OverviewThe System Center Management Pack for Active Directory Federation Services (AD FS) monitors events that the AD FS 2.0 Windows service records in the AD FS 2.0 event logs, and it monitors the performance data that the AD FS 2.0 performance counters collect. It also monitors the overall health of the AD FS 2.0 system and the federation passive application, and it provides alerts for critical issues and warning issues.
This management pack includes monitoring of the following core components: token issuance, token acceptance, artifact service, websites, trust management, certificate rollover, and Windows Internal Database synchronization.
October 2012 Update
This update includes changes in the following table in order to enable the AD FS MP to monitor AD FS 2.1 in Windows Server 2012 in addition to AD FS 2.0 that is included Windows Server 2008 R2.
- Replace deprecated Windows PowerShell cmdlets in Windows Server 2012
- The original management pack calls get-pssnapin –registered | add-pssnapin, which is deprecated in Windows PowerShell in Windows Server 2012. The equivalent call import-module was added to handle the Windows Server 2012 case.
- New Windows Internal Database (WID) connection string in Windows Server 2012
- Windows Server 2012 has a new connection string for WID. The new connection string was added to the management pack to handle the case for Windows Server 2012.
- Product versioning in Windows Server 2012
- AD FS 2.0 in Windows Server 2008 R2 has the substring “20” in the name of its event publisher, performance counter, and log. However, AD FS 2.1 in Windows Server 2012 has the substring “20” removed from the names. The management pack was updated to handle both versions of the name.
- Events that indicate service outages and operational errors or warnings
- Alerts that indicate configuration issues and background tasks failures or warnings
- Whether auditing is occurring successfully
- Communication between the federation server and the federation server proxy
- Notification of malformed access requests
- Website availability
- The health of the Secure Sockets Layer (SSL) certificate of the federation passive website in Internet Information Services (IIS)
This MP is now available at the download center and in the MP catalog