Use this Knowledge Script to monitor the number of Active Directory client sessions. Typically, there are three types of clients that need to access the Active Directory:
Lightweight Directory Access Protocol (LDAP) clients
Address book clients (AB clients)
Exchange Directory Service clients (XDS clients)
The Active Directory system administrator configures a maximum number of threads to service each of these clients. With this script, you can set a threshold for maximum number of active clients sessions across all client session types. This script raises an event if the total number of client sessions exceeds the threshold you set.
A sudden surge in the number of clients may indicate that either another domain controller has gone offline, or that a change in the Active Directory subnet definitions has defined this DC as “closest.”
If a surge is due to a change in Active Directory subnet definitions, then the DC being monitored may indeed be the closest server, in which case you should close the event. If this is not the intended closest DC, re-check your definitions to see why the expected DC is not in the correct site.
This script gathers the following Windows performance counter values for use in data collection and threshold monitoring:
Performance Objects |
Counters |
---|---|
NTDS DirectoryServices |
LDAP Client Sessions AB Client Sessions XDS Client Sessions |
The total number of client sessions is calculated using the following formula:
Number of AB client sessions + Number of LDAP client sessions + Number of XDS client sessions
Active Directory domain controller
The default interval for this script is Every 30 minutes.
Set the following parameters as needed:
Parameter |
How to Set It |
---|---|
General Settings |
|
Raise event if job fails |
|
Event severity when job fails |
Set the severity level, from 1 to 40, to indicate the importance of an event in which the ClientSessions job fails. The default is 35. |
Monitor number of client sessions |
|
Event Notification |
|
Raise event if number of client sessions exceeds threshold? |
Select Yes to raise an event if the number of client sessions exceeds the threshold you set. The default is Yes. |
Threshold -- Maximum number of client sessions |
Specify the maximum number of active client sessions allowed during an interval before an event is raised. The default is -1 sessions. You must change the default setting to run this script. You should first collect data to establish a baseline, then specify a threshold appropriate to your environment. |
Event severity when client sessions exceed threshold |
Set the event severity level, from 1 to 40, to indicate the importance of an event in which the number of client sessions exceeds the threshold you set. The default is 20. |
Data Collection |
|
Collect data for number of client sessions? |
Select Yes to collect data for charts and reports. If enabled, data collection returns the number of client sessions of each type for the interval. The default is unselected. |
This script monitors all three types of client sessions and raises an event if the total number of client sessions exceeds the threshold. Although the event is based on the total number of client sessions, the script collects data for each type of client session separately. Because you can collect data on the number of sessions for each client type, you can use this script to analyze your client session usage and compare the usage patterns to your Active Directory configuration.
For example, assume you have configured the ATQ (Asynchronous Thread Queue) for LDAP to use a maximum of 100 threads. If you enable data collection, you can keep track of the number of LDAP client sessions detected at each interval. If you see a steady increase, you can check for stale or hung LDAP client sessions, which are sessions that have not timed out properly. If hung client sessions are not the cause of the problem and the computer is frequently near the maximum thread limit, you may need to increase the number of ATQ threads for servicing the LDAP clients.
You can also use the Number of consecutive occurrences before raising an event option, on the Advanced tab of the Properties dialog box, to determine whether client session activity is an ongoing problem or simply an unusual spike in activity.