DX Unified Infrastructure Management

Hey all,

I need an alarm to be triggered in nimsoft as soon as a user is deactivated on AD server.

Is there any metric under the probes available to do the same ?

thanks

Anmol

We currently do not have a probe for this.

Might want to check with MS and see if this can be written to an event log

or some type of notification generated and then you could monitor for that.

Hi Anmol,

I advice you to check with your AD team for event ID being generated when a user is disconnected or whatever situation you want to monitor. There is one ADEVL probe which you can use to configure for AD related event ID or you can use ntevl probe according to the logs being written in windows event log. Check with Wintel\AD team for details of event ID and configure is accordingly. Also do the testing if multiple ID's are generated then how many alerts you are receiving on your console. I would be happy to help you in this. Let me know if any query further.

There is a probe for monitoring Active Directory events - adevl.  Supposedly, it does the same event log monitoring that the ntevl probe does, but with special things in it for Active Directory.  HOWEVER...  the AD probe does not seem to get updated with the same frequency that the ntevl probe does and it suffers from lagging behind.  As a result, I have taken the things I care about in AD and just added them to my ntevl probe.  This works every time where my results with the AD probe have been... unreliable.

Here is a list of event codes for user management in AD.  I think the one you want would be 4725.

HTH,

Chris