NSCLient Powershell No output available from command (check_

[dragan979]

I'm trying to monitor AD replication status by Powershell script:

Code: Select all

<#
.SYNOPSIS
	Check AD Replication in a DC Server.
.DESCRIPTION
	Check AD Replication in a DC Server and returns Nagios output and code.
.PARAMETER Warning
	Number of failed replications for warning treshold.
	Default 1.
.PARAMETER Critical
	Number of failed replications for critical treshold.
	Default 5.
.OUTPUTS
    OK: AD replication successful.
    WARNING: Failed replications equal to Warning treshold.
    CRITICAL: Failed replications equal to Critical treshold.
.EXAMPLE
	.\Get-ADReplication.ps1 -Warning 5 -Critical 10
.NOTES 
	Author:	Juan Granados 
	Date:	December 2017
#>
Param(
		[Parameter(Mandatory=$false,Position=0)] 
		[ValidateNotNullOrEmpty()]
		[int]$Warning=1,
		[Parameter(Mandatory=$false,Position=1)] 
		[ValidateNotNullOrEmpty()]
		[int]$Critical=5
)
# Variables
$SyncErrors=0
$NagiosStatus = 0
$NagiosOutput = ""
$Syncs = 0

# Get AD Replication Status for this DC
$SyncResults = Get-WmiObject -Namespace root\MicrosoftActiveDirectory -Class MSAD_ReplNeighbor -ComputerName $env:COMPUTERNAME |
	select SourceDsaCN, NamingContextDN, LastSyncResult, NumConsecutiveSyncFailures, @{N="LastSyncAttempt"; E={$_.ConvertToDateTime($_.TimeOfLastSyncAttempt)}}, @{N="LastSyncSuccess"; E={$_.ConvertToDateTime($_.TimeOfLastSyncSuccess)}} 

# Process result
foreach ($SyncResult in $SyncResults)
{
	if ($SyncResult.LastSyncResult -gt 0){
		$NagiosOutput += "$($SyncResult.NumConsecutiveSyncFailures) failed sync with DC $($SyncResult.SourceDsaCN) on $($SyncResult.NamingContextDN) at $($SyncResult.LastSyncAttempt), last success sync at $($SyncResult.LastSyncSuccess)."
		$SyncErrors++
		if ($SyncErrors -eq $Warning){
			$NagiosStatus = 1
		}
		elseif ($SyncErrors -eq $Critical) {
			$NagiosStatus = 2
		}			
	}
	else{
		$Syncs++
	}
}
# Nagios Output
$NagiosOutput += " | Syncs=$($Syncs);;;; SyncErrors=$($SyncErrors);$Warning;$Critical;;"
if ($NagiosStatus -eq 2) {
	Write-Host "CRITICAL: Replication error: $($NagiosOutput)"
    $host.SetShouldExit(2)
	 
} 
elseif ($NagiosStatus -eq 1) {
	Write-Host "WARNING: Replication error: $($NagiosOutput)"
    $host.SetShouldExit(1)
	 
} 
else{
	Write-Host "OK: replication is up and running.$($NagiosOutput)"
	$host.SetShouldExit(0)
	 
}

exit $NagiosStatus

This script work fine when running from Windows server (locally)

This is output:

Code: Select all

OK: replication is up and running. | Syncs=10;;;; SyncErrors=0;1;5;;

nslient.ini:

Code: Select all

# If you want to fill this file with all available options run the following command:
#   nscp settings --generate --add-defaults --load-all
# If you want to activate a module and bring in all its options use:
#   nscp settings --activate-module <MODULE NAME> --add-defaults
# For details run: nscp settings --help


; in flight - TODO
[/settings/default]

; Undocumented key
password = password

; Undocumented key
allowed hosts = 127.0.0.1, IP of Nagios server


; in flight - TODO
[/settings/NRPE/server]

 

; Undocumented key
verify mode = none

; Undocumented key
insecure = true

 


allow nasty characters = true

; in flight - TODO
[/modules]

; Undocumented key
CheckExternalScripts = 1

; Undocumented key
CheckHelpers = 1

; Undocumented key
CheckEventLog = 1

; Undocumented key
CheckNSCP = 1

; Undocumented key
CheckDisk = 1

; Undocumented key
CheckSystem = 1

; Undocumented key
NRPEServer = 1


[/settings/external scripts]

allow arguments = true


[/settings/external scripts/scripts]
 
check_ad_replication = cmd /c echo \scripts\check_ad_replication.ps1; exit($lastexitcode) | powershell.exe -File "C:\Program Files\NSClient++\scripts\check_ad_replication.ps1" - command -

Output from Nagios server:

./check_nrpe -H 1.2.2.3

I (0.5.2.35 2018-01-28) seem to be doing fine...

But when trying to execute script:

./check_nrpe -H 1.2.2.3 -c check_ad_replication -t 30
No output available from command (check_ad_replication).

When setting:

Code: Select all

check_ad_replication = cmd /c echo \scripts\check_ad_replication.ps1 ; exit($lastexitcode) | powershell.exe -ExecutionPolicy Bypass - command -

Then getting:

Code: Select all

The command (check_ad_replication) returned an invalid return code: -196608

[mbellerue]

I'm running your Powershell script in my environment, and it's killing the entire Powershell session before it can return an exit code. Looking at the Powershell documentation, those $host.ShouldExit() calls should be correct. But if you comment them out, and just have the program quit via the final exit $NagiosStatus, I think you will get the output you're looking for.

[dragan979]

Thanks for reply, you wouldn't believe what was the issue:

Issue 1:

quotes !, had to add quotes around exit codes !!

Code: Select all

$LASTEXITCODE -eq 0

changed to: (to all exit codes)

Code: Select all

$LASTEXITCODE -eq "0"

Unbelievable !

./check_nrpe -H 1.2.2.3 -c check_ad_replication -t 30
OK: replication is up and running.0 |'Syncs'=10 'SyncErrors'=0;15;

Issue 2:

Had to downgrade NSS Client to version 0.4.1.73

Problem solved, thanks

[scottwilkerson]

Thanks for reply, you wouldn't believe what was the issue:

Issue 1:

quotes !, had to add quotes around exit codes !!

Code: Select all

$LASTEXITCODE -eq 0

changed to: (to all exit codes)

Code: Select all

$LASTEXITCODE -eq "0"

Unbelievable !

./check_nrpe -H 1.2.2.3 -c check_ad_replication -t 30
OK: replication is up and running.0 |'Syncs'=10 'SyncErrors'=0;15;

Issue 2:

Had to downgrade NSS Client to version 0.4.1.73

Problem solved, thanks

Glad you were able to get it working!

Locking thread