SCOM Active Directory monitors

I am looking to whittle down the alerts for AD and was wondering if anyone knew of a best practices guide for the most essential monitors. I believe the SCOM admin just fired up the AD Management pack and suggested we narrow it down. We have a large enterprise with about 180 DCs spread over the country and in a few other countries, so I find some of the alerts are transient causes by network issues more than AD. If anyone has a list or guide of essential monitors for AD it would give me a good start I can add to as needed. Thanks.
Jerry DunningAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Schnell SolutionsSystems Infrastructure EngineerCommented:
Hello Jerry,

In a similar way I use SCOM to monitor environments with +200 DCs distributed across regions. You are absolutely right, it is not enough with just firing up the AD Management Pack, what is recommended is to follow the .docx document that comes with the MP and follow step by step their configurations.

From a best practice perspective, the MP includes what Microsoft considers that is the best to monitor. However, each environment is different and it means that SCOM will require special turnings. So, despite of these best practices it is necessary to work with the MP Guide (.docx file) and configure, enable or disabled each monitor, alert, performance counter or component as it suits our environment. These configurations will include a initial configuration that includes create service accounts for SCOM, configure special permissions, configure dedicate watcher agents, configure special components if you want to monitor the health of special services, such as the SYSVOL folders replication, etc.

In summary, the general best practices are natively configured in the MP as it comes, but in particularly, we need to tune it. If not we will have a terrible experience with the product with many alerts that we will not wish to have.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.