## 1. SCOM Monitör Yapılandırması
### 1.1 Temel Monitörler
#### Replikasyon Durum Monitörleri
“`
– AD Replication Latency Monitor
– Threshold: 180 dakika
– Severity: Critical
– Enabled: True
– Target: Domain Controllers
– AD Replication Failure Monitor
– Collection Interval: 5 dakika
– Consecutive Samples: 3
– Severity: Critical
– Enabled: True
“`
#### Performans Monitörleri
“`
– Directory Service Counter Monitor
– DS Directory Reads/sec
– DS Directory Writes/sec
– LDAP Client Sessions
– LDAP Bind Time
– Threshold: Dinamik baseline
“`
### 1.2 Özel Monitör Kuralları
“`powershell
# Örnek Monitor Rule
Type: Aggregate Rollup
Rule Name: AD Replication Health State
Parameters:
– Monitor Type: AD Replication
– Percentage Failed: 20%
– Sample Count: 5
– Time Window: 15 minutes
“`
## 2. Alert Yapılandırması
### 2.1 Kritik Alertler
1. **Replikasyon Gecikmesi**
“`xml
<Alert>
<Name>High Replication Latency</Name>
<Description>Replication delay exceeded threshold</Description>
<Threshold>
<Value>180</Value>
<Unit>Minutes</Unit>
</Threshold>
<Priority>High</Priority>
<AutoResolve>False</AutoResolve>
</Alert>
“`
2. **Replikasyon Hatası**
“`xml
<Alert>
<Name>Replication Failure</Name>
<Description>Consecutive replication failures detected</Description>
<Threshold>
<Count>3</Count>
<TimeWindow>15</TimeWindow>
</Threshold>
<Priority>Critical</Priority>
<AutoResolve>False</AutoResolve>
</Alert>
“`
### 2.2 Uyarı Monitörleri
“`
– Tombstone Lifetime Monitor
– Warning: 45 days
– Critical: 55 days
– Action: Email + Ticket
– Lingering Object Detection
– Interval: Daily
– Action: Email + Script
“`
## 3. Performance Collection Rules
### 3.1 Temel Metrikler
“`
Collection Interval: 5 minutes
Metrics:
– DS Directory Reads/sec
– DS Directory Writes/sec
– LDAP Client Sessions
– LDAP Bind Time
– DRA Pending Replication Operations
– DRA Pending Replication Synchronizations
“`
### 3.2 Özel Koleksiyon Kuralları
“`powershell
# Replikasyon Performans Verisi
Rule Name: AD Replication Performance Collection
Collection Interval: 300 seconds
Target: Domain Controllers
Counters:
– \DirectoryServices\DS Directory Reads/sec
– \DirectoryServices\DS Directory Writes/sec
– \DirectoryServices\LDAP Client Sessions
“`
## 4. Diagnostic ve Recovery Tasks
### 4.1 Otomatik Teşhis Görevleri
“`powershell
# Replikasyon Durum Kontrolü
Task Name: Check Replication Health
Script:
repadmin /showrepl * /csv > replstatus.csv
Import-Csv replstatus.csv | Where-Object {$_.”Number of Failures” -gt 0}
Schedule: Every 4 hours
“`
### 4.2 Recovery Tasks
“`powershell
# Otomatik Replikasyon Tetikleme
Task Name: Force Replication
Script:
repadmin /syncall /A /e /P
Trigger: Manual + Alert Response
“`
## 5. Dashboard ve Raporlama
### 5.1 SCOM Dashboard Bileşenleri
“`
Dashboard Elements:
1. Replication Status Widget
– Current Status
– Last Successful Sync
– Failed Attempts
2. Performance Widget
– LDAP Operations/sec
– Replication Latency
– Queue Length
3. Health State Widget
– DC Health
– Replication Health
– Service Health
“`
### 5.2 Özel Raporlar
“`sql
— Replikasyon Performans Raporu
SELECT
ComputerName,
TimeGenerated,
ReplicationLatency,
FailureCount,
LastSuccessSync
FROM
PerformanceData
WHERE
TimeGenerated > DATEADD(day, -7, GETDATE())
ORDER BY
TimeGenerated DESC
“`
## 6. Best Practices
### 6.1 Monitör Yapılandırması
1. **Threshold Ayarları**
– Replikasyon Gecikmesi: 180 dakika
– Consecutive Failures: 3
– Collection Interval: 5 dakika
2. **Alert Konfigürasyonu**
– Critical alerts için SMS
– Warning alerts için email
– Information alerts için log
### 6.2 Maintenance Windows
“`
Maintenance Window Configuration:
– Weekly Window: Pazar 02:00-06:00
– Monthly Window: Ayın ilk Cumartesi 23:00-03:00
– Suppress Alerts: True
– Exclude Critical Alerts: False
“`
## 7. Sorun Giderme
### 7.1 Yaygın Alert Çözümleri
1. **High Replication Latency**
“`powershell
# Çözüm Adımları
1. repadmin /showrepl
2. Check network connectivity
3. Verify DNS resolution
4. Check AD service status
“`
2. **Replication Failures**
“`powershell
# Teşhis Adımları
1. dcdiag /test:replications
2. repadmin /showrepl * /csv
3. Check Event Viewer
4. Verify Firewall Rules
“`
## 8. Önemli PowerShell Scriptleri
### 8.1 Health Check Script
“`powershell
# AD Replikasyon Sağlık Kontrolü
$DCs = Get-ADDomainController -Filter *
foreach ($DC in $DCs) {
$Results = repadmin /showrepl $DC.HostName
$Status = $Results | Select-String “failed”
if ($Status) {
Write-Host “Replication issues found on $($DC.HostName)”
Send-MailMessage -To “admin@domain.com” -Subject “Replication Alert”
}
}
“`
### 8.2 Performans İzleme Scripti
“`powershell
# Performans Verisi Toplama
$Counter = “\DirectoryServices\DS Directory Reads/sec”
Get-Counter -Counter $Counter -SampleInterval 5 -MaxSamples 12 |
Select-Object -ExpandProperty CounterSamples |
Select-Object -Property CookedValue, TimeStamp
“`
Bu detaylı SCOM monitör yapılandırması:
– Temel ve gelişmiş monitörleri içerir
– Alert yapılandırmalarını detaylandırır
– Performans metriklerini açıklar
– Otomatik teşhis ve düzeltme görevlerini tanımlar
– Dashboard ve raporlama örnekleri sunar
– Best practices ve sorun giderme yöntemlerini içerir
