ADMP Replication Monitor and Unmanaged DC

Operation Manager 2007’s Active Directory Management Pack (ADMP) is designed for managing all domain controllers within a given site or organization.  However, we recently encountered one of the rare instances when not all DCs are managed – a client was in the process of retiring one of three DCs in their domain and wanted to remove it from our Managed Services offering.

We went through the normal steps for removing a server from Operations Manager 2007 – uninstalled the OM Agent, deleted the server from the OM database, deleted automated reports, etc.  Within 24 hours, however, the Active Directory Replication Monitor began alerting our Operations Center that a domain controller had failed to update its MOMLatencyMonitor object within the specified time period (24 hours by default).  The retired server’s MOMLatencyMonitor object had been deleted from Active Directory during its removal from Managed Services so how was the ADMP still aware of the unmanaged, albeit still running, domain controller?

Windows Server 2003 adds two additional Active Directory application naming contexts, DomainDNSZones and ForestDNSZones, when you Active Directory Integrate a DNS zone on a domain controller.  We use ADSI Edit to modify the objects and attributes of these naming contexts as follows:

  1. Click Start > Run, type adsiedit.msc in the textbox, and click the OK button.
  2. In the ADSI Edit task pane, right-click ADSI Edit and select Connect to from the menu.
  3. In the Connection Point section of the Connection Settings dialog box shown below, select the Select or type a Distinguished Name or Naming Context option, type the following in the textbox, substituting the appropriate domain and extension values, and then click the OK button:

    DC=DomainDNSZones,DC=Domain,DC=Domain_extension

    ADSI Edit Connection Settings

    ADSI Edit Connection Settings

  4. In the ADSI Edit task pane, locate and click on the CN=MOMLatencyMonitors container as shown below.

    ADSI Edit

    ADSI Edit

  5. In the details pane to the right, locate and delete the directory for the server that is no longer managed.
  6. Repeat steps 3-5 and specify ForestDNSZones in the Connection Point string rather than DomainDNSZones.
  7. Close the ADSI Edit window.

Now the ADMP Replication Monitor will only monitor and alert on the remaining managed domain controllers.

This entry was posted on Wednesday, November 19th, 2008 at 11:29 am and is filed under Operations Manager 2007. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply