Azure & Active Directory Center

Recap of ENow’s webinar discussing the importance of Active Directory Monitoring & Reporting, and best practices that can be implemented with a robust Active Directory Monitoring tool

Monitoring the vitals of Active Directory is crucial for the network health and security of any organization. However, there’s a big difference between Active Directory monitoring and Domain Controller monitoring. There’s also a big difference between monitoring and reporting, and both are necessary to ensure Active Directory doesn’t become a liability for your organization.

To help IT Pros learn more about the intricacies of monitoring Active Directory,  ENow hosted a webinar on the topic with Sander Berkouwer, Microsoft MVP, and Jay Gundotra, Technical Founder & CEO of ENow.

Couldn’t attend this time? We’ve got you covered. Below you’ll find some key takeaways from the webinar, as well as a recording of the webinar. 

Active Directory replication failures are like a leaking water pipe in your wall.   You don’t notice anything at first, but by the time you do, there is significant damage. It’s probably not altogether difficult to “repair” AD at this point and stop the "leak", but the damage remains. Monitoring Active Directory replication is essential to catching the little problems before they become major. It all starts with AD object inconsistencies between domain controllers.

Powershell functions can be created as advanced functions. These functions behave very similarly to built-in Powershell cmdlets. Because I can't do without the ability to add a -Verbose or -Debug parameter to my functions now nowadays, these are the only kind of functions I build. Advanced functions, just like "dumb" functions, have parameters. The parameters are the values that are passed into the function from your script.

Once a business begins to use Active Directory more and more, depending on how large the organization is, objects have the tendency to become "stale." Every employee typically has an Active Directory user account. They are assigned one the day they are hired. At the same time, if they received a computer, that computer was probably joined to the Active Directory domain. Now, let's say they were assigned to a personal printer and they need to share that printer with “Bob” down the hall. “Susie's” printer could now go into Active Directory. What about Susie's computer's DNS record? Many companies choose to integrate DNS with Active Directory as well which is yet another object in Active Directory! You get the point.

Now that you've got an understanding of Powershell's advanced functions and the ValidateSet() parameter validation method in the first part of this blog, “Validating Powershell Advanced Function Parameters” you can begin Part #2 of this small post series. Part 2 of this series goes deeper by demonstrating how to dynamically create your sets for ValidateSet() so they aren't hardcoded in. This is essential when dealing with values that may constantly change or even if you just want to practice writing good scripting and have no static references.