Configure systems as DCs running Active Directory (AD) Domain Services on a supported OS, including:

• Windows Server 2012 R2
• Windows Server 2016
• Windows Server 2019

Only Microsoft DNS servers are currently supported.

Add DCs to the SolarWinds Platform as monitored nodes.

• Select "Windows Servers: WMI and ICMP" as the polling method so AppInsight widgets can display node status and names via WMI. If you select ICMP, nodes cannot supply DNS or SysName values required to compute replications for destination DC FQDN names.
• If using Discovery to assign AppInsight to nodes, enable WMI on DCs so they can be detected.

Provide domain credentials for an account that SAM can use to log in to AD to collect data.

• The account must be in the same domain as the DC, with read/write access to monitored AD instances and services.
• Local admin privileges are required to assign AppInsight to nodes, but they are not needed for monitoring after setup.

Recommended: Use a dedicated AD account with limited permissions. See Set up AppInsight for Active Directory monitoring under the context of a "Least Privileges" account.

The default ports for AppInsight for Active Directory appear below. To adjust port settings for individual domain controllers, see Configure AppInsight for Active Directory on nodes.

• LDAP: 389
• LDAPS: 636
• Global Catalog (GC): 3268

See also How AppInsight collects Active Directory data, below.

AD does not support encryption so the encryption method to connect to domain controllers is set to None, by default.

To use SSL or StartTLS, add an LDAP certificate to the server manually.