WMI plus agentless monitoring.

prateekagr1988 · Post by **prateekagr1988** » Wed Jun 10, 2015 4:40 am

Hello,

Can we have the required network configuration (open ports, etc) details for WMI plus agentless monitoring for windows?

Regards,
Prateek

tmcdonald · Post by **tmcdonald** » Wed Jun 10, 2015 9:23 am

I would start here:

https://assets.nagios.com/downloads/nag ... ios-XI.pdf

prateekagr1988 · Post by **prateekagr1988** » Wed Jun 10, 2015 9:52 am

Thank you!
I have gone through the document.
We actually required the below:
1. User-less authentication
2. Ports/network rules required to be opened for this.

Post by **eloyd** » Wed Jun 10, 2015 9:58 am

Page 4 of that document shows how to set up Windows firewall.

You must have a user of some sort or else the system won't work.

Are you looking for a way to query machines without having to do any work on the machine itself? In other words, turning up a new machine without installing or configuring any part of the machine for monitoring, but have Nagios monitor it? If so, you will only be able to do that if your install image includes pre-installed software (agent) and/or configuration information, or it installs it at some point through your server management processes.

prateekagr1988 · Post by **prateekagr1988** » Wed Jun 10, 2015 10:06 am

Your 2nd point is correct. Do we have any reference document for this?
We have been doing that for most of the servers, but we have issues with a few.
We suspect some connectivity missing and that's where we are stuck.
In the previous document I see TCP 135 is used. Do we have any such list of network rules to be enabled?

Post by **eloyd** » Wed Jun 10, 2015 10:12 am

WMI uses port 135, yes. You need to ensure that that port is open from the Nagios server to the Windows client.

prateekagr1988 · Post by **prateekagr1988** » Wed Jun 10, 2015 10:14 am

Great! Any other similar requirements for WMI plus ?

Post by **eloyd** » Wed Jun 10, 2015 10:19 am

WMI is similar to FTP in that it listens for connections on port 135 (FTP uses port 23) and then switches to a random port to continue the communication. So the firewall on the Windows side needs to know that the new port is related to the old port in order to continue to allow traffic. Otherwise it sees the traffic on the new port as a new, unrelated connection, and blocks it. This is why the Windows firewall needs to be updated, since it is smart enough to know how to handle this (much as module nf_conntrack knows how to do this in Linux).

So you can't just open up port 135 and have it work. You will need to tell the Windows firewall program that you are using remote WMI traffic or else it will block requests.

Post by **lmiltchev** » Wed Jun 10, 2015 10:22 am

Thanks, eloyd! prateekagr1988, let us know if you have any more questions.

prateekagr1988 · Post by **prateekagr1988** » Wed Jun 10, 2015 10:27 am

Perfect. I think I know now what's missing. Will let you guys know once done.
Thanks

Nagios Support Forum

WMI plus agentless monitoring.

WMI plus agentless monitoring.

Re: WMI plus agentless monitoring.

Re: WMI plus agentless monitoring.

Re: WMI plus agentless monitoring.

Re: WMI plus agentless monitoring.

Re: WMI plus agentless monitoring.

Re: WMI plus agentless monitoring.

Re: WMI plus agentless monitoring.

Re: WMI plus agentless monitoring.

Re: WMI plus agentless monitoring.