PRTG – P10 How to Monitor Active Directory with PRTG (Basic SNMP Monitoring)

Active Directory is the backbone of most enterprise networks. When a Domain Controller (DC) fails, users cannot log in, authentication stops working, Group Policy fails, and critical services may become unavailable.

In this tutorial, you’ll learn how to Monitor Active Directory health using PRTG Network Monitor with basic SNMP monitoring. This step-by-step guide focuses on enabling SNMP on your Domain Controller and configuring essential SNMP sensors in PRTG.

PRTG allows IT administrators to detect Active Directory problems early through real-time monitoring and alert notifications. Proper monitoring ensures your AD infrastructure remains stable, reliable, and highly available.

This guide is ideal for system administrators and network engineers managing Windows Server environments.

Follow this tutorial to ensure your Active Directory environment stays healthy and protected.

🛠 1. Enabling SNMP on Active Directory

Before you can Monitor Active Directory, SNMP must be installed and configured properly on the Domain Controller.

1️⃣ Install SNMP Service on Windows Server (DC)

Quick Way (GUI)

• Open Server Manager

• Click Add Roles and Features

• Click Next → Go to Features

• Tick: ✅ SNMP Service

• (Optional) SNMP WMI Provider

• Click Install → Reboot (recommended)

2️⃣ Configure SNMP Service (IMPORTANT)

After installation, proper configuration is critical for security and monitoring accuracy.

Open:

Services → SNMP Service → Properties

🔹 Tab: Security

1️⃣ Community

• Click Add

• Community name:

👉 Example: prtg_ro

• Permission:

  • READ ONLY

❌ Absolutely DO NOT use public

2️⃣ Accepted community names

Only use the community you just created.

3️⃣ Accept SNMP packets from these hosts

Select:

✅ Accept SNMP packets from these hosts

Add:

👉 IP of the PRTG Server

Do not leave “Any” Host.

🔹 Tab: Agent

• Contact: IT

• Location: DC01

• Services: tick all

3️⃣ Open Firewall for SNMP

On the Domain Controller:

• Open UDP 161

• Limit Source IP → Enter PRTG IP

This ensures secure and controlled SNMP communication.

🖥 2. Add Domain Controller Device in PRTG

In PRTG:

• Add new Device

• Enter DC IP address

Example:

DC: 192.168.16.186

Community name:

Make sure SNMP credentials match exactly with the configuration on the DC.

📊 3. Add Essential Sensors to Monitor Active Directory

To effectively Monitor Active Directory, you must configure the right sensors.

#1 Ping v2

This is the most basic availability check.

If the DC cannot ping → everything is considered finished.

Ping is your first layer of monitoring.

#2 SNMP CPU Load

Monitor CPU usage to detect:

• High authentication load

• Replication spikes

• Malware or abnormal process usage

Set proper thresholds for Warning and Error states.

#3 SNMP Memory v2

Monitor physical RAM usage.

⚠ Do not select Virtual Memory (pagefile).

Reason:

Virtual Memory = pagefile → does not reflect actual DC health.

Monitoring pagefile can cause misleading alerts.

#4 SNMP Disk Free v2

Disk space is critical for AD stability.

Warning:

Almost out of space, few GB remaining.

Threshold configuration:

Use Free Space (GB)

Reason:

Percentage (%) is very easy to be false, especially with different small/large disks.

Using absolute GB is more accurate and practical.

#5 SNMP Traffic

SNMP Traffic is used to monitor network traffic (bandwidth) of the network card on the server/device.

SNMP Traffic helps you:

• Detect network congestion
• Determine if server slowdown is due to network issues
• Detect unusual traffic (backup, loop, malware, other VMs)
• Check for problems with NIC/switch/vSwitch

Interface Selection

Ethernet – Connected – 4 GBit/s – Ethernet

This is the real NIC (or the main vNIC of the VM DC).

Ignore all disconnected states (default):

Avoid downtime caused by virtual NICs turning on/off.

Graph Settings

Show inbound and outbound traffic as positive and negative area graph:

Very intuitive inbound/outbound view.

Errors / Discards

Channel Warning Error

Errors In / Out >1 >5
Discards In / Out >1 >5

Normal Active Directory traffic is almost = 0.

Total Traffic Threshold

If 4000 Mbps is reported, it may be false (actual card usage is 1000 Mbps).

Warning:

700 bandwidth (70% of 1 Gbps)

Down/Error:

900 bandwidth (≈ 90% of 1 Gbps)

This ensures early detection before network saturation impacts authentication services.

🚨 Why Monitoring Active Directory Is Critical

When you properly Monitor Active Directory, you gain:

• Early detection of DC performance issues

• Immediate alerts on service degradation

• Network bottleneck visibility

• Disk capacity awareness

• Reduced downtime risk

Without monitoring, AD failures are often discovered only after users complain.

Proactive monitoring transforms reactive troubleshooting into preventive maintenance.

🎯 Final Thoughts

You have now configured a basic yet powerful SNMP-based monitoring solution to Monitor Active Directory using PRTG.

By enabling SNMP securely, adding the Domain Controller device, and configuring Ping, CPU, Memory, Disk, and Traffic sensors, you create a strong monitoring foundation for your AD environment.

This setup ensures that authentication services, domain operations, and critical infrastructure components remain stable and reliable.

In the next tutorial, we will explore more advanced monitoring techniques to further strengthen your Windows Server and Active Directory visibility.