SCOM ile Active Directory Replikasyon İzleme

## 1. SCOM Monitör Yapılandırması ### 1.1 Temel Monitörler #### Replikasyon Durum Monitörleri ``` - AD Replication Latency Monitor - Threshold: 180 dakika - Severity: Critical - Enabled: True - Target: Domain Controllers - AD Replication Failure Monitor - Collection Interval: 5 dakika - Consecutive Samples: 3 - Severity: Critical - Enabled: True ``` #### Performans Monitörleri ``` - Directory Service Counter Monitor - DS Directory Reads/sec - DS Directory Writes/sec - LDAP Client Sessions - LDAP Bind Time - Threshold: Dinamik baseline ``` ### 1.2 Özel Monitör Kuralları ```powershell # Örnek Monitor Rule Type: Aggregate Rollup Rule Name: AD Replication Health State Parameters: - Monitor Type: AD Replication - Percentage Failed: 20% - Sample Count: 5 - Time Window: 15 minutes ``` ## 2. Alert Yapılandırması ### 2.1 Kritik Alertler 1. **Replikasyon Gecikmesi** ```xml <Alert> <Name>High Replication Latency</Name> <Description>Replication delay exceeded threshold</Description> <Threshold> <Value>180</Value> <Unit>Minutes</Unit> </Threshold> <Priority>High</Priority> <AutoResolve>False</AutoResolve> </Alert> ``` 2. **Replikasyon Hatası** ```xml <Alert> <Name>Replication Failure</Name> <Description>Consecutive replication failures detected</Description> <Threshold> <Count>3</Count> <TimeWindow>15</TimeWindow> </Threshold> <Priority>Critical</Priority> <AutoResolve>False</AutoResolve> </Alert> ``` ### 2.2 Uyarı Monitörleri ``` - Tombstone Lifetime Monitor - Warning: 45 days - Critical: 55 days - Action: Email + Ticket - Lingering Object Detection - Interval: Daily - Action: Email + Script ``` ## 3. Performance Collection Rules ### 3.1 Temel Metrikler ``` Collection Interval: 5 minutes Metrics: - DS Directory Reads/sec - DS Directory Writes/sec - LDAP Client Sessions - LDAP Bind Time - DRA Pending Replication Operations - DRA Pending Replication Synchronizations ``` ### 3.2 Özel Koleksiyon Kuralları ```powershell # Replikasyon Performans Verisi Rule Name: AD Replication Performance Collection Collection Interval: 300 seconds Target: Domain Controllers Counters: - \DirectoryServices\DS Directory Reads/sec - \DirectoryServices\DS Directory Writes/sec - \DirectoryServices\LDAP Client Sessions ``` ## 4. Diagnostic ve Recovery Tasks ### 4.1 Otomatik Teşhis Görevleri ```powershell # Replikasyon Durum Kontrolü Task Name: Check Replication Health Script: repadmin /showrepl * /csv > replstatus.csv Import-Csv replstatus.csv | Where-Object {$_."Number of Failures" -gt 0} Schedule: Every 4 hours ``` ### 4.2 Recovery Tasks ```powershell # Otomatik Replikasyon Tetikleme Task Name: Force Replication Script: repadmin /syncall /A /e /P Trigger: Manual + Alert Response ``` ## 5. Dashboard ve Raporlama ### 5.1 SCOM Dashboard Bileşenleri ``` Dashboard Elements: 1. Replication Status Widget - Current Status - Last Successful Sync - Failed Attempts 2. Performance Widget - LDAP Operations/sec - Replication Latency - Queue Length 3. Health State Widget - DC Health - Replication Health - Service Health ``` ### 5.2 Özel Raporlar ```sql -- Replikasyon Performans Raporu SELECT ComputerName, TimeGenerated, ReplicationLatency, FailureCount, LastSuccessSync FROM PerformanceData WHERE TimeGenerated > DATEADD(day, -7, GETDATE()) ORDER BY TimeGenerated DESC ``` ## 6. Best Practices ### 6.1 Monitör Yapılandırması 1. **Threshold Ayarları** - Replikasyon Gecikmesi: 180 dakika - Consecutive Failures: 3 - Collection Interval: 5 dakika 2. **Alert Konfigürasyonu** - Critical alerts için SMS - Warning alerts için email - Information alerts için log ### 6.2 Maintenance Windows ``` Maintenance Window Configuration: - Weekly Window: Pazar 02:00-06:00 - Monthly Window: Ayın ilk Cumartesi 23:00-03:00 - Suppress Alerts: True - Exclude Critical Alerts: False ``` ## 7. Sorun Giderme ### 7.1 Yaygın Alert Çözümleri 1. **High Replication Latency** ```powershell # Çözüm Adımları 1. repadmin /showrepl 2. Check network connectivity 3. Verify DNS resolution 4. Check AD service status ``` 2. **Replication Failures** ```powershell # Teşhis Adımları 1. dcdiag /test:replications 2. repadmin /showrepl * /csv 3. Check Event Viewer 4. Verify Firewall Rules ``` ## 8. Önemli PowerShell Scriptleri ### 8.1 Health Check Script ```powershell # AD Replikasyon Sağlık Kontrolü $DCs = Get-ADDomainController -Filter * foreach ($DC in $DCs) { $Results = repadmin /showrepl $DC.HostName $Status = $Results | Select-String "failed" if ($Status) { Write-Host "Replication issues found on $($DC.HostName)" Send-MailMessage -To "admin@domain.com" -Subject "Replication Alert" } } ``` ### 8.2 Performans İzleme Scripti ```powershell # Performans Verisi Toplama $Counter = "\DirectoryServices\DS Directory Reads/sec" Get-Counter -Counter $Counter -SampleInterval 5 -MaxSamples 12 | Select-Object -ExpandProperty CounterSamples | Select-Object -Property CookedValue, TimeStamp ``` Bu detaylı SCOM monitör yapılandırması: - Temel ve gelişmiş monitörleri içerir - Alert yapılandırmalarını detaylandırır - Performans metriklerini açıklar - Otomatik teşhis ve düzeltme görevlerini tanımlar - Dashboard ve raporlama örnekleri sunar - Best practices ve sorun giderme yöntemlerini içerir