Security Accounts Manager Test
Every Windows computer has a local Security Accounts Manager (SAM). The SAM is responsible for a few functions. First, it is responsible for storing the local users and groups for that computer. Second, the local SAM is responsible for authenticating logons. When a computer is not joined to a domain, the only option is to use the local SAM to perform the authentication.
If too many computer/user creations in SAM fail or if SAM takes too long to enumerate, evaluate, and authenticate users/user groups, the user experience with the computer is bound to be impacted adversely. By periodically monitoring the operations of SAM, administrators can proactively detect potential problem conditions and plug the holes, so that the user experience remains unaffected. The Security Accounts Manager test does just that. At configured intervals, this test checks how well SAM performs its core functions, and promptly reports real/probable failures and latencies to the administrator.
Note:
This test applies only to Active Directory Servers installed on Windows 2012 and above.
Target of the test : An Active Directory server or a Windows Domain Controller
Agent deploying the test : An internal agent
Outputs of the test : One set of results for every Active Directory server that is being monitored
Parameters | Description |
---|---|
Test period |
This indicates how often should the test be executed. |
Host |
The IP address of the machine where the Active Directory is installed. |
Port |
The port number through which the Active Directory communicates. The default port number is 389. |
Measurement | Description | Measurement Unit | Interpretation |
---|---|---|---|
Machine creation attempts |
Indicates the number of attempts per second to create computer accounts. |
Number |
|
User creation attempts |
Indicates the number of attempts per second to create user accounts. |
Number |
|
Successful user creations |
Indicates the number of user accounts successfully created per second. |
Number |
Ideally, the value of this measure should be equal to the value of the User creation attempts measure. A low value is a cause for concern, as it indicates that many user creation attempts are failing; the reasons for the same have to be ascertained and addressed soon. |
Successful computer creations |
Indicates the number of computers successfully created per second. |
Number |
Ideally, the value of this measure should be equal to the value of the Machine creation attempts measure. A low value is a cause for concern, as it indicates that many machine creation attempts are failing; the reasons for the same have to be ascertained and addressed soon. |
GC evaluations |
Indicates the number of SAM global catalog evaluations per second. |
Number |
|
Enumerations |
Indicates the number of net user, net group, and net local function enumerations per second. |
Connections/Sec |
|
Display information queries |
Indicates the number of queries per second to obtain display information. |
Connections/Sec |
|
Account group evaluation latency |
Indicates the time taken by SAM to evaluate an account group. |
Secs |
This indicates the mean latency of the last 100 account and universal group evaluations performed for authentication. A high value could indicate a bottleneck. |
Resource group evaluation latency |
Indicates the time taken by SAM to evaluate a resource group. |
Secs |
This indicates the mean latency of the last 100 resource group evaluations performed for authentication. A high value could indicate a bottleneck. |