagedStdDev.fatal") *std)) return

Host Memory Pool Paged Rule

Purpose
This rule determines if the memory pool paged bytes on the host server is abnormally
high, based on previous and current levels, which may cause slower response.
Rules Reference
Memory\Pool Paged Bytes shows the portion of shared system memory that can be
paged to the disk paging file.
Scope
Memory

Host.MemoryPoolPagedStdDev.warning = 1.5
Host.MemoryPoolPagedStdDev.critical = 2.0
Host.MemoryPoolPagedStdDev.fatal = 3.0
Rule Definition
Conditions State
history = #pagedKernelMemory for 90 min#; mean = avg(history); Warning

std = stddev(history); if(std < 0.001 * mean) std = 0.001 * mean;
if(#pagedKernelMemory# > (mean +
registry("Host.MemoryPoolPagedStdDev.warning") *std)) return
history = #pagedKernelMemory for 90 min#; mean = avg(history); Critical

std = stddev(history); if(std < 0.001 * mean) std = 0.001 * mean; (Not Active)
registry("Host.MemoryPoolPagedStdDev.critical") *std)) return
history = #pagedKernelMemory for 90 min#; mean = avg(history); Fatal

std = stddev(history); if(std < 0.001 * mean) std = 0.001 * mean; (Not Active)
registry("Host.MemoryPoolPagedStdDev.fatal") *std)) return true;
else return false;

Host Network Available Bandwidth Rule

Purpose
This rule determines if the available network bandwidth is less than the predefined
threshold value, which may cause a slower response from the server.
Scope
NetworkInterface : host.agents.type in {'ActiveDirectory', 'ExchangeAgent'}

Host.NetworkAvailableBandwidth.warning = 80
Host.NetworkAvailableBandwidth.critical = 60
Host.NetworkAvailableBandwidth.fatal = 20
Rule Definition
Conditions State
return (100 - #utilization#) < Warning

registry("Host.NetworkAvailableBandwidth.warning");
return (100 - #utilization#) < Critical

registry("Host.NetworkAvailableBandwidth.critical");
return (100 - #utilization#) < Fatal

registry("Host.NetworkAvailableBandwidth.fatal");
Rules Reference

Host Network Outbound Errors Rule

Purpose
This rule monitors the number of outbound packets that could not be transmitted
because of errors and determines if the number exceeds the predefined threshold value.
Scope
NetworkInterface : host.agents.type in {'ActiveDirectory', 'ExchangeAgent'} and
outboundErrors > 0

Host.NetworkOutboundErrors.warning = 20
Host.NetworkOutboundErrors.critical = 60
Host.NetworkOutboundErrors.fatal = 80
Rule Definition
Conditions State
return #outboundErrors# > Warning

registry("Host.NetworkOutboundErrors.warning");
return #outboundErrors# > Critical

registry("Host.NetworkOutboundErrors.critical"); (Not Active)
return #outboundErrors# > Fatal

registry("Host.NetworkOutboundErrors.fatal"); (Not Active)

Host Physical Disk sec Avg Read Rule

Purpose
This rule monitors how long it takes to read data from the disk and determines if the
average read time (in ms) exceeds the predefined threshold value.
Excessive average read time may cause a slower response from the server.
Scope
PhysicalDisk : host.agents.type in {'ActiveDirectory', 'ExchangeAgent'}

Host.PhysicalDiskAvgRead.warning = 1000
Host.PhysicalDiskAvgRead.critical = 1000
Host.PhysicalDiskAvgRead.fatal = 1000
Rule Definition
Conditions State
return #averageReadTime# > Warning

registry("Host.PhysicalDiskAvgRead.warning");
return #averageReadTime# > Critical

registry("Host.PhysicalDiskAvgRead.critical"); (Not Active)
return #averageReadTime# > Fatal

registry("Host.PhysicalDiskAvgRead.fatal"); (Not Active)
Rules Reference

Host Physical Disk sec Avg Write Rule

Purpose
This rule monitors how long it takes to write data to the disk and determines if the
average write time (in ms) exceeds the predefined threshold value.
Excessive average write time may cause slower response from the server.
Scope
PhysicalDisk : host.agents.type in {'ActiveDirectory', 'ExchangeAgent'}

Host.PhysicalDiskAvgWrite.warning = 1000
Host.PhysicalDiskAvgWrite.critical = 1000
Host.PhysicalDiskAvgWrite.fatal = 1000
Rule Definition
Conditions State
return #averageWriteTime# > Warning

registry("Host.PhysicalDiskAvgWrite.warning");
return #averageWriteTime# > Critical

registry("Host.PhysicalDiskAvgWrite.critical"); (Not Active)
return #averageWriteTime# > Fatal

registry("Host.PhysicalDiskAvgWrite.fatal"); (Not Active)

Host Processor Queue Length Rule

Purpose
This rule monitors how many threads are in the Ready state waiting to be processed and
determines if the processor queue length exceeds the predefined threshold value.
Excessive processor queue length may cause a slower response from the server.
Scope
Host : agents.type in {'ActiveDirectory', 'ExchangeAgent'}

Host.ProcessorQueueLength.warning = 5
Host.ProcessorQueueLength.critical = 10
Host.ProcessorQueueLength.fatal = 11
Rule Definition
Conditions State
return #runQueueLength# > 0 ? (#runQueueLength# / Warning

scope.get("cpus").get("processors").size()) >
registry("Host.ProcessorQueueLength.warning") : false;
return #runQueueLength# > 0 ? (#runQueueLength# / Critical

registry("Host.ProcessorQueueLength.critical") : false;
return #runQueueLength# > 0 ? (#runQueueLength# / Fatal

registry("Host.ProcessorQueueLength.fatal") : false;
Rules Reference

Host Storage Capacity Rule

Purpose
This rule determines if the present growth rate will cause the logical drive to be full
within the specified number of days.
Scope
LogicalDisk

Host.noOfDays.warning = 7
Host.noOfDays.critical = 7
Host.noOfDays.fatal = 7
Rule Definition
Conditions State
try{ totalSpaceStr = #totalSpace#.toString(); def totalSpace; Warning

if(totalSpaceStr!=null) { totalSpace = new Double(totalSpaceStr); }
timeToFill = HostGetTimeToFull(#spaceUsed for 7 days 1 day ago#,
totalSpace); if((timeToFill!=0) && (scope.get("localState") <= 2)
&& (timeToFill < registry("Host.noOfDays.warning"))) return true;
else return false; } catch (Exception e) {return false;}
Rule Definition
Conditions State
try{ totalSpaceStr = #totalSpace#.toString(); def totalSpace; Critical

&& (timeToFill < registry("Host.noOfDays.critical"))) return true;
else return false; } catch (Exception e) {return false;}
try{ totalSpaceStr = #totalSpace#.toString(); def totalSpace; Fatal

&& (timeToFill < registry("Host.noOfDays.fatal"))) return true; else
return false; } catch (Exception e) {return false;}

• N/A
LDAP Bind Time Rule

Purpose
This rule monitors the amount of time (in milliseconds) it took to complete the last
successful LDAP bind request and fires an alarm when the time exceeds the predefined
threshold value.
Excessive LDAP bind time may result in issues with LDAP-dependent services.
Scope
AD_Ldap

AD.LDAPBindTime.warning = 80.0
AD.LDAPBindTime.critical = 200.0
AD.LDAPBindTime.fatal = 400.0
Rules Reference
Rule Definition
Conditions State
return #DLDAPBindTime# > Warning

registry("AD.LDAPBindTime.warning");
return #DLDAPBindTime# > Critical

registry("AD.LDAPBindTime.critical");
return #DLDAPBindTime# > registry("AD.LDAPBindTime.fatal"); Fatal

• Domain Controller LDAP View
LDAP Client Sessions Rule

Purpose
This rule monitors the number of connected LDAP client sessions and fires an alarm
when the number of client sessions continues to trend upward, exceeding the predefined
threshold value.
An upward trend may result in issues with LDAP-dependent services.
Scope
AD_Ldap
Rule Definition
Conditions State
#LDAPClientSessions# > 100 Critical


LDAP DS Directory Reads Per/sec Rule

Purpose
This rule monitors the number of directory reads per second and fires an alarm when
this counter continues to trend upward on a DC, exceeding the predefined threshold
value.
An upward trend may result in issues with LDAP-dependent services and machines.
Scope
AD_Ldap
Rule Definition
Conditions State
#DSDirectoryReadsPersec# > 8 Critical

LDAP DS Threads in Use Rule

Purpose
This rule monitors the number of threads currently servicing client API calls (Threads in
Use) and fires an alarm when the counter continues to trend upward, exceeding the
predefined value.
This counter can be used to indicate whether additional processors could be beneficial.
Rules Reference
Scope
AD_Ldap
Rule Definition
Conditions State
#DSThreadsinUse# > 6 Warning

LDAP Kerberos Authentications Rule

Purpose
This rule monitors the number of times per second that clients use a Kerberos ticket to
authenticate to a DC.
Scope
AD_Ldap
Rule Definition
Conditions State
#KerberosAuthentications# > 20 Critical

LDAP NTLM Authentications Rule

Purpose
This rule monitors the number of NTLM authentications the DC is servicing per second.
An upward trend may cause issues with LDAP-dependent services.
Scope
AD_Ldap
Rule Definition
Conditions State
#NTLMAuthentications# > 20 Critical

LDAP Searches Per/sec Rule

Purpose
This rule monitors the number of LDAP search requests the DC is servicing per second.
Scope
AD_Ldap
Rules Reference
Rule Definition
Conditions State
last(#LDAPSearchesPersec for 1 minutes#).values(scope).size() > 0 Critical

&& last(#LDAPSearchesPersec for 1
#LDAPSearchesPersec#

LDAP Successful Binds Per/sec Rule

Purpose
This rule monitors the number of successful binds per second for LDAP clients. This
counter indicates how the DC responds to authentications from the client.
Scope
AD_Ldap
Rule Definition
Conditions State
last(#LDAPSuccessfulBindsPersec for 1 Critical

last(#LDAPSuccessfulBindsPersec for 1
#LDAPSuccessfulBindsPersec#

SVR Record Registered Rule

Purpose
This rule monitors the DNS server for registration and fires an alarm if the SVR record
for a domain controller is no longer registered with the primary DNS server.
When a SVR record is not registered, this could result in authentication and location
issues.
Scope
AD_Dns
Rule Definition
Conditions State
#isSrvRegistered# < 100 Critical

Index 201
Index
A D
action panel 13 dashboard
activate a rule condition 128 accessing 20
Active Directory agent properties 47 Active Directory Environment 20
Active Directory Enterprise view 29 adAlarms 27
Active Directory Environment dashboard 20 adExplorer 29
Active Directory Environment Overview 21 Agent Management 36, 40
Active Directory Host Services rule 133 reports 53
Active Directory NTDS DIT Queue Length rule 134 Rule Management 37, 124
Active Directory Rule Management dashboard 124 Database - Time to Fill Logical Disk for NTDS.DIT
adAlarms dashboard 27 rule 136
adExplorer dashboard 29 Database File Bytes Read Per Sec rule 134
adExplorer Primary view 31 Database File Bytes Written Per Sec rule 135
Agent Management dashboard 36, 40 Database File Operations Per Sec rule 136
Agent Management list 45 Database Performance Health view 92
Agent Setup Wizard 41 DC Connectivity rule 137
alarm indicators 18 DC ICMP Ping Response rule 138
Alarms List view 28 deactivate a rule condition 128
Alarms Overview 27 disable a rule 127
Alarms view 25, 35 display panel 13
Answer view 26 DNS Total Queries Received Per Sec rule 138
DNS Total Responses Sent Per Sec rule 139
B Domain Controller Database view 88
Domain Controller Details view 94
breadcrumb trail 14
Domain Controller Environment Summary view
all DCs 79
C individual DC 80
Categories view 26 Domain Controller Explorer Summary view
contacting Quest 10 all DCs 82
Core Services view 35, 92 individual DC 84
Domain Controller LDAP view 89 DS Security Descriptor Propagation Events rule 159
Domain Controller Replication view 90 DS Security Descriptor Suboperations Per Sec
Domain Controllers view 34, 95 rule 159
Domain Environment Summary view
all domains 66 E
individual domain 67
edit a rule condition 127
Domain Explorer Summary view
edit alarm threshold in rule 128
all domains 69
ESE Database Cache Percent Hit rule 160
ESE Database Cache Size rule 161
DRA Inbound Bytes Compressed (Between Sites, Be-
ESE Database Page Fault Stalls Per Sec rule 163
fore Compression) Per Sec rule 140
ESE Database Page Faults Per Sec rule 162
DRA Inbound Bytes Not Compressed (Within Site) Per
ESE Log Record Stalls Per Sec rule 164
Sec rule 140
ESE Log Threads Waiting rule 165
DRA Inbound Bytes Total Per Sec rule 141
ESE Log Writes Per Sec rule 166
DRA Inbound Full Sync Objects Remaining rule 142
ESE Table Open Cache Hits Per Sec rule 167
DRA Inbound Object Updates Remaining in Packet
ESE Table Open Cache Misses Per Sec rule 168
rule 145
ESE Table Open Cache Percent Hit rule 169
DRA Inbound Objects Applied Per Sec rule 143
ESE Table Opens Per Sec rule 170
DRA Inbound Objects Filtered Per Sec rule 144
DRA Inbound Objects Per Sec rule 145
DRA Inbound Properties Applied Per Sec rule 146 F
DRA Inbound Properties Filtered Per Sec rule 147 FAQts view 24
DRA Inbound Properties Total Per Sec rule 148 navigation tab 25
DRA Inbound Values (DNs only) Per Sec rule 148 Foglight navigation
DRA Inbound Values Total Per Sec rule 149 action panel 13
DRA Outbound Bytes Compressed (Between Sites, Af- alarm and status indicators 18
ter Compression) Per Sec rule 150 breadcrumb trail 14
DRA Outbound Bytes Compressed (Between Sites, Be- browser interface panels 12
fore Compression) Per Sec rule 151 dirll down actions 14
DRA Outbound Bytes Not Compressed (Within Site) Per display panel 13
Sec rule 152 lists 15
DRA Outbound Bytes Total Per Sec rule 152 mouse-over actions 18
DRA Outbound Objects Filtered Per Sec rule 153 navigation panel 13
DRA Outbound Objects Per Sec rule 154 time range 15
DRA Outbound Properties Per Sec rule 155 Forest Environment Summary view
DRA Outbound Values (DNs only) Per Sec rule 155 all forests 60
DRA Outbound Values Total Per Sec rule 156 individual forest 61
DRA Pending Replication Synchronizations rule 157 Forest Explorer Summary view
DRA Sync Requests Made rule 158 all forests 63
drill down actions 14 individual forest 64
Index 203
FSMO Roles view L

domain 96 LDAP Bind Time rule 194
forest 97 LDAP Client Sessions rule 195
LDAP DS Directory Reads Per Sec rule 196
G LDAP DS Threads in Use rule 196
Global Catalog Demotion rule 170 LDAP Kerberos Authentications rule 197
Global Catalog Promotion rule 171 LDAP NTLM Authentications rule 198
LDAP Performance Health view 102
LDAP Searches Per Sec rule 198
H LDAP Successful Binds Per Sec rule 199
Health view 97 lists 15
Hierarchy view 31 filtering content 16
Host ASP.NET Applications Requests in App Queue hiding columns 16
rule 172 sorting content 15
Host ASP.NET Request Current rule 173
Host CPU Privileged Time rule 174
Host CPU User Time rule 175 M
Host CPU Utilization rule 176 Memory view 103
Host DOT NET Framework Exceptions rule 177 mouse-over actions 18
Host DOT NET Framework Memory rule 178 Mouse-over Status popup 31
Host Logical Disk Sec Avg Read rule 179
Host Logical Disk Sec Avg Write rule 180 N
Host Memory Available rule 181 navigation panel 13
Host Memory Cached rule 182 Network view 104
Host Memory Paging rule 183
Host Memory Percent Committed rule 184
Host Memory Pool Non Paged Bytes rule 185 O
Host Memory Pool Paged rule 186 Object Summary view 22
Host Monitor view 98 Object Tree view 22
Host Network Available Bandwidth rule 188
Host Network Outbound Errors rule 189 P
Host Physical Disk Sec Avg Read rule 190 Performance Health view 35
Host Physical Disk Sec Avg Write rule 191 Processor view 105
Host Processor Queue Length rule 192
Host Storage Capacity rule 193
Q
Questions view 26
I Quick View 21
Inter-Site Transports view 99
Inventory By Category view 99
IP Subnets view 101
R DRA Outbound Bytes Not Compressed (Within Site)

Replication Performance Health view 106 Per Sec 152
reporting on AD enterprise 53 DRA Outbound Bytes Total Per Sec 152
reports 54 DRA Outbound Objects Filtered Per Sec 153
Reports dashboard 53 DRA Outbound Objects Per Sec 154
Resource Utilization Details view 86 DRA Outbound Properties Per Sec 155
Resource Utilization view 34, 108 DRA Outbound Values (DNs only) Per Sec 155
rule DRA Outbound Values Total Per Sec 156
Active Directory Host Services 133 DRA Pending Replication Synchronizations 157
Active Directory NTDS DIT Queue Length 134 DRA Sync Requests Made 158
Database - Time to Fill Logical Disk for DS Security Descriptor Propagation Events 159
NTDS.DIT 136 DS Security Descriptor Suboperations Per Sec 159
Database File Bytes Read Per Sec 134 ESE Database Cache Percent Hit 160
Database File Bytes Written Per Sec 135 ESE Database Cache Size 161
Database File Operations Per Sec 136 ESE Database Page Fault Stalls Per Sec 163
DC Connectivity 137 ESE Database Page Faults Per Sec 162
DC ICMP Ping Response 138 ESE Log Record Stalls Per Sec 164
DNS Total Queries Received Per Sec 138 ESE Log Threads Waiting 165
DNS Total Responses Sent Per Sec 139 ESE Log Writes Per Sec 166
DRA Inbound Bytes Compressed (Between Sites, ESE Table Open Cache Hits Per Sec 167
Before Compression) Per Sec 140 ESE Table Open Cache Misses Per Sec 168
DRA Inbound Bytes Not Compressed (Within Site) Per ESE Table Open Cache Percent Hit 169
Sec 140 ESE Table Opens Per Sec 170
DRA Inbound Bytes Total Per Sec 141 Global Catalog Demotion 170
DRA Inbound Full Sync Objects Remaining 142 Global Catalog Promotion 171
DRA Inbound Object Updates Remaining in Host ASP.NET Applications Requests in App
Packet 145 Queue 172
DRA Inbound Objects Applied Per Sec 143 Host ASP.NET Request Current 173
DRA Inbound Objects Filtered Per Sec 144 Host CPU Privileged Time 174
DRA Inbound Objects Per Sec 145 Host CPU User Time 175
DRA Inbound Properties Applied Per Sec 146 Host CPU Utilization 176
DRA Inbound Properties Filtered Per Sec 147 Host DOT NET Framework Exceptions 177
DRA Inbound Properties Total Per Sec 148 Host DOT NET Framework Memory 178
DRA Inbound Values (DNs only) Per Sec 148 Host Logical Disk Sec Avg Read 179
DRA Inbound Values Total Per Sec 149 Host Logical Disk Sec Avg Write 180
DRA Outbound Bytes Compressed (Between Sites, Host Memory Available 181
After Compression) Per Sec 150 Host Memory Cached 182
DRA Outbound Bytes Compressed (Between Sites, Host Memory Paging 183
Before Compression) Per Sec 151 Host Memory Percent Committed 184
Host Memory Pool Non Paged Bytes 185
Host Memory Pool Paged 186
Index 205
Host Network Available Bandwidth 188 Top 3 LDAP Bind Times view 119
Host Network Outbound Errors 189 Top 3 Memory Consumers view 119
Host Physical Disk Sec Avg Read 190 Top 3 Network Consumers view 120
Host Physical Disk Sec Avg Write 191 Top 3 Replication Queue Length view 120
Host Processor Queue Length 192 Top 3 Storage Consumers view 121
Host Storage Capacity 193 Top AD Metrics view 113
LDAP Bind Time 194 Topology view 30
LDAP Client Sessions 195 Trusts view 121
LDAP DS Directory Reads Per Sec 196
LDAP DS Threads in Use 196 V
LDAP Kerberos Authentications 197
view
LDAP NTLM Authentications 198
Active Directory Enterprise 29
LDAP Searches Per Sec 198
Active Directory Environment Overview 21
LDAP Successful Binds Per Sec 199
adExplorer Primary view 31
SVR Record Registered 200
Alarms 25, 35
Rule Management dashboard 37, 124
Alarms List 28
Alarms Overview 27
S Answer 26
search controls 16 Categories 26
Server Health view 110 Core Services 35, 92
Site Environment Summary view Database Performance Health 92
all sites 72 Domain Controller Database 88
individual site 74 Domain Controller Details 94
Site Explorer Summary view Domain Controller Environment Summary
all sites 76 all DCs 79
individual site 77 individual DC 80
Statistics view 111 Domain Controller Explorer Summary
status indicators 18 all DCs 82
Storage view 112 individual DC 84
Summary and Resource Information view 35, 112 Domain Controller LDAP 89
Summary view 33 Domain Controller Replication 90
support 10 Domain Controllers 34, 95
SVR Record Registered rule 200 Domain Environment Summary
all domains 66
T individual domain 67
Domain Explorer Summary
technical support 10
all domains 69
time range 15
Top 3 Consumers view 117
FAQts 24
Top 3 CPU Consumers view 118
navigation tab 25
Top 3 DS Directory Reads Per Sec view 118
Forest Environment Summary Top 3 Memory Consumers 119

all forests 60 Top 3 Network Consumers 120
individual forest 61 Top 3 Replication Queue Length 120
Forest Explorer Summary Top 3 Storage Consumers 121
all forests 63 Top AD Metrics 113
individual forest 64 Topology 30
FSMO Roles Trusts 121
domain 96
forest 97
Health 97
Hierarchy 31
Host Monitor 98
Inter-Site Transports 99
Inventory By Category 99
LDAP Performance Health 102
Memory 103
Network 104
Object Summary 22
Object Tree 22
Performance Health 35
Processor 105
Questions 26
Quick View 21
Replication Performance Health 106
Resource Utilization 34, 108
Resource Utilization Details 86
Server Health 110
Site Environment Summary
all sites 72
individual site 74
Site Explorer Summary
all sites 76
individual site 77
Statistics 111
Storage 112
Summary 33
Summary and Resource Information 35, 112
Top 3 Consumers 117
Top 3 CPU Consumers 118
Top 3 DS Directory Reads Per Sec 118
Top 3 LDAP Bind Times 119

CartridgeForActiveDirectory Guide

Încărcat de

Informații document

Descriere originală:

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

CartridgeForActiveDirectory Guide

Încărcat de

Drepturi de autor:

Formate disponibile

Foglight ®

Third Party Contributions

User and Reference Guide

Introduction to this Guide ...................................................................................................................................9

Cartridge Navigation Basics .............................................................................................................................11

Exploring the Cartridge for Active Directory Dashboards .............................................................................19

Active Directory Enterprise View............................................................................................................................ 29

Managing Active Directory Agents.................................................................................................................. 39

Reporting on Your Active Directory Enterprise ............................................................................................. 53

Cartridge for Active Directory Views............................................................................................................... 59

Domain Controller Explorer Summary View...........................................................................................................84

Top 3 Storage Consumers View .......................................................................................................................... 121

Cartridge for Active Directory Rules ............................................................................................................. 123

DRA Outbound Objects Filtered Per/sec Rule .....................................................................................................153

Host Memory Pool Non Paged Bytes Rule .......................................................................................................... 185

Index ................................................................................................................................................................. 201

About Quest Software, Inc.

Contacting Quest Software

Mail Quest Software, Inc.

Web site www.quest.com

Contacting Quest Support

Foglight Browser Interface Panels

Drill Down Actions

To specify individual fields to be searched:

8 The results of your search is displayed in the list.

Alarms and Status Indicators

Accessing the Active Directory Dashboards

Active Directory Environment Dashboard

Active Directory Environment Overview

Description of Embedded Views

Object Tree View

Object Summary View

Item Selected in Item Selected Views Displayed in Object Summary View

Forests Tile Summary A tombstone for each forest in your Active

Item Selected in Item Selected Views Displayed in Object Summary View

Forests Tile - Summary A tombstone for each forest in the selected

Forests Tile or Forest Item In addition to a tombstone for the selected

Domains Tile Summary A tombstone for each domain in your Active

Domains Tile - Summary A tombstone for each domain in the selected

Domains Tile or Domain Item In addition to a tombstone for the selected

Sites Tile Summary A tombstone for each site in your Active

Item Selected in Item Selected Views Displayed in Object Summary View

Domain Summary A tombstone for each DC in your Active

Domain Summary A tombstone for each DC in the selected state.

Domain Domain In addition to a tombstone for the selected DC,

FAQts View - Navigation Tab

Description of Embedded Views

The adAlarms dashboard consists of the following views:

Alarms List View

General Active Directory (not DC, Domain, Forest or

Info Selecting the Info icon displays a metrics popup which

Alarm Message Displays the alarm message.

Active Directory Enterprise View

Description of Embedded Views

Mouse-over Status Popup

adExplorer Primary View

Item Selected in Active Directory Tabs Displayed in adExplorer Primary View

Object Container (Forests, Domains, • Summary (All)

Forest Object • Summary

Domain Object • Summary

Site Object • Summary

Domain Controller Object • Summary