Documentations

Configure supervision requirements on Windows devices

On the page

Need some help?

Objective

The objective of this document is to describe the prerequisites to be implemented on a Microsoft Windows device in order to allow its supervision by SNMP and WMI protocols with ServiceNav.

This procedure is applicable for Windows Server versions from 2003 onwards.

SNMP

This article describes step-by-step how to configure the Simple Network Management Protocol (SNMP) service. It describes how to configure SNMP agent properties and SNMP security.

Installing SNMP functionality

On version 2003, get the Windows installation CD to install SNMP.

Starting with Windows 2008 version, SNMP is a feature, which is installed as shown below :

Adding a Windows feature

Added Windows 2 functionalitySelect the SNMP Service functionality. Functionality Supplier WMI SNMP is useless. Then click on Next.

Functionality - SNMP ServiceThen click on Install. Wait until the installation is complete and proceed to the next step.

 

SNMP configuration

The configuration of the SNMP Service is done from the services console.

Open from home (on Windows 2012 server) the application of the Administration tools.

Windows Home - Administrative ToolsThen select the application Services.

Windows Service - SNMPTo open this application, you can also run services.msc from the Start > Run on Windows 2008 prompt.

Right-click in the list of services at SNMP Service then select Properties :

SNMP Service - Properties 1Click on the tab Agent.

Under ServiceIf you are using a computer that is not connected to the Internet, select the checkboxes next to the services your computer provides. The service options are as follows:

  1. Physicsindicates whether the computer manages physical devices, such as a hard disk partition.
  2. Applicationsindicates whether the computer is using programs that send data via the TCP/IP protocol.
  3. Data link and subnetworkindicates whether this computer manages a subnetwork or a TCP/IP data link, for example a bridge.
  4. InternetIP Gateway: Indicates whether this computer is acting as an IP gateway (router).
  5. End to endindicates whether this computer is acting as an IP host.

Click Apply.

SNMP Service - Properties 2

Click on the tab Security.

In the Accepted community namesclick on Add... then enter the name of the community and the associated right. The right READING ONLY is enough. The name of the SNMP community is case sensitive. It is advisable to use the same community name for all servers.

Then click on Add.

SNMP Service - Properties 3

Then specify the IP address of the supervisor authorized to perform SNMP accesses on the server.

Click on Accept SNMP packets from these hostson Addand then type the host name, IP address, or IPX address in the Host name, IP or IPX address.

  1. Click on Add.
  2. Click on OK.

SNMP Service - Properties 4

Then click on OK to validate the configuration.

SNMP Service - Properties 5

Restart the SNMP service to take into account this configuration, by right-clicking on SNMP Service in the list and then select Restart.

SNMP Service - Restart

 

WMI

Creating the user in Active directory

Create a domain user dedicated to monitoring in your Active Directory domain.
Create the user and place him in a security group dedicated to supervision, for example Windows Monitoring.

Add user to local group Performance Analyzer UsersPerformance Monitor Users.
This operation can be performed by GPO on the whole domain or on the target machines, by editing the following object :

Right click on Add a group. Select the group Windows Monitoring.

Once added, a window opens. In the bottom section ("This group is a member of"), click on Add... . Select the group Performance Analyzer Users. In doing so there will be no impact on users or groups already members of the group. Performance Analyzer Users on each server where GPO will be applied. You must view this result in your GPMC editor:

Access Verification

Carry out a census with ServiceNav: this will allow you to check whether the WMI user used to carry out the census has remote access rights to WMI. The census queries the WMI class Win32_OperatingSystem with the user provided.

 

Supervision of Windows services via WMI

Only a domain administrator user or a user from the group Directors local Windows device can query the status of Windows services with WMI. The following procedure explains how to configure a domain user to be part of the local group Directors of the Windows equipment without the possibility of connecting to this equipment.

This section describes in an Active Directory context how to :

  • place the user in the local group Directors of each equipment
  • Prevent the user from logging on to the equipment in console mode and Remote Desktop mode.

This can be done by modifying the GPO previously created on the Business Unit Analyst.

Right click on the group Windows Monitoringand then on Properties.

In the bottom section ("This group is a member of"), click on Add... . Select the group Directors.

Now you must get this:

Click on OK.

GPO item to be created to prevent the user from logging on to the equipment in console mode and Remote Desktop mode :

 

 

This may also be of interest to you

2 - How to supervise an Azure environment

Office365-Generic : supervise your Office 365 subscription via APIs

Configuring WinRM on a windows device

en_USEnglish
fr_FRFrench en_USEnglish

Welcome to ServiceNav!

Need help? More information about our products? Write to us!
You have taken note of our privacy policy.

[COVID - 19 ] - TELEWORKING, TARGET AVAILABILITY 100% !

While the epidemic lasts, ensure the availability and performance of your IT services for teleworking, with ServiceNav!

Following the government's call to mobilize to help businesses overcome the current health and economic context, we help you, free of charge, to ensure the complete monitoring of your teleworking environments: VPN, VDI, Teams, Skype Enterprise, Citrix... Objectives: collection, availability and usage indicators, dashboards to support your communication.
We use cookies to ensure that you have the best possible experience on our site, and if you continue to use this site, we will assume that you are satisfied with it.

Reserve your place

You have taken note of our privacy policy.