Monitoring and managing Windows with WMI
Monitoring and managing Windows with WMI |
|
|
Enabling monitoring of Windows counters WMI (used by WinTools, resource information selection and Windows performance counters monitoring) is fully enabled on Windows 2003 Server. But you need to perform several operations if you would like to get information from Windows XP Professional, Vista and Windows 7 computers. To speed up the whole operation, we prepared a program (WMIEnable.exe, available from the nVision installation folder) which automatically performs all necessary operations. To enable WMI, just run this program on the remote machine. You can run it from the login script, thus enabling WMI on all Windows XP, Vista and Windows 7 machines in your network at once. If you are using any third party firewall on the remote host, then you also need to open the following ports on your own: TCP 135, 139, 445, 593. To be able to use WinTools or read resources from Windows, keep in mind that the remote system must have exactly the same login credentials (user name and password) as the user logged in on the computer running netTools and nVision. This is due to the limitations of the Home edition. WMIEnable This program enables WMI on the Windows XP Professional and Vista computers. This is exact list of operations performed by this program: 1.DCOM is enabled by setting registry key
2.Remote UAC on Windows Vista is enabled by setting registry key
3.The WMI ports (TCP 135, 139, 445, 593) are opened on the Windows firewall by performing the following command:
4.Access to WMI on Windows Vista is enabled by adding a firewall exception for Windows Management Instrumentation (WMI). 5.Authorization model is set to “Local user authorize as themselves” by setting registry key
In almost all cases the system restart is not necessary and WMI will be enabled right after the program execution, but you can also force Windows system restart after the above parameters are set by running the program with the /restart parameter. The program will not restart the system if it is not able to change system settings. If the WMI is still not working If you have run the WMIEnable program and WMI is still not working, then verify the following: 1.Enter Local Security Settings (secpol.msc /s) and select Local Policies -> User Rights As-signement -> Access this computer from network. Check if all necessary users/groups are added here. At least the Administrators group or Administrator should be present. 2.Enter Group Policy (gpedit.msc) and select Windows Settings -> Security Settings -> Local Policies -> Security Options -> Network access: Sharing and security model for local accounts. Set this option to Classic – local user authorize as themselves. 3.Check if WMI is operational by running the wbemtest command. WMI is running if this program can run properly. 4.Check if the following services are running: Memory leaks with outdated Rpcrt4.dll If monitoring Windows counters, please make sure that you have the latest Rpcrt4.dll installed. All previous versions cause serious memory leaks in the system, which can lead to a system crash. This problem is described by Microsoft at http://support.microsoft.com/?kbid=911262. Your Rpcrt4.dll should have the following version (or higher):
Problem of RPC calls and high-numbered ports By default, a RPC call uses ports from the one-time use range (1024-5000) during assigning ports to RPC application for listening in the TCP end point. Such behavior may limit access to these ports, and cause trouble in operating with nVision Agents. Information on how to configure a RPC call to use secure ports and facilitate port protection can be found at http://support.microsoft.com/kb/908472. Connecting between different operating systems You cannot connect to a computer that is running a Starter, Basic, or Home Windows edition. More information: |