Page 1 of 1
AD Connect monitoring
Posted: Tue Mar 23, 2021 10:24 am
by kalyanpabolu
Hi Team,
We want to monitor AD connect in Nagios XI. I could find below plugin to monitor the same but I am unable to find the the plugin name itself.
Below is the link:
https://exchange.nagios.org/directory/P ... 20%2DHours.
Please suggest some plugins that would be helpful to monitor AD connect sync.
Re: AD Connect monitoring
Posted: Wed Mar 24, 2021 10:09 am
by benjaminsmith
Hi
@kalyanpabolu,
There is a collection for plugins by this member on GitHub. This looks like the plugin you are looking for:
https://github.com/juangranados/nagios- ... ctsync.ps1
--Benjamin
Re: AD Connect monitoring
Posted: Wed Mar 24, 2021 10:52 am
by kalyanpabolu
Hello,
Thank you for your reply.
I am not sure how to use powershell script in Linux. Could you please guide us on the same?
Please give an example to use the script.
Re: AD Connect monitoring
Posted: Wed Mar 24, 2021 6:16 pm
by ssax
The powershell scripts are meant to be run through an agent such as NCPA that would be running on the remote Windows server, see here:
https://support.nagios.com/kb/article/n ... a-722.html
Re: AD Connect monitoring
Posted: Thu Mar 25, 2021 9:20 am
by kalyanpabolu
Hello,
Thank you for the help!!
We are able to get the correct output using the same plugin but I am getting some additional error message as well.
[root@vmaz-nagiosxi libexec]# /usr/local/nagios/libexec/check_ncpa.py -H 10.44.3.78 -t ******* -P 5693 -M 'plugins/check_azureadconnectsync.ps1'
Get-ADSyncScheduler : The term 'Get-ADSyncScheduler' is not recognized as the
name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is
correct and try again.
At C:\Program Files (x86)\Nagios\NCPA\plugins\check_azureadconnectsync.ps1:36
char:20
+ $ADSyncScheduler = Get-ADSyncScheduler
+ ~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Get-ADSyncScheduler:String) [],
CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
CRITICAL: Azure AD Connect Sync is disabled. Server is in active mode. Latest heart beat event (within last 3 hours). Time 03/25/2021 14:47:50.
[root@vmaz-nagiosxi libexec]#
Can you please help me on the same?
Re: AD Connect monitoring
Posted: Thu Mar 25, 2021 6:29 pm
by ssax
It may need to use the 32-bit powershell.
Edit your
C:\Program Files (x86)\Nagios\NCPA\etc\ncpa.cfg on the Windows server and comment out this one that is uncommented:
Code: Select all
.ps1 = powershell -ExecutionPolicy Bypass -File $plugin_name $plugin_args
To this:
Code: Select all
#.ps1 = powershell -ExecutionPolicy Bypass -File $plugin_name $plugin_args
Then add this one in its place:
Code: Select all
.ps1 = c:\windows\sysnative\windowspowershell\v1.0\powershell.exe -ExecutionPolicy Bypass -File $plugin_name $plugin_args
Then restart the ncpa_listener service on the Windows system, run the check again, and let us know the results.
EDIT: If that doesn't fix it, you may need to do this:
https://www.michev.info/Blog/Post/1355/ ... et-missing
If that doesn't fix it, try reverting the ncpa.cfg back to use the original .ps1 line and then test again.
Re: AD Connect monitoring
Posted: Wed Apr 14, 2021 4:36 am
by kalyanpabolu
Hello Sean,
We are able to get the output now, but the timestamp it is showing is incorrect. The latest sync timing is around 1 PM GT today.
But, in attached screenshot, you can see its showing 11:48 AM GST.
Is there nay difference in between heart beat event and sync?
Please suggest.
Re: AD Connect monitoring
Posted: Wed Apr 14, 2021 5:42 pm
by ssax
The time output is coming directly from the plugin, I would check the date/time on the remote system that is running the plugin, I don't think NCPA would have any impact on it, do this:
- Login to the Windows system:
- Open up a 32bit powershell session as an admin
- cd into C:\Program Files (x86)\Nagios\NCPA\plugins
- Run the plugin manually, what does it output?