Active Directory 2016 Domain Controller Security

Use this template to check locked, disabled users, and events from Windows security log related to Windows 2016 Domain Controller security.

Prerequisites

WinRM must be installed and properly configured on the target server

WMI access to the target server

Enable audit on domain controller (success and failure) for Account Management, Logon Events, Policy Changes, and System Events

Credentials

Windows Administrator on the target server

All monitors (except “Locked out users” and “Disabled users”) should return zero values. Returned values other than zero may indicate an abnormality, but not always. Examine the Windows security log file for details.

For a list of Component Monitors included in this template, select the template on the Manage Templates page and click Edit.

Periodically, SolarWinds releases SAM templates to support the latest product versions such as Microsoft Server 2019. You can continue using templates for older product versions, but updating to the latest template is recommended.