Azure Active Directory Connect Health : User guide

Azure Active Directory Connect Health enables you to monitor, get reports and usage insights about the services you monitor with. This post aims to see how to access and use the AD Connect Health portal.

Prerequisites

– Only users within the Global Admin role of the Azure Active Directory tenant can gain access to Azure Active Directory Connect Health feature. Till this time, RBAC feature is only provided for Azure Subscriptions, without a subscription, you cannot assign users to Azure User roles.

– Access to the Azure Directory Connect Health is only possible via the Azure Preview Portal (Azure Preview Portal)

Connection

Connect and sign in to the Azure Preview Portal with an account part of the Global Admin Azure AD role. The first step is to deploy the Azure Active Directory Connect Health service to your portal. Go to NEW > Identity > Azure AD Connect Health > Create

Snap 2015-05-07 at 12.12.38

(Picture Credit : SAMIR FARHAT)

The Connect Health tile will be added to the Start Board panel (Home).

Snap 2015-05-07 at 12.15.36

(Picture Credit : SAMIR FARHAT)

Now you can click it to access to the Connect Health service. You will land on the Azure Active Directory Connect Health welcome blade.

Azure AD Connect Health  blades

On the Welcome blade, we can find 3 main sections : Summary, Services and Configure.

Snap 2015-05-07 at 12.26.30

(Picture Credit : SAMIR FARHAT)

Summary

The Summary section contains a Quick Start button. It will lead you to a blade where you can get (download) the Azure AD Connect health agent, access to the Azure AD Connect health documentation and provide feedback to the relative Azure team

Snap 2015-05-07 at 12.26.43

(Picture Credit : SAMIR FARHAT)

Configure

The Configure button will permit you to access the blade to configure two options:

  • Allow the agents automatic update : By default this option is enabled (ON). Agents installed on managed servers will be updated automatically when new versions are available.
  • Allow Microsoft to access the tenant’s health information : This option is disabled by default. It will permit to Microsoft to access the heath information to help you troubleshoot some issues in case of support. Disable it in case you are not in a ongoing support with Microsoft.

Snap 2015-05-07 at 12.26.58

(Picture Credit : SAMIR FARHAT)

Services

This is the main button to access the information and the main blades. It gives you a view of the services being managed by AD Connect Health. In my case, only ADFS services are managed. Click on the service to access the next blade.

Snap 2015-05-07 at 14.53.47

(Picture Credit : SAMIR FARHAT)

Hint : Due  to the continuous improvements of the Azure portal, you can reduce or maximize the blades. This will permit you to focus on the blade your are working on

The blade exposes 4 sections: Overview, Operations, Monitoring and Usage Analytics

Overview : This button will take you to the next blades where you can access each monitored servers details like alerts, monitoring information, properties and so on.

Operations : This button will lead you to the Alerts blade where you can access each server alert and related information.

Monitoring : This button will open the blade where you can see each server monitoring information

Usage Analytics : This blade will provide you with  some usage information related to your managed services

Hint: Using the Overview button, you will access the operations and Monitoring information too (The same information). The difference is that using the Overview button, you will select first the server, then access its related information (per server). The Operations and Monitoring buttons will group all the servers on the same chart and graphic (that can be filtered later). On the next sections, I will use the Overview blade to show the Operations information, and use the Monitoring blade to show the monitoring information.

How to  use  the blades to access the information

Overview

Click on the Overview button, the Server List blade will  open. Choose a server to access to. At this stage, normally you will have a similar view.

Snap 2015-05-07 at 15.25.37

(Picture Credit : SAMIR FARHAT)

So how to use this view ?

Properties

This blade will provide you with different information about the server like the Operating System, the hardware configuration and the AAD connect Health agents version

Snap 2015-05-07 at 15.37.27

(Picture Credit : SAMIR FARHAT)

Missing QFEs

This blade will show you the installed QFEs (Quick Fix Engineering ie updates) and warn you whenever a required or recommended QFE is not installed

Snap 2015-05-07 at 15.37.46

(Picture Credit : SAMIR FARHAT)

Operations

The Operations blade is the Alerts blade, it will show you the active and resolved alerts. You should know that AAD Connect Health automatically resolves alerts.

Snap 2015-05-07 at 15.38.04

(Picture Credit : SAMIR FARHAT)

You can customize the time range by clinking on the Time Range button on top of the blade. Until this public preview version, the only possible periods to choose are : 6 hours, 24 hours and one week. The 24 hours is the default value

Snap 2015-05-07 at 15.38.16

(Picture Credit : SAMIR FARHAT)

If you click on an alert (Active or resolved), a new blade will be expanded to show you information like the alert state, rising time, the alert description. In addition, it will give you a fix proposition if applicable.

Snap 2015-05-07 at 15.38.29

(Picture Credit : SAMIR FARHAT)

Monitoring

Click on the monitoring button to access the Monitoring Blade

Snap 2015-05-07 at 17.19.45

(Picture Credit : SAMIR FARHAT)

This view will provide you the following information:

  • Token Requests / second
  • ADFS Private Bytes
  • Outstanding Token Requests (Proxy)
  • Rejected Token Requests / Second (Proxy)
  • TCP Connections Established
  • Token Request Latency (Proxy)
  • Used Memory (%)
  • Used Processor (%)

It will give you the Min, Max and Average value of these metrics during a period of time.

You can filter which Server to include on the graphic. On the left top corner of the blade, click the Filter Button.

Snap 2015-05-07 at 17.29.45

(Picture Credit : SAMIR FARHAT)

Select only the server or servers to include on the Monitoring blade.

Snap 2015-05-07 at 17.29.54

(Picture Credit : SAMIR FARHAT)

You can place your mouse on any point of the curve to see the exact value at this time. You should know that the values are caught every 30 minutes, And that, the values between are just an interpolation

Snap 2015-05-07 at 17.32.44

(Picture Credit : SAMIR FARHAT)

You can edit the displayed metric and the time range by right clicking anywhere on the graph and choosing Edit Chart

Snap 2015-05-07 at 17.48.18

(Picture Credit : SAMIR FARHAT)

Usage Analytics

The usage analytics blade provide you with very interesting information about the ADFS usage. It’s more granular that the Monitoring feature and adds specific details about the service (ADFS in our case)

You can via this blade, display a combination of the following metrics/grouping:

Snap 2015-05-07 at 18.01.16

(Picture Credit : SAMIR FARHAT)

For example you can display the total requests by Server or by Relying Party.

To achieve this, right click anywhere on the graph and click Edit Chart. Choose the desired chart.

Snap 2015-05-07 at 18.04.26

(Picture Credit : SAMIR FARHAT)

The graph will automatically be updated. And a nice view will be shown. Just admire the ‘landscape’. You can even use the Filter button to filter which grouping element to display. If you  hover the circle, It will permit you to zoom  every hovered element.

Snap 2015-05-07 at 18.09.11

(Picture Credit : SAMIR FARHAT)

Here we go. This was a simple user guide of AAD Connect Health. As noted before, this still a preview version and this post may not be accurate with the final version.

Advertisements

One thought on “Azure Active Directory Connect Health : User guide

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s