Nagios Support Forum

I am using Nagios XI 2011R3.2 and I am trying to use the Windows WMI wizard. I can add the host but when I check service detail all services but ping have the following error: ‘UNKNOWN - The WMI query had problems. You might have your username/password wrong or the user's access level is too low. Wmic error text on the next line.’ On one of the screens I did get this detailed info: ‘[librpc/rpc/dcerpc_util.cdcerpc_pipe_auth_recv()] Failed to bind to uuid 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57 - NT_STATUS_NET_WRITE_FAULT
[librpc/rpc/dcerpc_connect.c:790:dcerpc_pipe_connect_b_recv()] failed NT status (c0000022) in dcerpc_pipe_connect_b_recv
[wmi/wmic.c:196:main()] ERROR: Login to remote object.
NTSTATUS: NT_STATUS_ACCESS_DENIED - Access denied’

I tried using the local admin of the server, I tried a domain admin, I tried a domain user that I added to the local admin group, they all come back with the same error. I found a Nagios article detailing the permissions needed but said you could skip them if you used a user in the local admin group. Let me know if you need more info.

kruserm,

By default, local admin account should have access to the CIMV2 namespace used for WMI querys.

One way to test, is to use WBEMTEST on your windows machine.

start > run > WBEMTEST

connect > Namespace = \\<ip address of remote windows machine>\root\cimv2

User: <some admin account>
Password: <some password>

regards,

-Yancy

I used WBEMTEST and I was able to access the same server without any issues. When I add it to Nagios I get the error I stated in post 1 using the same credentials I used for WBEMTEST. In the WBEMTEST I was able to connect using both local admin and domain admin, for the domain admin I was able to use 'domain\user' and 'user'. In Nagios when I tried to do the different user combinations they all fail with the same error.

Do you have any other suggestions?

kruserm,

Are you specifying a domain when querying WMI? If so, use domain "/" not domain "\".

for example

./wmic -U pluto.nagios.org/administrator%p@ssword123 //192.168.5.166 "select * from Win32_ComputerSystem"

The domain in this example is pluto.nagios.org


Regards,

-Yancy

That did the trick. One last question, is there a way to hide the password so it is not in clear text?

kruserm,

You can specify an authenticaion-file with the -A flag. That would effectively hide the username and password.


-Yancy

After hours troubleshooting finally this simple trick "/" worked for me as well.
Thank you

yancy wrote:kruserm,

Are you specifying a domain when querying WMI? If so, use domain "/" not domain "\".

for example

./wmic -U pluto.nagios.org/administrator%p@ssword123 //192.168.5.166 "select * from Win32_ComputerSystem"

The domain in this example is pluto.nagios.org


Regards,

-Yancy

Thanks for the tip!

Locking due to age.