Use this Knowledge Script to monitor how long it takes AppManager to log in to an Active Directory domain. You can also use this script to monitor how long it takes (response time) to read a property value of an object on the Domain Controller. This script raises an event if the login time or response read time exceeds the threshold you specify.
You can specify the Domain Controller to which you want to log in. If you do not specify a Domain Controller, then the script uses the nearest one. You must specify the account name and password used to connect to the Domain Controller.
To monitor response time for read operations, specify the LDAP path and the property name of an Active Directory object.
Windows 2003 Server or later
The default schedule for this script is Once every 30 minutes.
Set the following parameters as needed:
|
Parameter |
How to Set It |
|---|---|
|
Raise event if login or read response time exceeds threshold? |
Select Yes to raise an event if the authentication time or response time exceeds the threshold you specify. The default is Yes. |
|
Collect data for login or read response time? |
Select Yes to collect data for charts and reports. If enabled, data collection returns the authentication time (in ms) and the response time (in ms). The default is unselected. |
|
Authenticate against domain controller |
Specify the name of the Domain Controller for which you want to authenticate the login. If you do not specify a name, the script uses the nearest Domain Controller. The default is server.netiq.com. |
|
User name |
Specify the domain and user name for the account you are using to log in. Use the following format for this parameter: <domain>\<username> |
|
Account password |
Specify the password for the account you are using to log in. The password is stored in an encrypted format. NOTE:Maximum allowed password length is 32 characters. |
|
Threshold - Maximum login time |
Specify the maximum amount of time it can take to log in to the Domain Controller before an event is raised. The default is 1000 ms. |
|
Monitor read-response time? |
Select Yes to monitor the time (in ms) required to read the property value of an Active Directory object from a client. The default is unselected. |
|
LDAP path to an object on the target AD server |
Specify the LDAP path to the Active Directory object for which you want to measure response time. The default is LDAP://server.netiq.com/RootDSE. |
|
Specify a property of the AD object |
Specify a property of the Active Directory object for which you want to measure response time. The default is serverName. |
|
Threshold - Maximum read time |
Specify the maximum amount of time it can take to read the specified property before an event is raised. The default is 1000 ms. |
|
Event severity when login or response time exceeds threshold |
Set the event severity level, from 1 to 40, to indicate the importance of an event in which a threshold is exceeded. The default is 8 (red event indicator). |
|
Event severity level when job fails |
Set the event severity level, from 1 to 40, to indicate the importance of an event in which the ADAuthentication job fails. The default is 35 (magenta event indicator). |