Updated Active Directory Management Pack Released - version 6.0.7822.0
We have just released and updated version of the Active Directory Management Pack (version 6.0.7822.0) that corrects the problems addressed in my recent “Addendum” MP. Once this new ADMP is imported, the Addendum MP can be removed.
The new ADMP and guide can be downloaded from https://www.microsoft.com/download/en/details.aspx?displaylang=en&id=21357.
Here is a list of fixes, from the MP Guide:
Fix |
Operating system monitoring rules impacted |
Corrected some Publisher names (for example, changed from PublisherName=KDC to PublisherName=Microsoft-Windows-Kerberos-Key-Distribution-Center). |
Windows Server 2008 and later |
Updated several important rules to generate Alerts and not only go to the Event Viewer. |
Windows Server 2008 and later |
Removed unnecessary check for Event Source Name for all NTDS rules (for example, removed EventSourceName=”NTDS General”). |
Windows Server 2003 and later |
Corrected event parameter validation. |
Windows Server 2003 and later |
Updated some queries to search for correct event IDs. |
Windows Server 2003 and later |
Fixed spelling errors. |
Windows Server 2003 and later |
Added missing descriptions to several rules. |
Windows Server 2003 and later |
Fixed several problems with Health Monitoring scripts. |
Windows Server 2003 and later |
Removed user name checks from Userenv rules. |
Windows Server 2003 |