1 / 88

運用 SCOM2007 監控企業網路應用程式

Welcome. 運用 SCOM2007 監控企業網路應用程式. 以 AD、Exchange Server 為例. 運用 SCOM2007 監控 Active Directory. Getting Started – Import Management Pack Optional Configuration Active Directory Management Pack 的安全性考量 Active Directory Management Pack 的剖析 Troubleshooting.

krisalyn
Download Presentation

運用 SCOM2007 監控企業網路應用程式

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Welcome 運用SCOM2007監控企業網路應用程式 以AD、Exchange Server為例

  2. 運用 SCOM2007 監控 Active Directory • Getting Started – Import Management Pack • Optional Configuration • Active Directory Management Pack 的安全性考量 • Active Directory Management Pack 的剖析 • Troubleshooting

  3. Getting Started – Import Management Pack 下載最新的 Active Directory Management Pack • 你可以在以下的網址找到 Microsoft Activr Directory Management Pack -http://go.microsoft.com/fwlink/?LinkId=82105 • 你可以在以下的網址找到最新的文件 - http://go.microsoft.com/fwlink/?LinkId=85414

  4. Getting Started – Import Management Pack Active Directory Management Pack 新功能 • Domain discovery that enables Operations Manager 2007 to automatically discover domains in your Active Directory environment。 • New performance and client monitoring views to provide more ways to view your monitoring data。 • A new child domain topology view, allowing you to see subdomains of other domains 。 • 新的 dashboard views 整合多個 views 到單一 view 中。

  5. Getting Started – Import Management Pack Before Import Active Directory Management Pack SCOM 2007針對Active Directory Domain Services (AD DS)提供兩種類型的 Management Pack。 • 監控 Domain Controllers • 監控 Active Directory Clients Management Pack 的限制 • 兩種 Management Pack 都不支援 Agentless 的監控方式。 • Active Directory Management Pack 不支援跨多個 forests。 事前準備: • 決定是否需要部署Active Directory Client Management Pack。 • 確認每台Domain Controller以及Client已經安裝SCOM 2007 Agent。 • 如果決定要使用Active Directory Client Management Pack,請部屬於有執行 directory-enabled applications 的電腦上,例如Microsoft Exchange Server 2000 或 2003。

  6. Getting Started – Import Management Pack 下載 Active Directory Management Pack 的相關檔案,包含:

  7. Demonstration Import Management Pack

  8. Getting Started – Import Management Pack AfterImport Active Directory Server Pack Enable the Agency Proxy Setting on All Domain Controllers Note: 如果你不想變更這安全性選項或者不需要Discovery connection objects,你可以透過override來停用 AD Remote Topology discovery rule。

  9. Getting Started – Import Management Pack AfterImport Active Directory Server Pack Configure an Account for Replication Monitoring Note: 請使用一組專用的帳號,並將此帳號設成密碼不會過期,一但密碼過期,Replication 的監控就會停止。

  10. Getting Started – Import Management Pack AfterImport Active Directory Server Pack Configure an Account for Replication Monitoring

  11. Getting Started – Import Management Pack AfterImport Active Directory Server Pack Configure an Account for Replication Monitoring

  12. Getting Started – Import Management Pack AfterImport Active Directory Server Pack Configure an Account for Replication Monitoring

  13. Getting Started – Import Management Pack AfterImport Active Directory Client Management Pack Enable client Monitoring • Open the Operations Console, and then click the Authoring button. • Expand Management Pack Objects, and then click Object Discoveries. • Locate the AD Client Monitoring Discovery rule. If you do not see the rule, check that your scope is set to include the Active Directory Client Perspective by clicking the Change Scope link at the top of the Actions pane. • Right-click the rule and select to override the object discovery for all computers running Windows or for all objects in a group. • In the Override Properties window, select Override. • Change the Override Setting to True. In the Select destination management pack pull-down menu, select a Management Pack. • Click OK to enable the Client Pack.

  14. Optional Configuration

  15. Optional Configuration Setting the Intersite Replication Latency Threshold Value

  16. Optional Configuration Disabling Performance Data

  17. Optional Configuration Enable Data Collection for the Replication Latency Report

  18. Optional Configuration Setting Parameters for Tasks • NETDIAG • NETDOM • NLTEST • REPADMIN • SETSPN

  19. Active Directory Management Pack 的安全性考量 • 使用低權限帳號時,必須符合以下條件: • 必須是 local user group 的成員 • 必須是 local Performance Monitor user group 的成員 • 必須有登入本機的權限 • 注意: • AD Topology Discovery 需要高權限的帳號來執行,預設會自動使用Local System來執行,並不需要使用者來指定。

  20. Active Directory Management Pack 的安全性考量 ComputerGroups • AD Domain Controller Group (Windows 2000 Server) • AD Domain Controller Group (Windows Server 2003) • AD Monitoring Client Computer Group

  21. Active Directory Management Pack 的剖析 • Objects Discovered by the Active Directory Management Pack • How Health Rolls Up • Key Monitoring Scenarios • Viewing Information • Management Pack Details

  22. Active Directory Management Pack 的剖析 Objects the Active Directory Management Pack Discovets • Domain controllers • Global catalogs • Sites • Forests • Site links • Connection objects

  23. Active Directory Management Pack 的剖析 How Health Rolls Up

  24. Active Directory Management Pack 的剖析 Key Monitoring Scenarios • Active Directory 提供的監控項目: • Client-Side Monitoring • Active Directory Trust Relationships • Account and Authentication Problems • Net Logon Service • Universal Group Membership Caching • Dependent Services • Active Directory Availability • Replication • Performance Monitoring

  25. Active Directory Management Pack 的剖析 Key Monitoring Scenarios

  26. Active Directory Management Pack 的剖析 Key Monitoring Scenarios –續-

  27. Active Directory Management Pack 的剖析 Key Monitoring Scenarios –續-

  28. Active Directory Management Pack 的剖析 Key Monitoring Scenarios –續-

  29. Active Directory Management Pack 的剖析 Key Monitoring Scenarios –續-

  30. Active Directory Management Pack 的剖析 Viewing Information • DC Active Alerts • DC State • Client-Side Monitoring • Active Directory Performance Views • Replication Views • Topology Views

  31. Active Directory Management Pack 的剖析 Client Monitoring Views

  32. Active Directory Management Pack 的剖析 Active Directory Performance Views

  33. Active Directory Management Pack 的剖析 Replication Monitoring Views

  34. Active Directory Management Pack 的剖析 TopologyViews

  35. Active Directory Management Pack 的剖析 Reports 你可以使用Active Directory Management Pack提供的報表來了解特定期間的趨勢狀態。所提供的報表有: • Configuration Information • Operations Information • 各式各樣其他的 Reports

  36. Active Directory Management Pack 的剖析 Configuration Information Reports

  37. Active Directory Management Pack 的剖析 OperationsInformation Reports

  38. Active Directory Management Pack 的剖析 MiscellaneousReports

  39. Active Directory Management Pack 的剖析 Management Pack Details

  40. Trobleshooting 你可以在這個網址找到相關資訊 – http://go.microsoft.com/fwlink/?LinkId=29499

  41. Getting Started – Import Management Pack Optional Configuration Exchange Server Management Pack 的安全性考量 Exchange Server Management Pack 的剖析 運用 SCOM2007 監控 Exchange Server

  42. Getting Started – Import Management Pack 下載最新的 Exchange Server Management Pack • 你可以在以下的網址找到 Microsoft Exchange Server Management Pack -http://go.microsoft.com/fwlink/?LinkId=82105 • 你可以在以下的網址找到最新的文件 - http://go.microsoft.com/fwlink/?LinkId=85414

  43. Getting Started – Import Management Pack Exchange Server Management Pack 新功能 • 自動調整 e-mail message queuethresholds ,透過學習過程判斷特定效能常態值並自動設定(alert)門檻值 • 從 operations console 叫用Exchange Server System Manager • 實施Exchange MAPI Logon模擬, 獲取相關資訊 • 新增的 Agent tasks: • 安裝Exchange Server Best Practices Analyzer • 執行 local domain controllers query • 啟動、停止、暫停和重新啟動Exchange Server相關服務

  44. Getting Started – Import Management Pack Brfore Import Management Pack • 建議加強Exchange環境的安全性 • 在Exchange front-end servers啟用Secure Sockets Layer (SSL) • 儲存Message Tracking Log的分享資料夾已受保護 • SMTP 資料夾採用 NTFS file system partition • 不接受SMTP 匿名 relay • 為Exchange Servers做必要的設定,以便提供Operations Manager 2007 進行監控 • 更新 .NET Framework hotfix

  45. Getting Started – Import Management Pack 下載 Exchange Server Management Pack 的相關檔案,包含: • Microsoft.Exchange.Server.Library.MP (Exchange Server Core Library) • Microsoft.Exchange.Server.2003.Monitoring.MP (Exchange Server 2003 Discovery) • Microsoft.Exchange.Server.2003.Monitoring.MP (Exchange Server 2003 Monitoring) • Microsoft Exchange Server Management Pack Configuration Wizard 建議: (服務系統的相關設備監測) • 至少應選用Active Directory Domain Services (AD DS) Management Pack • 其他: 監控執行Exchange Server的OS 、監控 Internet Information Services (IIS)、監控網路設備(例如:router)等

  46. Getting Started – Import Management Pack Agent-Managed 必須安裝 SCOM 2007 Agent 才能提供所有的監控功能 Agentless Managed ExchangeServer Management Packs for Operations Manager 2007 不支援 agentless 方式的監控。

  47. Demonstration Import Management Pack

  48. Getting Started – Import Management Pack Run the Exchange Management Pack Configuration Wizard Requirements • 需有安裝 .NET Framework 1.1 與 Exchange System Manager。 • 安裝的使用者必須有本機 Administrator 的權限。 • 所有需要設定的 Exchange 必須安裝 SCOM 2007 Agent與啟動 Remote Registry Service。 • 執行 wizard 的帳號必須有 Exchange full administrator rights。

  49. Getting Started – Import Management Pack Run the Exchange Management Pack Configuration Wizard Install the Configuration Wizard • 執行 MPConfigApp.exe 來解開 Configapp.msi 檔案。 • 執行 ConfigApp.msi,必依指示來完成安裝。

  50. Getting Started – Import Management Pack Run the Exchange Management Pack Configuration Wizard 使用預設值進行設定時啟用的監控項目 • Enables message tracking. • Enables service monitoring of the following services: • Microsoft Exchange Information Store • Microsoft Exchange Management • Microsoft Exchange MTA Stacks • Microsoft Exchange System Attendant • Simple Mail Transfer Protocol (SMTP) • World Wide Web Publishing Service • Creates a Test mailbox on the First Mailbox Store of Exchange. • Enables server availability monitoring, and lets you identify the sending and receiving mail servers for the mail flow test. • Creates the Mailbox Access Account and mailbox.

More Related