System Monitoring Plug-in Installation Guide for Microsoft Active Directory
Release 10 (184.108.40.206.0)
Microsoft Active Directory, which is included with Microsoft Windows Server 2003 and Microsoft Windows Server 2008 operating systems, is a directory service enabling centralized, secure management of an entire network. It is used to manage identities and broker relationships between distributed resources.
Oracle System Monitoring Plug-In for Microsoft Active Directory extends Oracle Enterprise Manager Grid Control (Grid Control) to add support for managing Microsoft Active Directory instances.
Oracle Enterprise Manager System Monitoring Plug-In Installation Guide for Microsoft Active Directory (this document) introduces the plug-in and provides step-by-step instructions on how to download, deploy, verify, and validate the plug-in.
Note:You can access the latest version of this document at any time from Oracle Technology Network (OTN) available at the following URL.
On the main documentation page, from the table, click View Library. On the Enterprise Manager documentation library page, click the Documentation tab, and scroll down to see this document in the portlet System Monitoring Plug-ins.
The System Monitoring Plug-in for Microsoft Active Directory extends Oracle Enterprise Manager Grid Control to add support for managing the Microsoft Active Directory instances. By deploying the plug-in within your Grid Control environment, you gain the following management features:
Monitor availability and performance.
Perform trend analysis on collected performance information.
View and compare configuration data, as well as track configuration changes.
Receive email and/or page notification concerning potential problems surrounding availability, performance, and/or configuration data.
Gain access to rich out-of-box reports.
Support monitoring by a local or remote Oracle Management Agent (Agent). Local Agent is an agent running on the same host as the Microsoft Active Directory. Remote Agent is an agent running on a host that is different from the host where Microsoft Active Directory is running.
This plug-in supports the following versions of products:
Enterprise Manager Grid Control 10g Release 2 (10.2.0.2) or higher
Oracle Management Agent 10g Release 2 (10.2.0.2) or higher for Microsoft Windows
Microsoft Windows 2003 Active Directory and Microsoft Windows 2008 Active Directory
Microsoft Active Directory running on Microsoft Windows Server 2003 or Microsoft Windows Server 2008 operating systems (see note below).
Note:For information on the editions (such as Enterprise, Standard, and so forth) and versions of Windows operating systems that this Microsoft product is supported to run on, refer to the Microsoft Web site and/or documentation.
The following prerequisites must be met before you can deploy the plug-in:
Microsoft Windows 2003 Active Directory or Microsoft Windows 2008 Active Directory is installed.
The following components of Oracle Enterprise Manager 10g Grid Control release 2 or higher are installed:
Oracle Management Service with Oracle Management Repository
Oracle Management Agent for Windows
You can install the Agent on the same computer as Active Directory (referred to as local Agent monitoring), or you can install the Agent on a different computer from Active Directory (referred to as remote Agent monitoring).
Ensure that the Windows Management Instrumentation Service is up and running.
For remote Agent monitoring, a remote Agent must be properly configured. See "Configuring a Remote Agent" for the procedure.
User privileges for the Job system of Enterprise Manager. For the procedure, refer to "Setting Credentials for the Job System to Work with Enterprise Manager" in one of the following installation guides:
Oracle Database Installation Guide 10g Release 2 (10.2) for Microsoft Windows (32-Bit) — B14316-01
Oracle Database Installation Guide 10g Release 2 (10.2) for Microsoft Windows (64-Bit) on Intel Itanium — B14317-02
Oracle Database Installation Guide 10g Release 2 (10.2) for Microsoft Windows (x64) — B15681-02
These guides are listed in the Installation Guides section of the Oracle Database Documentation Library at the following location:
Note:If you do not assign the correct privileges for users, the deployment will fail.
If you want to use version 220.127.116.11.0 of the Microsoft Active Directory plug-in, then install this version on Oracle Management Agent 10g Release 2 (10.2.0.2) for Microsoft Windows.
After you ensure that the prerequisites are met, follow these steps to deploy the plug-in:
Download the Active Directory Plug-in archive to your desktop or computer on which the browser is launched. You can download the archive from Oracle Technology Network (OTN) or from the product DVD.
Log in to Enterprise Manager Grid Control as a Super Administrator.
Click the Setup link in the upper right corner of the Grid Control Home page, then click the Management Plug-ins link on the left side of the Setup page.
Click Browse and select the plug-in archive.
Click List Archive.
Select the plug-in and click OK.
Verify that you have set preferred credentials on all Agents where you want to deploy the plug-in.
In the Management Plug-ins page, click the icon in the Deploy column for the Active Directory plug-in. The Deploy Management Plug-in wizard appears.
Click Add Agents, then select one or more Agents to which you want to deploy the plug-in. The wizard reappears and displays the Agent you selected.
Click Next, then click Finish.
If you see an error message stating that the preferred credential is not set up, go to the Preferences page and add the preferred credentials for the Agent target type.
After successfully deploying the plug-in, follow these steps to add the plug-in target to Grid Control for central monitoring and management:
From the Agent home page where the Microsoft Active Directory Plug-in was deployed, select the Microsoft Active Directory target type from the Add drop-down list, then click Go. The Add Microsoft Active Directory page appears.
Provide the following information for the properties:
Name — Unique target name across all the Grid Control targets, such as ActiveDirectory_Hostname. This name represents this Active Directory target across all user interfaces within Grid Control.
Host — Host name or IP address of the computer hosting the Active Directory
Username — Host user name that must be an Administrator user or a user that is part of the Domain Admin Group. Required only for remote Agent monitoring.
Password — Password for the Username. Required only for remote Agent monitoring
Agent Location — Remote specifies that the Agent monitoring Active Directory targets is not on the same computer as the target being monitored. (See "Configuring a Remote Agent" for more information.) Local specifies that the Agent monitoring the target is on the same computer as the target being monitored. Note that remote and local are case-sensitive and should be lowercase.
Click Test Connection to make sure the parameters you entered (such as the password) are correct.
Reenter the encrypted parameters from step 2 if the connection test was successful, then click OK.
Note:After you deploy and configure the plug-in to monitor one or more targets in the environment, you can customize the monitoring settings of the plug-in. This alters the collection intervals and threshold settings of the metrics to meet the particular needs of your environment. If you decide to disable one or more metric collections, this could impact the reports that the metric is a part of.
After waiting a few minutes for the plug-in to start collecting data, use the following steps to verify and validate that Enterprise Manager is properly monitoring the plug-in target:
Click the Active Directory target link from the Agent home page Monitored Targets table. The Microsoft Active Directory home page appears.
Verify that no metric collection errors are reported in the Metrics table.
Ensure that reports can be seen and no errors are reported by selecting the Reports property page.
The steps for deploying the plug-in are the same for remote Agent monitoring and local Agent monitoring. However, if the Agent is on a remote computer from the plug-in target, certain configuration changes are required to access the Windows Management Instrumentation (WMI) data on the computer where the plug-in target resides.
In a scenario where Computer A runs the Agent, and the target is installed on computer B, do the following to set up Computer A:
Go to the Windows Control Panel and select Administrative Tools, then Services.
Select the Oracle Enterprise Manager Agent service from the listed computer where the Agent is running.
Right-click the service, then select Properties.
Click the Log On tab. By default, this service is started with the Local System account.
Change the default account by selecting the This account radio button, and provide an account and password that exist on both computer A and computer B.
Note that the account should be a member of the Administrators group, and the account should have administrative privileges on computer B. The password should not be left blank.
Click OK, then restart the Agent service.
Ensure that the Remote Registry Service for computer B is up and running.
Ensure that the Windows Management Instrumentation Service is up and running on both computers.
The Agent should now be able to collect data from the remote plug-in target computer. If the configuration above is not initiated, metric collection errors can appear for the plug-in target's metrics.
To ensure that metric collection errors do not occur within Enterprise Manager, Oracle recommends reviewing the Microsoft documentation on the WMI setup. Refer to the Microsoft documentation from the Microsoft website for additional configuration details.
Note:For remote Agent monitoring with default settings, Grid Control can monitor only the Active Directory associated with the primary domain controller.
For a remote Agent, the platform to which the Agent is installed can be any Windows type that may not be supported for Active Directory. For example, if Active Directory is running on Windows 2003, you can install the remote Agent on Windows XP to monitor it.
Follow these steps to undeploy the plug-in from an Agent:
Log in to Enterprise Manager Grid Control as a Super Administrator.
Select the Targets tab, then the All Targets subtab. The All Targets page appears.
Select the Active Directory Plug-in target and click Remove. You must do this step for all targets of the plug-in.
Click the Setup link in the upper right corner of the All Targets page, then click the Management Plug-ins link on the left side of the Setup page. The Management Plug-ins page appears.
Make sure that the preferred credentials are set on the Agents where the plug-in is deployed.
Click the icon in the Undeploy column for the Active Directory Plug-in. The Undeploy Management Plug-in page appears.
Check all the Agents that are currently deployed with the Active Directory Plug-in and click OK.
You must undeploy the plug-in from every Agent in the system to completely remove it from the enterprise.
Select the Microsoft Active Directory Plug-in on the Management Plug-ins page and click Delete.
Our goal is to make Oracle products, services, and supporting documentation accessible, with good usability, to the disabled community. To that end, our documentation includes features that make information available to users of assistive technology. This documentation is available in HTML format, and contains markup to facilitate access by the disabled community. Accessibility standards will continue to evolve over time, and Oracle is actively engaged with other market-leading technology vendors to address technical obstacles so that our documentation can be accessible to all of our customers. For more information, visit the Oracle Accessibility Program Web site at
Screen readers may not always correctly read the code examples in this document. The conventions for writing code require that closing braces should appear on an otherwise empty line; however, some screen readers may not always read a line of text that consists solely of a bracket or brace.
This documentation may contain links to Web sites of other companies or organizations that Oracle does not own or control. Oracle neither evaluates nor makes any representations regarding the accessibility of these Web sites.
To reach Oracle Support Services, use a telecommunications relay service (TRS) to call Oracle Support at 1.800.223.1711. An Oracle Support Services engineer will handle technical issues and provide customer support according to the Oracle service request process. Information about TRS is available at
http://www.fcc.gov/cgb/consumerfacts/trs.html, and a list of phone numbers is available at
System Monitoring Plug-in Installation Guide for Microsoft Active Directory, Release 10 (18.104.22.168.0)
Copyright © 2009 Oracle. All rights reserved.
The Programs (which include both the software and documentation) contain proprietary information; they are provided under a license agreement containing restrictions on use and disclosure and are also protected by copyright, patent, and other intellectual and industrial property laws. Reverse engineering, disassembly, or decompilation of the Programs, except to the extent required to obtain interoperability with other independently created software or as specified by law, is prohibited.
The information contained in this document is subject to change without notice. If you find any problems in the documentation, please report them to us in writing. This document is not warranted to be error-free. Except as may be expressly permitted in your license agreement for these Programs, no part of these Programs may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose.
If the Programs are delivered to the United States Government or anyone licensing or using the Programs on behalf of the United States Government, the following notice is applicable:
U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the Programs, including documentation and technical data, shall be subject to the licensing restrictions set forth in the applicable Oracle license agreement, and, to the extent applicable, the additional rights set forth in FAR 52.227-19, Commercial Computer Software--Restricted Rights (June 1987). Oracle USA, Inc., 500 Oracle Parkway, Redwood City, CA 94065
The Programs are not intended for use in any nuclear, aviation, mass transit, medical, or other inherently dangerous applications. It shall be the licensee's responsibility to take all appropriate fail-safe, backup, redundancy and other measures to ensure the safe use of such applications if the Programs are used for such purposes, and we disclaim liability for any damages caused by such use of the Programs.
Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.
The Programs may provide links to Web sites and access to content, products, and services from third parties. Oracle is not responsible for the availability of, or any content provided on, third-party Web sites. You bear all risks associated with the use of such content. If you choose to purchase any products or services from a third party, the relationship is directly between you and the third party. Oracle is not responsible for: (a) the quality of third-party products or services; or (b) fulfilling any of the terms of the agreement with the third party, including delivery of products or services and warranty obligations related to purchased products or services. Oracle is not responsible for any loss or damage of any sort that you may incur from dealing with any third party.