WMIC and NTLMv2 authentication
WMIC and NTLMv2 authentication
How would I configure the wmic client to use NTLMv2 authentication only? our Windows domain will be upgrade shortly to only accept NTLMv2 and reject NTLM and lanman, testing over the weekend revealed the service account nagios was using for our WMI service tests was locking out when NTLMv2 only was enabled.
Re: WMIC and NTLMv2 authentication
paul.jobb,
I tested Windows Server 2008 only returning NTLMv2 and WMIC fails for me as well. I'll research wmic using NTLMv2. Possibly joining Nagios to the domain and using Kerberos would work, as WMIC supports Kerberos.
I tested Windows Server 2008 only returning NTLMv2 and WMIC fails for me as well. I'll research wmic using NTLMv2. Possibly joining Nagios to the domain and using Kerberos would work, as WMIC supports Kerberos.
Re: WMIC and NTLMv2 authentication
It appears adding the --option="client ntlmv2 auth"=Yes to the wmic command line forces ntlmv2 authentication.
However I was only able to get this to work on the version of wmic that was distributed with a version of zenoss I downloaded as part of a virtual appliance, the version I installed on my nagiosxi server via the nagios install script doesn't seem to support it. Do you know where I would find the most reason of wmic? Internet searches didn't turn up a whole lot other than it was part of the zenoss install.
attached is a screen shot of the two versions of wmic I have installed
However I was only able to get this to work on the version of wmic that was distributed with a version of zenoss I downloaded as part of a virtual appliance, the version I installed on my nagiosxi server via the nagios install script doesn't seem to support it. Do you know where I would find the most reason of wmic? Internet searches didn't turn up a whole lot other than it was part of the zenoss install.
attached is a screen shot of the two versions of wmic I have installed
You do not have the required permissions to view the files attached to this post.
-
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: WMIC and NTLMv2 authentication
wmic is developed by Zenoss, so the zenoss version you have is likely the newer one...
Here's an upgrade process if it is not
http://support.nagios.com/forum/viewtop ... 620#p21620
Here's an upgrade process if it is not
http://support.nagios.com/forum/viewtop ... 620#p21620
Re: WMIC and NTLMv2 authentication
I don't seem to be authorized to read that link
-
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: WMIC and NTLMv2 authentication
Sorry, didn't see that was on the customer forum.. Here's the content
scottwilkerson wrote:Actually, just looking at the developers Change Log it looks like this was fixed in Version 1.44 - 16th June 2011
Sometimes calculated fields based on WMI Raw data which use the WMI field Timestamp_Sys100NS return negative values. This affects checks which were calculated by differencing 2 WMI queries over a period of time eg checkcpu. This is most likely caused by inaccurate timing information provided by the hardware. This most likely only affects virtual machines, probably more on busy host platforms, due to their known inability to return accurate clock information. To counter this, we now check all calculated values and if they are below zero, we make them zero. This is really only a work-around. All calculations like this on VMs will be inaccurate by single digit percentages, especially when checked over short timeframes. We recommended using values for -y and -t as high as you can to improve accuracy. Thanks to Lee Kennedy for notifying us of this problem.
If you update the plugin to any version newer than ( 1.49 ) this should fix this problem, however I helped someone else with a similar issue and he was then forces to update wmic on the server, the steps to do that are hereFrom what I read on a couple forums this is a problem with wmic, and by the looks of the error, you have an old version (4.0.0alpha3-GIT-UNKNOWN) of that too...
New version can be found here
http://dev.zenoss.org/svn/trunk/inst/ex ... 13.tar.bz2
Logged into your Nagios XI machine as root run:
yum install autoconf -y
cd /tmp
wget http://dev.zenoss.org/svn/trunk/inst/ex ... 13.tar.bz2
bunzip2 wmi-1.3.13.tar.bz2
tar -xvf wmi-1.3.13.tar
cd wmi-1.3.13
make
Have a cup of coffee as this takes a while...
Then it installed in a different location...arg...if it comes back withCode: Select all
which wmic
/bin/wmic as one of the options, we need to make a change in the following file
/usr/local/nagios/libexec/check_wmi_plus.conf
change this line
$wmic_command="/usr/bin/wmic"; # CHANGE THIS IF NEEDED
to this
$wmic_command="/bin/wmic"; # CHANGE THIS IF NEEDED
Re: WMIC and NTLMv2 authentication
http://assets.nagios.com/downloads/nagi ... For_XI.pdf
Installs wmic 1.3.13 which is a recent version
the newest version 1.3.16
Can be installed by running:
wget http://assets.nagios.com/downloads/nagi ... _1.3.16.py
Sample output of 1.3.16:
[root@CENT6_x64_IP_79 bin]$ ./wmic --option="client ntlmv2 auth"=Yes -U HQ/administrator%n@giosadmin1 //192.168.5.90 "select name from Win32_ComputerSystem"
CLASS: Win32_ComputerSystem
Name
WIN-DVNEC6E00EP
Thanks for pointing out the --option="client ntlmv2 auth" as it's not obvious from the arguments list or help
Installs wmic 1.3.13 which is a recent version
the newest version 1.3.16
Can be installed by running:
wget http://assets.nagios.com/downloads/nagi ... _1.3.16.py
Sample output of 1.3.16:
[root@CENT6_x64_IP_79 bin]$ ./wmic --option="client ntlmv2 auth"=Yes -U HQ/administrator%n@giosadmin1 //192.168.5.90 "select name from Win32_ComputerSystem"
CLASS: Win32_ComputerSystem
Name
WIN-DVNEC6E00EP
Thanks for pointing out the --option="client ntlmv2 auth" as it's not obvious from the arguments list or help
Re: WMIC and NTLMv2 authentication
to install or upgrade version of WMIC to 1.3.16
Code: Select all
wget http://assets.nagios.com/downloads/nagiosxi/scripts/wmicinstall_1.3.16.py
chmod +x wmicinstall_1.3.16.py
./wmicinstall_1.3.16.py
Re: WMIC and NTLMv2 authentication
Thankyou I was able to get the updated version of wmic.
Matthew Jurgens was able to provide me with an updated check_wmi_plus.pl script which allows me to pass additional wmic arguments, I tested that this afternoon and it appears to work as expected via the xi interface. Thanks for you help.
Matthew Jurgens was able to provide me with an updated check_wmi_plus.pl script which allows me to pass additional wmic arguments, I tested that this afternoon and it appears to work as expected via the xi interface. Thanks for you help.
-
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: WMIC and NTLMv2 authentication
paul.jobb wrote:Thankyou I was able to get the updated version of wmic.
Matthew Jurgens was able to provide me with an updated check_wmi_plus.pl script which allows me to pass additional wmic arguments, I tested that this afternoon and it appears to work as expected via the xi interface. Thanks for you help.