Page 1 of 1
Monitor a non-domain windows box
Posted: Mon Apr 23, 2012 9:40 am
by thomasj
Hi all,
I have a bit of an odd question...
My Nagios xi box (Centos box) is a Domain member.
I have a Windows 2008 R2 box that is connected to our network but has the requirement to not be a domain member.
I am finding that Nagios can ping the tagret box (non-domain member) but returns the error message "CRITICAL - Socket timeout after 10 seconds" for all services I am trying to monitor.
I would imagine this is because the non-domain windows server doesnt have a trust relationship an therefore doesnt trust the nagios box to run the commands passed by it (nagios).
I was wondering if you have come across this requirement before and know how to get a non-domain member monitored by nagios (domain member)
Thanks in advance
Joe
Re: Monitor a non-domain windows box
Posted: Mon Apr 23, 2012 9:43 am
by scottwilkerson
What kind of checks are you trying to run? NSClient, NRPE, WMI, SNMP?
Re: Monitor a non-domain windows box
Posted: Mon Apr 23, 2012 9:52 am
by thomasj
For now just the default checks through the monitoring wizard so NSclient checks. This may grow in time. But this will be good enough to start with.
Re: Monitor a non-domain windows box
Posted: Mon Apr 23, 2012 10:19 am
by scottwilkerson
Couple things that come to mind as possibilities
Is the NSClient ++ service running?
Is their any firewall blocking port 12489 on the Windows machine or off?
In the NSC.ini is the allowed_hosts set to your nagios XI servers IP address?
In the NSC.ini is the following line uncommented
Do you see anything in the nsclient.log?
Re: Monitor a non-domain windows box
Posted: Mon Apr 23, 2012 10:47 am
by thomasj
Nsclient is running
Firewall exception is set and allowing inbound traffic from the nagios box on port 12489
nsc.ini allowed_hosts is set to the IP address of the nagios box
nsc.ini NSClientListener.dll is uncommented (wasnt previously)
Still not working. "No route to host could not fetch information from server"
Re: Monitor a non-domain windows box
Posted: Mon Apr 23, 2012 11:44 am
by scottwilkerson
After fixing the nsc.ini, you need to restart Nsclient service.
Also, "no route to host" leads me to believe that you don't have the correct IP address for the host in Nagios....
Re: Monitor a non-domain windows box
Posted: Tue Apr 24, 2012 3:58 am
by thomasj
Restarting the service - No joy
The IP address is correct. - Still no joy
Scratching my head
Just thinking in type....
because there is no trust relationship, would there need to be a local "nagios" user on the Windows box (non-domain member)?
Re: Monitor a non-domain windows box
Posted: Tue Apr 24, 2012 9:36 am
by scottwilkerson
thomasj wrote:Restarting the service - No joy
The IP address is correct. - Still no joy
Scratching my head
Just thinking in type....
because there is no trust relationship, would there need to be a local "nagios" user on the Windows box (non-domain member)?
The domain thing shouldn't matter, Nagios doesn't talk to windows directly, it only talks to NSClient.
From your XI machine can you telnet to the client on port 12489 ?
You should see something like this:
Code: Select all
Trying 192.168.5.15...
Connected to 192.168.5.15 (192.168.5.15).
Escape character is '^]'.
If not, you are not able to reach NSClient from the XI machine (like a firewall).