Page 1 of 1
Monitoring using WMI
Posted: Mon Oct 03, 2011 11:10 am
by cwscribner
Hi all.
I had an interesting note brought up to me recently in reference to monitoring with WMI and how that works with active directory. Here's the details...
If using WMI to monitor a machine, does the username and password have to be local on the machine or does the u:p pair just have to exist in Active Directory?
Re: Monitoring using WMI
Posted: Mon Oct 03, 2011 2:16 pm
by lmiltchev
I believe you can use it either way, however, you should have administrative rights to the local machine.
Re: Monitoring using WMI
Posted: Wed Oct 05, 2011 9:39 am
by hhlodge
Either way. I use a AD service account for all domain systems and local admin account for those not on the domain, such as those in a DMZ, etc. For ease of maintenance, if security allows it, set the password in a resource.cfg macro such as $USER10$ so you can use that in all your service checks and just change the macro value should the password change.
Re: Monitoring using WMI
Posted: Wed Oct 05, 2011 11:53 am
by mguthrie
Thats a good idea, thanks for the input!
Re: Monitoring using WMI
Posted: Thu Oct 06, 2011 11:42 am
by rseiwert
I do use the $user8$ and $user9$ for the username and password. Important note, Samba likes passwords to be simple, no longer than 8 chars. I also was having authentification issues with the WMIC downloaded from Nagios Library. While the version numbers are the same there is a newer version that doesn't fail authentification out there. I have posted about this and a search should bring up more details.