![]() "Extranet Lockout": Failures due to the requests received from a user that was locked out from extranet.Incorrect Username or Password: Errors due to incorrect username or password.This grouping is useful to understand the common types of errors. Shows the number of errors based on predefined error types. (This metric is only available on AD FS for Windows Server 2012 R2) Group By Metric: Total Failed Request - The total number failed requests processed by the federation service. This grouping is useful to know what percentage of the traffic is coming from the intranet versus extranet. Groups the total requests based on the network location of the user. This behavior is common if you have multiple relying parties protected by the federation servers. In such cases, if the cookie is valid, the user is not asked to provide credentials and gets seamless access to the application. If the federation servers receive the request with an SSO Cookie, that request is counted as SSO (Single Sign On). X509 Certificate Authentication (Certificate).Windows Integrated Authentication (Windows).Following are the possible authentication methods This grouping is useful to understand the common authentication method that gets used for authentication. Groups the total requests based on the authentication method used for authentication. This grouping is useful to understand if your resources are accessed using devices that are unknown to the identity infrastructure. Groups the total requests based on whether they are coming from devices that are workplace joined (known). This grouping is useful to understand the load distribution of the total traffic. Groups the total requests based on the server that processed the request. This grouping is useful to understand which application is receiving how much percentage of the total traffic. Groups the total requests based on the targeted relying party. Shows the count of total number of requests processed by all AD FS servers. What the grouping means and why it's useful? Metric : Total Requests - Total number of requests processed by AD FS servers. You can view the distribution of the authentication traffic based on different "metrics" and group each metric using relevant "group by" parameters described in the following section: Then you can specify the time range, select a different metric, and change the grouping. To select additional metrics, specify a time range, or to change the grouping, right-click on the usage analytics chart and select Edit Chart. For more information, see Enable Auditing for AD FS. To use Usage Analytics with AD FS, you must ensure that AD FS auditing is enabled. You can double-click the usage analytics box, to open the usage analytics blade, which shows you several metrics and groupings. You can also view historical data on alerts that were resolved in the past.Īzure AD Connect Health Usage Analytics analyzes the authentication traffic of your federation servers. You can double-click an active or resolved alert, to open a new blade with additional information, steps you can take to resolve the alert, and links to relevant documentation. Each alert includes relevant information, resolution steps, and links to related documentation. The Azure AD Connect Health Alerts section provides you the list of active alerts. Additionally, for information on monitoring Active Directory Domain Services with Azure AD Connect Health, see Using Azure AD Connect Health with AD DS. For information on monitoring Azure AD Connect (Sync) with Azure AD Connect Health, see Using Azure AD Connect Health for Sync. ![]() ![]() The following documentation is specific to monitoring your AD FS infrastructure with Azure AD Connect Health.
0 Comments
Leave a Reply. |