Active Directory
Replication Monitoring Configuration
The Active Directory
management pack can monitor the replication latency between domain
controllers in Active Directory. It uses sources and targets domain
controllers, where the source domain controllers create objects in the
OpsMgrLatencyMonitors container. These objects are read by the targets,
which log performance data in the OpsMgr databases. There will be a
replication counter for each domain partition, for the DomainDNSZones
partition, and for the ForestDNSZones partition between each source and
target pair. There will also be a counter for minimum replication
latency and average replication latency.
The Active Directory
management pack has the sources and targets disabled by default due to
the number of counters that can potentially be created. Overrides need
to be created for each source and each target domain controller to get
the replication monitoring to function.
It is a best practice to
reduce the number of sources and targets to a minimum, due to the number
of counters that get created. An example of a source-target model might
be to make all branch offices sources and a single central office DC as
the target. Another example might be to pick a single DC in each site
to be in both the source and target groups, assuming there are a limited
number of sites.
The steps to set the source
overrides are as follows:
1. | Launch
the Operations Manager 2007 R2 console.
|
2. | Select the Authoring section.
|
3. | Expand the Management Pack Objects node.
|
4. | Ensure that the console is not scoped for any objects.
|
5. | Select the Rules node.
|
6. | In the Look For field, enter sources and click
Find Now.
|
7. | Select the
rule “AD Replication Monitoring Performance Collection (Sources)” in
the “Type: Active Directory Domain Controller Server 2008 Computer
Role”.
|
8. | Right-click
the rule and select Overrides, Override the Rule, and For a Specific
Object of Class: Active Directory Domain Controller Server 2008 Computer
Role.
|
9. | The Select
Object window opens and shows matching objects. Select the domain
controller that will be the source and click OK.
|
10. | Check the Override box next to Enabled and set the
value to True.
|
11. | In the
Select Destination Management Pack pull-down menu, select the
appropriate override management pack. If none exists, create a new
management pack named “Active Directory MP Overrides” by clicking New.
Note
Never use the Default
Management Pack for overrides. Always create an override management pack
that corresponds to each imported management pack.
|
12. | Click OK
to save the override.
|
13. | Repeat for each domain controller that will be a source.
|
The steps to set the target
overrides are as follows:
1. | Launch
the Operations Manager 2007 R2 console.
|
2. | Select the Authoring section.
|
3. | Expand the Management Pack Objects node.
|
4. | Ensure that the console is not scoped for any objects.
|
5. | Select the Rules node.
|
6. | In the Look For field, enter targets and click
Find Now.
|
7. | Select the
rule “AD Replication Monitoring Performance Collection (Targets)” in
the “Type: Active Directory Domain Controller Server 2008 Computer
Role”.
|
8. | Right-click
the rule and select Overrides, Override the Rule, and For a Specific
Object of Class: Active Directory Domain Controller Server 2008 Computer
Role.
|
9. | The Select
Object window opens and shows matching objects. Select the domain
controller that will be the source and click OK.
|
10. | Check the Override box next to Enabled and set the
value to True.
|
11. | In the
Select Destination Management Pack pull-down menu, select the
appropriate override management pack. Use the same one from the previous
steps when selecting the sources.
|
12. | Click OK to save the override.
|
13. | Repeat for each domain controller that will be a
target.
|
After a period of time,
monitoring will begin. Counters will be measuring the replication
latency between the partitions. In addition, replication latency alerts
will be triggered if latency falls below the predefined thresholds.
This sets the sources
and targets for Windows Server 2008 domain controllers. For other
versions such as Windows Server 2003 and Windows 2000 Server domain
controllers, the overrides need to be created for those domain
controllers separately. Also, the replication latency mechanism does not
support cross-version replication latency measurement.
Note
It might be tempting to make
all domain controllers both sources and targets. Each domain controller
would then be connected to every other domain controller. This is also
known as a full mesh. However, the problem is that the number of
connections grows as a power of 2. The general function for the number
of connection in a full mesh is:
f(x)= (x^2-x)/2
where x is the number of
domain controllers and f(x) is the number of connections.
This means that 2 DCs will
have 1 connection, 3 DCs will have 3 connections, 4 DCs will have 6
connections, and so on. By the time you get to 20 domain controllers,
you have 190 connections. The connections are bidirectional and there
are at least 5 counters that are collected per source-target pair, so
for 20 DCs in a full mesh, there would be 1,900 performance counters
(190 connections x 2 bidirectional x 5 counters) gathering data. Full
mesh is bad!
