TestimoX

Probe Types

Edit on GitHub

Reference for the TestimoX.Monitoring probe families used to validate directory protocols, reachability, replication, patch posture, and custom checks.

Probe Types

TestimoX.Monitoring currently exposes 13 built-in probe families, with support for custom checks when you need to extend coverage for environment-specific services.

DNS Probe

Validates DNS resolution and reachability against domain controller DNS servers.

  • Queries A, AAAA, SRV, and SOA records
  • Verifies that DNS responses match expected values
  • Detects stale or missing DNS registrations

Default Port: 53 (UDP/TCP)

LDAP Probe

Tests LDAP bind and search operations against domain controllers.

  • Supports multiple authentication modes (Negotiate, Kerberos, Simple)
  • Validates LDAP and LDAPS (port 636) connectivity
  • Measures bind latency and search response time
  • Configurable identity port preference and slow-target detection
  • Supports sampling mode for large environments

Default Ports: 389 (LDAP), 636 (LDAPS), 3268 (GC), 3269 (GC-SSL)

Kerberos Probe

Verifies that the Kerberos KDC is operational by performing protocol-level validation.

  • Sends an actual Kerberos AS-REQ to validate the service (not just a port check)
  • Detects misconfigurations where port 88 is open but not speaking Kerberos
  • Validates response structure and error codes

Default Port: 88 (TCP/UDP)

NTP Probe

Checks time synchronization service on domain controllers.

  • Validates NTP response from the Windows Time service
  • Measures time offset and stratum
  • Detects DCs with excessive clock drift

Default Port: 123 (UDP)

HTTPS Probe

Monitors HTTPS/TLS endpoints including certificate health.

  • Validates TLS handshake and certificate chain
  • Tracks certificate expiry dates and warns before expiration
  • Checks for weak cipher suites and protocol versions
  • Supports custom URL paths and expected status codes

Default Port: 443 (TCP)

Port Probe

Generic TCP port reachability check for any network service.

  • Tests whether a specific TCP port is open and accepting connections
  • Supports payload validation for NTP and ADWS protocols
  • Measures connection latency
  • Useful for verifying firewall rules and service availability

Configurable Ports: Any TCP port

DnsService Probe

Performs payload-level DNS service validation beyond simple DNS resolution.

  • Sends structured DNS queries to DNS server endpoints
  • Validates that the DNS service is responding correctly (not just the port)
  • Checks DNS zone delegation and forwarding health

Default Port: 53 (TCP/UDP)

Replication Probe

Monitors AD replication health between domain controllers.

  • Checks replication freshness vectors (up-to-dateness)
  • Detects stale replication partners
  • Validates SYSVOL replication status (DFS-R/FRS)
  • Monitors replication connectivity between DC pairs

Directory Probe

Comprehensive domain controller directory health check that bundles multiple sub-checks:

  • RootDSE -- validates the RootDSE entry is accessible and returns expected attributes
  • LDAP Search -- performs a lightweight LDAP search to confirm directory service
  • SRV Coverage -- verifies that SRV DNS records cover all expected services
  • GC Readiness -- confirms Global Catalog availability and partition hosting
  • Client Path -- validates that client LDAP discovery paths resolve correctly
  • DNS Registration -- checks DC DNS host record registration
  • DNS SOA -- validates SOA record consistency for AD-integrated zones
  • RPC Endpoint -- confirms RPC endpoint mapper accessibility
  • FSMO -- validates FSMO role holder accessibility
  • SYSVOL/GPT -- checks SYSVOL share accessibility and GPT.INI consistency
  • NETLOGON -- verifies NETLOGON share availability
  • Share Permissions -- audits SYSVOL and NETLOGON share permissions and ownership

ADWS Probe

Tests Active Directory Web Services availability.

  • Validates connectivity to the ADWS endpoint
  • Confirms the service is responding to SOAP requests
  • Required for PowerShell AD module operations

Default Port: 9389 (TCP)

Ping Probe

Basic ICMP reachability and latency check.

  • Sends ICMP echo requests to target hosts
  • Measures round-trip latency
  • Useful as a baseline connectivity check before deeper probes

WindowsUpdate Probe

Reviews Windows Update posture on monitored hosts.

  • Verifies update-agent reachability and response state
  • Highlights systems with missing update metadata or stale scan signals
  • Useful when you want monitoring to catch patching drift between deeper assessment runs

Custom Probe

Provides an extension point for environment-specific checks.

  • Supports custom probe definitions and payload logic
  • Useful for internal endpoints, application dependencies, or service-specific health rules
  • Lets you keep TestimoX.Monitoring aligned with your own operational standards

Probe Configuration

Each probe type supports common configuration options:

OptionDescription
IntervalHow often the probe runs (seconds)
TimeoutMaximum time to wait for a response
RetriesNumber of retry attempts on failure
ThresholdsLatency thresholds for Degraded status
TargetsManual target list or auto-discovery