Kerry DeVilbiss

Windows ConfigSources: Active Directory

Recommended Posts

LogicMonitor's configuration backup product, LMConfig, has traditionally been focused on network device configuration backup and diff alerting. However, like other LogicMonitor LogicModules, we provide the capability to run both Groovy and PowerShell scripts in order to retrieve this information. Given those PowerShell capabilities, we can tap into the Windows Active Directory PowerShell modules and use LogicMonitor as an auditing tool. For example:

Query Active Directory for a list of domain computers, and generate an alert if this list changes:

image.thumb.png.5bab8f9c93249e99adbb431cca5d87e8.png

Query Active Directory for the Default Domain Password Policy, and generate an alert if it doesn't comply with Microsoft best practices.

image.thumb.png.b4b12478da1b7d3a46122a051fbb7c26.png

The current suite of Active Directory ConfigSources consists of (11) ConfigSources that will attempt integrated authentication using a Windows collectors' service account - unless it finds wmi.user and wmi.pass properties set - in which case it will attempt to use those instead. I've published them to Github and they can be downloaded from the ConfigSources repository.

image.png.f06568d1e283b9371b67f2197d803615.png

*These are "officially unsupported" by LogicMonitor, so please proceed with caution!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now