Monitor Active Directory (for free!) with Azure OMS

One of the best tenants of cloud computing has to be the consumption based approach to pricing. This allows businesses to utilize as much or as little as they need, and pay only for what they use. Far too often decision makers get drawn into paying expensive fees to acquire licensing for the core items of a piece of software or tool-set, which ends up far exceeding their needs. Consumption based clouds afford us opportunities to deviate from those legacy purchase methods and re-tool our environments to utilize newer tools. One such example is Azure Operations Management Suite (OMS). OMS is a cloud based monitoring and analytics platform with a competitive pricing structure and a ton of functionality out-of-the-box. That is just the beginning, as it also provides a solid foundation to assemble your own custom monitoring, alerting and analytics needs from all sorts of systems and data sources. Today, let’s take a look at using some of the built-in solution templates provided within OMS; specifically two that allow you to monitor and alert on Active Directory.

 

Free?

Obviously nothing in life is ever truly free, so naturally there are costs associated with using OMS. However, Microsoft does offer a “Free Tier” for up to 5 machines and 500MB of logs with 7 day retention. So for organizations with 5 or fewer Domain Controllers and a relatively low user count, you could get away with monitoring your AD domain using the free tier. Be sure to review the pricing whitepaper and FAQ to fully strategize your usage of OMS in your organization.

 

Deploy the OMS Solution

The first thing we need to do is deploy the an OMS solution, which will also lead us to deploying an OMS workspace as part of the process.

In the Azure Portal, click on the Add button and search for Active Directory Health Check and select it for deployment:

 

As part of the solution deployment, configure the settings for a new OMS Workspace.

 

Once deployment is complete, locate the solution resource and click on it. Choose Virtual Machines on the left hand menu and find the Domain Controllers you wish to connect to OMS. Click on each VM and choose Connect in the menu that appears:

 

 

If you plan on connecting Domain Controllers that do not reside in Azure, you can do so by browsing to the OMS Workspace menu option in the AD Assessment solution resource and choosing OMS Portal at the top. In the OMS Portal, select the gear icon on the top right-hand side of the screen and browse to Connected Sources > Windows Servers. In the right-hand window, download the OMS agent installer and notate the Workspace ID and one of the Keys. Copy the installer to your domain controllers and proceed with installation on each one.

 

Once your Domain Controllers are connected, allow 30-45 minutes for data to begin to populate and for the solution to begin working. Browse to the OMS Workspace menu item of the solution in the Azure Portal, or browse to the main page of the OMS Portal to view the status of the solution.

 

Click on the Summary to dig deeper into the Health Check.

 

Once you locate sections that list suggested improvements to your AD environment, click on those sections to review detailed information about each suggestion.

 

Active Directory Replication Status

Now we have an active Active Directory Assessment in place, but that only runs occasionally and gives us proactive measures to improve our domains health. We also want to actively monitor for issues as they occur.

Browse to the OMS Portal and click on the Shopping Bag icon on the left menu. Once there, search for AD Replication Status, select it and click Add:

 

 

After a short while, data will start flowing to this new solution and alert you to any replication errors:

 

If you don’t want to check the OMS or Azure Portal every few hours, set up an alert to keep you apprised of any replication hiccups. Drill down into the Replication Error section by clicking on See All…; Then, click New Alert at the top of the screen, and fill in the necessary settings to create a new alert.

 

 

If you do want to view this information routinely, you can do so in a number of ways. Log into the OMS Portal and view the Dashboard, send the information to Power BI and display it there, or create a new Dashboard in the Azure Portal and pin the pertinent summaries.

 

 

 

Conclusion

There you have it; quick and easy Active Directory monitoring, alerting, and health recommendations. This is just the tip of the iceberg in terms of what OMS is capable of, so play around with the various solutions in your sandbox environment and determine if the solution is right for you.