WMI unknown error on nagiosxi
Posted: Mon Jul 23, 2018 11:23 am
Hi Team,
For few of the hosts we are receiving wmi errors on service checks.
Other service checks works fine, service checks related to wmi is not working and this issue is only for handful of hosts.
/usr/local/nagios/libexec/check_wmi_plus.pl -H hostname -u 'user' -p 'password' -m checkdrivesize -a 'E': -w '90' -c '95' -t 60
Errors "UNKNOWN - Plugin Timed out (60 sec). There are multiple possible reasons for this, some of them include - The host might just be really busy, it might not even be running Windows."
Tried debugging the error.
Below is the output of the debug.
Please advise.
Thanks!
For few of the hosts we are receiving wmi errors on service checks.
Other service checks works fine, service checks related to wmi is not working and this issue is only for handful of hosts.
/usr/local/nagios/libexec/check_wmi_plus.pl -H hostname -u 'user' -p 'password' -m checkdrivesize -a 'E': -w '90' -c '95' -t 60
Errors "UNKNOWN - Plugin Timed out (60 sec). There are multiple possible reasons for this, some of them include - The host might just be really busy, it might not even be running Windows."
Tried debugging the error.
Below is the output of the debug.
Code: Select all
[param/loadparm.c:2462:lp_load()] lp_load: refreshing parameters from /dev/null
[param/params.c:556:pm_process()] params.c:pm_process() - Processing configuration file "/dev/null"
[param/loadparm.c:2471:lp_load()] pm_process() returned Yes
[param/loadparm.c:1343:lp_add_hidden()] adding hidden service IPC$
[param/loadparm.c:1343:lp_add_hidden()] adding hidden service ADMIN$
[auth/kerberos/krb5_init_context.c:388:smb_krb5_init_context()] krb5_init_context failed (Invalid argument)
[auth/gensec/gensec.c:1229:gensec_register()] GENSEC backend 'sasl-DIGEST-MD5' registered
[auth/auth.c:447:auth_register()] AUTH backend 'winbind_samba3' registered
[auth/auth.c:447:auth_register()] AUTH backend 'winbind' registered
[auth/auth.c:447:auth_register()] AUTH backend 'name_to_ntstatus' registered
[auth/auth.c:447:auth_register()] AUTH backend 'fixed_challenge' registered
[auth/auth.c:447:auth_register()] AUTH backend 'unix' registered
[auth/auth.c:447:auth_register()] AUTH backend 'anonymous' registered
[auth/auth.c:447:auth_register()] AUTH backend 'sam' registered
[auth/auth.c:447:auth_register()] AUTH backend 'sam_ignoredomain' registered
[auth/gensec/gensec.c:1229:gensec_register()] GENSEC backend 'krb5' registered
[auth/gensec/gensec.c:1205:gensec_register()] gensec subsystem fake_gssapi_krb5 is disabled
[auth/gensec/gensec.c:1229:gensec_register()] GENSEC backend 'schannel' registered
[auth/gensec/gensec.c:1229:gensec_register()] GENSEC backend 'spnego' registered
[auth/gensec/gensec.c:1205:gensec_register()] gensec subsystem gssapi_spnego is disabled
[auth/gensec/gensec.c:1229:gensec_register()] GENSEC backend 'gssapi_krb5' registered
[auth/gensec/gensec.c:1229:gensec_register()] GENSEC backend 'gssapi_krb5_sasl' registered
[auth/gensec/gensec.c:1229:gensec_register()] GENSEC backend 'ntlmssp' registered
[lib/com/dcom/main.c:528:dcom_determine_rpc_binding()] Using binding ncacn_ip_tcp:usvaarcpci
[librpc/rpc/dcerpc_connect.c:513:continue_map_binding()] Mapped to DCERPC endpoint 135
[lib/com/dcom/main.c:413:determine_rpc_binding_continue2()] dcerpc_ndr_request_recv returned NT_STATUS_OK
[lib/com/dcom/main.c:417:determine_rpc_binding_continue2()] IObjectExporter::ServerAlive returned NT_STATUS_OK
[auth/kerberos/krb5_init_context.c:388:smb_krb5_init_context()] krb5_init_context failed (Invalid argument)
[auth/gensec/gensec_gssapi.c:232:gensec_gssapi_start()] gensec_krb5_start: krb5_init_context failed (Invalid argument)
[auth/gensec/gensec.c:606:gensec_start_mech()] Failed to start GENSEC client mech gssapi_krb5: NT_STATUS_INTERNAL_ERROR
[auth/ntlmssp/ntlmssp_client.c:128:ntlmssp_client_challenge()] Got challenge flags:
[auth/ntlmssp/ntlmssp.c:72:debug_ntlmssp_flags()] Got NTLMSSP neg_flags=0x62898205
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_CHAL_TARGET_INFO
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
[auth/ntlmssp/ntlmssp_client.c:242:ntlmssp_client_challenge()] NTLMSSP: Set final flags:
[auth/ntlmssp/ntlmssp.c:72:debug_ntlmssp_flags()] Got NTLMSSP neg_flags=0x60088205
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
[lib/com/dcom/main.c:570:complete_activation()] Negotiated COM version: 5.1 using binding ncacn_ip_tcp:usvaarcpci[135]
[lib/com/dcom/main.c:1172:bind_new_pipe()] lib/com/dcom/main.c:1172: dcom_get_pipe: host=usvaarcpci, similar=usvaarcpci[1028]
[librpc/rpc/dcerpc_connect.c:790:dcerpc_pipe_connect_b_recv()] failed NT status (c00000b5) in dcerpc_pipe_connect_b_recv
[librpc/rpc/dcerpc_connect.c:790:dcerpc_pipe_connect_b_recv()] failed NT status (c00000b5) in dcerpc_pipe_connect_b_recv
[lib/com/dcom/main.c:1098:try_next_binding()] dcom_get_pipe: Skipping binding \\\\USVAARCPCI[\\PIPE\\srvsvc]
[lib/com/dcom/main.c:1098:try_next_binding()] dcom_get_pipe: Skipping binding \\\\USVAARCPCI[\\pipe\\SessEnvPublicRpc]
[lib/com/dcom/main.c:1098:try_next_binding()] dcom_get_pipe: Skipping binding \\\\USVAARCPCI[\\PIPE\\browser]
[lib/com/dcom/main.c:1098:try_next_binding()] dcom_get_pipe: Skipping binding \\\\USVAARCPCI[\\PIPE\\atsvc]
[wmi/wmic.c:196:main()] ERROR: Login to remote object.
NTSTATUS: NT code 0xc002001b - NT code 0xc002001bPlease advise.
Thanks!