Documentations

Configure monitoring requirements on Windows devices

On the page

Do you need help?

Objective

This document aims to describe the prerequisites to be implemented on a Microsoft Windows device in order to allow its monitoring by SNMP and WMI protocols with ServiceNav.

This procedure is applicable for Windows Server versions from 2003.

SNMP

This article describes step by step how to configure the Simple Network Management Protocol (SNMP) service. It describes how to configure SNMP agent properties and SNMP security.

Installation of SNMP functionality

On the 2003 version, you need the Windows installation CD to install SNMP.

Starting with Windows 2008, SNMP is a feature, which is installed as shown below:

Adding a Windows feature

Added Windows 2 functionalitySelect the SNMP service functionality. The functionality WMI SNMP Provider is unnecessary. Then click on Next.

Functionality - SNMP ServiceThen click on Install. Wait until the installation is complete and then proceed to the next step.

SNMP configuration

The configuration of the SNMP service is done from the services console.

Open from the home page (on Windows 2012 server) the Administration tools.

Windows Home - Administrative ToolsThen select the application Services.

Windows Service - SNMPTo open this application, you can also run services.msc from the Start > Run prompt on Windows 2008.

Right-click in the list of services on SNMP service then select Properties :

SNMP Service - Properties 1Click on the tab Agent.

Under ServiceIf you are using a computer with a computer with an Internet connection, select the checkboxes next to the services your computer provides. The service options are as follows:

  1. Physicsindicates whether the computer supports physical devices, such as a hard disk partition.
  2. ApplicationsTCP/IP: indicates whether the computer uses programs that send data via the TCP/IP protocol.
  3. Data link and subnetworkindicates whether this computer manages a subnet or a TCP/IP data link, such as a bridge.
  4. Internetindicates whether this computer acts as an IP gateway (router).
  5. End to endindicates whether this computer is used as an IP host.

Click on Apply.

SNMP Service - Properties 2

Click on the tab Security.

In the area Accepted community namesclick on Add to the list... then enter the name of the community and the associated right. The right READING ALONE is sufficient. The SNMP community name is case sensitive. It is recommended to use the same community name for all servers.

Then click on Add.

SNMP Service - Properties 3

Then specify the IP address of the supervisor authorized to perform SNMP access on the server.

Click on Accept SNMP packets from these hostson Addand then type the host name, IP address, or IPX address in the Host name, IP address or IPX.

  1. Click on Add.
  2. Click on OK.

SNMP Service - Properties 4

Then click on OK to validate the configuration.

SNMP Service - Properties 5

Restart the SNMP service to take this configuration into account, by right-clicking on SNMP service in the list, then select Restart.

SNMP Service - Restart

WMI

Creating the user in Active directory

Create a domain user dedicated to monitoring in your Active Directory domain.
Create the user and place him in a security group dedicated to supervision, for example Windows Monitoring.

Add user to local group Performance Analyzer UsersPerformance Monitor Users.
This operation can be performed by GPO on the whole domain or on the target machines, by editing the following object:

Right click on Add a group. Select the group Windows Monitoring.

Once added, a window will open. In the bottom section ("This group is a member of"), click on Add to the list... . Select the group Performance Analyzer Users. By doing so there will be no impact on users or groups that are already members of the group Performance Analyzer Users on each server on which the GPO will be applied. You should see this result in your GPMC editor:

Verification of access

Perform a census with ServiceNav: this will allow you to check if the WMI user used to perform the census has remote access rights to WMI. The census queries the WMI class Win32_OperatingSystem with the user provided.

Monitoring of Windows services via WMI

Only a domain administrator user or a user in the Administrators The local user of the Windows device can query the status of Windows services with WMI. The following procedure explains how to configure a domain user to be part of the local group Administrators of the Windows equipment without the ability to connect to that equipment.

This section describes in an Active Directory context how to :

  • place the user in the local group Administrators of each equipment
  • prevent the user from connecting to the equipment, in console mode and in Remote Desktop mode

This can be done by modifying the previously created GPO on the domain controller.

Right click on the group Windows Monitoringand then on Properties.

In the bottom section ("This group is a member of"), click on Add to the list... . Select the group Administrators.

You should now get this:

Click on OK.

GPO element to create to prevent the user from logging on to the device, in console mode and in Remote Desktop mode:

You may also be interested in

How to monitor an Azure environment

Monitor Azure metrics via APIs

azure portal

Azure and Office 365 plugins requirements

en_GB

Welcome to ServiceNav!

Do you need some help? More information about our products? Write to us!
You have taken note of our privacy policy.
We use cookies to ensure the best experience on our site. If you continue to use this site, we will assume that you are satisfied with it.

Reserve your place

You have taken note of our privacy policy.