Documentation forServer & Application Monitor
Monitoring your applications and environment is a key capability of Hybrid Cloud Observability and is also available in a standalone module, Server & Application Monitor (SAM). Hybrid Cloud Observability and SAM are built on the self-hosted SolarWinds Platform.

Active Directory 2016 Domain Controller Security

This SAM application monitor template to check locked, disabled users, and events from Windows security log related to Windows 2016 Domain Controller security.


WinRM must be installed and properly configured on the target server

WMI access to the target server

Enable audit on domain controller (success and failure) for Account Management, Logon Events, Policy Changes, and System Events


Windows Administrator on the target server

All monitors (except “Locked out users” and “Disabled users”) should return zero values. Returned values other than zero may indicate an abnormality, but not always. Examine the Windows security log file for details.

For a list of SAM component monitors included in this template, select the template on the Manage Templates page and click Edit.