Nagios Support Forum

Posted: **Wed Mar 11, 2020 2:29 pm**

What is the different way that the script query's the data? That could be the key here. Because this is what I'm seeing,

Note that if I run from the command line the following output is produced:
C:\DCOM\Nagios\ncpa_passive.exe C:\DCOM\Nagios\ C:\DCOM\Nagios\var\log\ displayEnv.ps1 displayEnv.ps1.seek C:\DCOM\Nagios\var\log\displayEnv.ps1.seek

But when executed through the NCPA API the following output is produced:
Using check_ncpa.py

var\log\ displayEnv.ps1 displayEnv.ps1.seek var\log\displayEnv.ps1.seek

You're right, we're basically missing %NCPA_HOME% (which is a great way to reference it, btw). The very first result when you run it from the command line is C:\DCOM\Nagios\ncpa_passive.exe. This is given to you by this bit of code,

Code: Select all

$NCPA_PATH = Get-Process -Name ncpa_passive | Select -expand Path

The entire rest of the script is derived from the $NCPA_PATH variable. For one reason or another, that Get-Process cmdlet just isn't returning data. If it were NCPA filtering the data for some reason, it would filter it for us as well, and it isn't. Something strange is happening at line 1 in the script, and $NCPA_PATH isn't getting set.

Posted: **Wed Mar 11, 2020 4:10 pm**

@mbellerue

You are correct...even though certain other PowerShell scripts are indeed operating as the svc_account something about the way Get-Process underlying permissions are prohibiting access to certain process objects. This is dang difficult to understand because there is no clear/easy way to determine what specific permission is missing due to the fact that the SYSTEM and Administrators rights supersede all permissions. I did see that certain processes can be queried successfully but others cannot. So that bites because trying to run the services as the svc_account to make things like check UNC Paths easy without credentials also creates permissions issues trying to ascertain other things I wanted to use PowerShell to extract.

I will go back to the drawing board and look for alternate methods...I was just trying to do it simple without much thought but then got sidetracked when it didn't work the way I expected it to.

Thanks for your help and you can lock this thread...

Danny

Posted: **Thu Mar 12, 2020 6:29 am**

onegative wrote:@mbellerue

You are correct...even though certain other PowerShell scripts are indeed operating as the svc_account something about the way Get-Process underlying permissions are prohibiting access to certain process objects. This is dang difficult to understand because there is no clear/easy way to determine what specific permission is missing due to the fact that the SYSTEM and Administrators rights supersede all permissions. I did see that certain processes can be queried successfully but others cannot. So that bites because trying to run the services as the svc_account to make things like check UNC Paths easy without credentials also creates permissions issues trying to ascertain other things I wanted to use PowerShell to extract.

I will go back to the drawing board and look for alternate methods...I was just trying to do it simple without much thought but then got sidetracked when it didn't work the way I expected it to.

Thanks for your help and you can lock this thread...

Danny

Great!

Locking

Nagios Support Forum

Powershell Output via NCPA API missing

Re: Powershell Output via NCPA API missing

Re: Powershell Output via NCPA API missing

Re: Powershell Output via NCPA API missing