SYSTEM OPERATIONS [Michel Kamp]

This Is My Last BLOG Post

Hello bloggers,

This will be my last blog post by and for Info Support.

I will be blogging in the future on www.scug.nl the Dutch System Center User Group or on a other blog site. (Just search for my name on the internet)

Hope you enjoyed the blogs post i have written.

See you later.....

Michel

Posted Wednesday, July 04, 2007 11:19 AM by michel kamp | (Comments Off)

Filed under: thee nd

Feeling lucky today?. Due to a feet operation I’m in recovery at home. So my mind was spinning to do something. I was always wondering why there wasn’t a ORACLE management pack for MOM. Of course you could buy one form Netiq example , but the complete version will have more overhead that you want (I tried it). No I want a FREE and simple one!.

Ok so you’re lucky, here’s the free oracle MP.

I’m NOT a oracle expert so there maybe missing some checks but it’s a start. If you give me some remarks then I have a look at it.

What does it for all oracle instances:

- it monitors the oracle alert files. And report the important ORA-xxx messages and oracle text messages. (last one disabled by default).

- it monitors oracle NT services state changes.

- it collects important performance counters from the instances. (v$ views)

- It monitors the free space on tablespaces. And report if below 25% free.

- Oracle instances discovery. Automatically finds all instances and SIDs in all homes.

Configuration:

To use all the monitor features you must do a little configuration on the oracle instances and the mp.

At the oracle servers:

1. Change the alertlogfile locations. (no shutdown required)

1) open the enterprise manager login to the instance under system sysdba

2) go to configuration -> all initialization parameters

3) Change the “background_dump_dest” to “c:\oracle\alertlogs” You can change this path but then you have also to change the MOM alert log file provider.

4) Then apply.

5) Do step 1 .. 4 for every instance you have running on any server.

Now all the alert logs are written to a standard location. This is needed because the

Path of the “MOM application log provider” cannot be dynamically configured.

2. Install the ORACLE ODBC driver and client tools (connectivity) on the oracle servers.

3. The performance and table space check use a oracle account to login. You specify this at the respond rules. I use the system user for this. But better is to create a special account for this. If you do be sure it can read the sys.v$ views and the tablespace table.

At the mom oracle mp:

Import the MOM ORACLE MP
change the user and passwords of the respond script of the rules:
[MITS] ORACLE\ [MITS] ORACLE CHECKS\ [MITS] Collect Oracle free tablespace info
and
[MITS] ORACLE\ [MITS] ORACLE PERFORMANCE V$ COLLECTIONS\*
change the path of the “providers\[MITS] oracle alert log files” provider to the location you have changed in step 1 “change the alertlogfile locations”
change or create more alert rules for notification.
do a commit.

That’s all.

What you will see at the operator console:

Open the mom operator console go to the “Alerts\[MITS] Oracle” folder.

Open the mom operator console go to the “Performance\[MITS] Oracle” folder.

There should me more views created but it’s a start.

Hope you enjoy this MP.

Download at : http://blogs.infosupport.com/files/folders/10895/download.aspx

Michel Kamp

Posted Thursday, November 02, 2006 1:57 PM by michel kamp | 6 Comments

Filed under: MOM 2005, MOM Management Packs (MP), Oracle

PART 1: AXIOS ASSYST MOM PRODUCT CONNECTOR

Why:

We are using Assyst as our helpdesk tool. If MOM detects a critical error this must be logged as a Assyst call. Now we are doing this manually. I always wondered why there was no MOM product connector for ASSYST. Yesterday I could not wait anymore for it so I have build one my self.

What is it:

The first release will be one build on the MPC SDK example and will be a basic one-way connector and a ASSYST webservice.

How this works:

The new alert is generated in MOM. You evaluate it if this should be logged into ASSYST. You change the resolution state to "Log to Assyst". The MPC will now do a webservice call to the Assyst webservice. This webservice will make a Assyst incident using the ACLI (from Assyst) interface. The ACLI returns the incident number. The MPC receives the incident number and saves this in the MOM alerts "ticked id" field. At last the MPC changes the resolution state to "level 1:.... assigned...".

Status:

Yesterday I complied ,installed and tested the ASSYST MPC. And it works!!! Now I have to put in some error handling.

Download:

In part 2 I will post the setup package. Please let me know if you like this worked out idea.

Michel Kamp

Posted Wednesday, October 11, 2006 10:19 AM by michel kamp | 4 Comments

MOM MP: Basic Windows Security check

Due to account policy's we forbid administrators to logon with specific domain admin accounts or with the local administrator accounts. Also wanted was a security audit to lookup or monitor possible attacks.

To do this I've written a simple security management pack. That collects all security events and generate alerts when a logon fails 3 times within 3 min , account rights are changed and when a local administrator, specific admin account logon (successful) is detected.

Pre-installs:

1 Import the security MP into MOM. Its by default assigned to all windows servers.

2 Change the domain audit policy to "audit account logon events" , "audit logon events" and "audit account management" to value "Success,Failure". Change also for the Evenlog policy that your eventlogs are min 20Mb big. AND THAT OVERWRITE IF NEEDED IS ACTIVATED. MOM will be fast enough to store the evens in the database before the will be overwritten in case of a flush attack. Otherwise your system will go in HOLD status. (and that's not what you want)

3 Deploy your policy.

4 Change the rules to the admin accounts you want to monitor. Rule "[MITS] SECURITY ISSUE ALERT ON [Logon/Logoff admin_xxx]" -> "criteria" property "user name" to what specific account you want to monitor. For multiply accounts you can also use a regexpression for this.

5 Do a MOM commit.

6 Open the operator console and go to the "security views" There must be events in it.

To do:

- I'm working on a datawarehouse report that will analyze the events.

Be aware:

That your onepoint db will grow faster.

That the mom datawarehouse db will also grow faster.

So make source there enough space in it.

You can download the MP HERE:

Michel

Posted Thursday, September 14, 2006 6:36 AM by michel kamp | 1 Comments

Filed under: MOM 2005, MOM Management Packs (MP)

PART 2: Mass MOM rule Editor

Ok did some coding today.

There's the first real build. !!!!

Please test it NOT on production ;-)

Don't except error handling in this version.

The tool is quite easy to understand.

1. Run the exe on you MOM server (with the MOM SDK installed).

2. Press on "Get MPs". And wait.

3. Navigate to your rule group. You can rightmouse click to do the actions enable/disable all rules or selected rule group.

4. If there are rules in the rule group they are displayed in the rule list.

5. Select the rule you want to change. For now you can only change : disable/enable the rule and the CompanyKnowledge fields.

6. Press the update rule(s) button to process the changes. Only the selected rules will be processed.

7. OR if you want to set a value for all the selected rules you can fill in the value in the rule detail box and then press the mass rule update button.

Please give me some feedback on this tool!!!!

see for the download: MassMOMRuleEditorV1

see below for some screen shots.

Have fun with it Michel

Posted Thursday, September 07, 2006 9:42 AM by michel kamp | 7 Comments

PART 1: Mass MOM rule Editor

OK. I was I a situation that I had about 200 rules that must be disabled. The only way to do this is:

1. By hand one by one with the administrator console

2. Do a non supported SQL update

3. Use the MOM SDK

Of course I did step 3. And the MassMomRuleEditor is born. I'm still working on it but the tool is getting some body. What the MassMomRuleEditor must do is:

Wanted features:

1. View the MPs

2. Disable/enable MP rule group(s)

3. Disable/enable MP rule(s) . All or only the selected.

4. Display information on a rule or rule group

5. Edit the rule. Name , Knowledge , criteria etc.

6. Backup (export) a rule/ rule group.

7. some of version control using Microsoft visual source safe.

Steps % completed:

step 1 : 100%

step 2: 100%

step 3: 90%

step 4: 90%

step 5: 10%

step 6: 0%

step 7: 0%

To tease you I have posted a screen shot below. I will post the tool if I have a feeling it is stable.

Meanwhile you are free to give me some comments on wanted features.

SO KEEP LOOKING AT THIS BLOG SITE

massmomruleeditor

Posted Wednesday, September 06, 2006 6:09 AM by michel kamp | 1 Comments

Filed under: MOM 2005

MP: Sophos v4

Yesterday I needed some rules to check Sophos Virus scanner on our corporate network.

So I made an first version to monitor Sophos Version 4.x

You can Import it into MOM and it will automatic find the sophos enabled servers. See also the Alert and event view. In this version I have only enabled the most critical event rules.

You are free to change it , please inform me also when what you have changed. So we can come to a next version.

Have fun with it!

Michel

Download sophos v4 MOM management pack

Posted Tuesday, September 05, 2006 9:53 AM by michel kamp | 2 Comments

Filed under: MOM 2005, MOM Management Packs (MP)

HOWTO: bulk export / import MOM management packs

Hi,

As a MOM system administrator / consultant I have visited many customers that don't backup the MOM MPs. The say "why? I'm making a SQL onepoint backups , this should do it....” Personally I'm not a big pro on restoring the complete onepoint db if you lose or miss-change a MP. So the mom SDK has some tools to export / import MPs from the command line. The only problem is that this tool only processes 1 rule group at the time. I've written a c# program that solves this problem. This is a simple way to export (backup) your MPs. I use the tool for one reason more: I'm using the MOM to MOM product connector to forward alerts from a co hosting MOM locations to our main MOM location. This requires you to have the same MPs on both sites. My tool has a Import feature as well. So you can make a co-site export and import to the main site in one step.
So if you want to make only a export (for backup resons) you make the source and destination server parameters the same. The tool then only exports the MPs to the given directory. If you fill in a different destination server the tool will imports the exported MPs one by one on the specified server. The tool also export / imports all the RULES , VIEWS , TASKS.

Command line usage:
ExportImportMP.exe <source mom server> <dest mom server> <dest path>

requirements:
- Dot Net 1.1 framework installed
- MOM SDK installed
- must exists:\Program Files\Microsoft Operations Manager 2005\ManagementModuleUtil.exe
- execute on the MOM server.

I will share the code. This is a quick programming project , so do not except to much:
(You can download the project from the download section on this blog server)

It is build of 3 parts.
Part one reads out the command line arguments and is creating a MOM management object.

System.Diagnostics.Process proc = new System.Diagnostics.Process();
     string arguments;
     string SourceSrv;
     string DestSrv;
     string DestDir;
     if (args.Length != 3)
        {
       Console.WriteLine("Error invalid arguments");
          Console.WriteLine("VERSION : 0.9");
          Console.WriteLine("Michel Kamp. 2006");
          Console.WriteLine("Usage: ExportImportMP <source mom server> <dest mom server> <dest path>");
          Console.WriteLine("Description: Export and import MOM MPs with the ManagementModuleUtil.exe");
          Console.WriteLine(@"Description: besure C:\Program Files\Microsoft Operations Manager 2005\ManagementModuleUtil.exe exsists");
          Console.WriteLine("HINT: If the Source and destionation is the same then no import will be done. This is usefull for making an backup. ");
       Environment.Exit(-1);
        }
     SourceSrv = args[0].ToString();
     DestSrv = args[1].ToString();
     DestDir = args[2].ToString();
     Console.WriteLine("ExportImportMP " + SourceSrv + " " + DestSrv + " " +DestDir );
     Administration admin = Administration.GetAdministrationObject();
     RuleGroupsCollection rgs = admin.GetRuleGroups();

Part 2 does the export

foreach (RuleGroup rg in rgs)
{
Console.WriteLine("Export RULES: " + rg.Name);
Console.WriteLine("DestDir: " + DestDir);
arguments = " -O " + SourceSrv + " {" + rg.Id.ToString().ToUpper() + "} " + "\"" + DestDir + @"\" + rg.Name + @".AKM" + "\"" + " -W";
proc.EnableRaisingEvents=true;
proc.StartInfo.FileName=@"C:\Program Files\Microsoft Operations Manager 2005\ManagementModuleUtil.exe" ;
proc.StartInfo.Arguments=arguments;
Console.WriteLine("Processing :" + proc.StartInfo.FileName + " " + proc.StartInfo.Arguments);
proc.Start();
…….

Part 3 does the import

if ( SourceSrv != DestSrv )
            {
            Console.WriteLine("IMPORT: " + rg.Name);
            arguments = " -I " + DestSrv + " \"" + DestDir + @"\" + rg.Name + ".AKM" + "\" -F";
            proc.EnableRaisingEvents=true;
            proc.StartInfo.FileName=@"C:\Program Files\Microsoft Operations Manager 2005\ManagementModuleUtil.exe" ;
proc.StartInfo.Arguments=arguments;
            Console.WriteLine("Processing :" + proc.StartInfo.FileName + " " + proc.StartInfo.Arguments);
            proc.Start();
            proc.WaitForExit();
            }

Hope you can use it. If not please let me know why and what’s missing.

You can download the project from the download section on this blog server

Michel Kamp

Posted Friday, September 01, 2006 6:02 AM by michel kamp | 2 Comments

Testing and developing MOM scripts outside MOM.

Here’s a simple and good working solution to test and develop your mom scripts without buying MP studio enterprise.

1) Install Visual studio 2003 or Visual studio 2005

2) Install the “responsetest.exe” from the “MOM resource tool kit 2005 sp1”

3) Create a “empty” solution as “test mom scripts”

(and you would add it to sourcesafe also ;-) )

4) Create a “empty” project as “mom vbs”

5) Add a new “vbscript” item , name it “test1.vbs”

Fill it with example code:

set oEvent = ScriptContext.CreateEvent

oEvent.EventNumber = 1

oEvent.EventSource = "SampleScript.txt"

oEvent.Message = “This is a event. Prameter is :” & ScriptContext.Parameters.Get(“Test Param”)

ScriptContext.Submit oEvent

6) Create a file “test.cmd” in the project directory

Fill it with the batch code: (make sure your path to the responsetest.exe is correct)

:: Enter the name below of the script your editing (NO .vbs !)

set MOM_SCRIPT=test1

set MOM_RESPONSE=%MOM_SCRIPT%_RESPONSE.xml

set MOM_CONFIG=%MOM_SCRIPT%_Config.xml

"C:\Program Files\Microsoft Operations Manager Resource Kit\Tools\Response Test Utility\ResponseTest.exe" /q /d /out:%MOM_RESPONSE% /script:%MOM_SCRIPT%.vbs /config:%MOM_CONFIG%

7) Add the existing item file “test.cmd” to the project.

8) Add an new XML Item named “test1_CONFIG.XML”

Fill it with the parameter info that will be used for calling the mom script.

9) Now edit the “mom vbs” project properties.

· Click the “configuration manager”

· Create a new configuration. Name it “MOM response via test.cmd”. then close.

· Under “common properties” change the “output type” to “class library” . then Apply

· Under “Debugging” change the “start application” to “c:\windows\system32\cmd.exe”. then apply

· Under “Debugging” change the “command line Arguments” to “/t test.cmd”. then apply an OK.

If you done this all you can now press F5 and it will run the test1.vbs code. The output is stored in the directory where you installed the responsetest.exe and is named “test1_RESPONSE.xml”. Drag this file into your project and set the view mode to DATA. Now you will see all the events (1) that the MOM script “test1.vbs” will create if it runs in MOM.

!!!! Be aware that all vb code is executed in real. Only the mom events / performance events are simulated !!!!!!!

Here some action screen shots:

Editing the MP:

Editing the parameters:

Viewing the results:

Posted Friday, July 21, 2006 2:10 PM by michel kamp | (Comments Off)

MOM 2005 MOBILE PHONE OPERATOR CONSOLE

MOM 2005 MOBILE PHONE OPERATOR CONSOLE

Yesterday I’ve managed to get the mom mobile phone console working. So what you say… Ok look at the source . It is in Chinese language and Microsoft says the wont bring out an English version. . After what testing I figured out that you can change it to English easily. Because they used resource files and the programmed it also (??) for the English language you can change the language to English in the web.config.

Here are the steps I’ve taken:

Download the “mom2005Mpc.exe” at http://www.microsoft.com/japan/mom/evaluation/mpc.mspx
Download and Install the “mobile components update 4.0” from http://www.microsoft.com/downloads/details.aspx?FamilyId=02FA15FE-40D9-4DCE-9BB1-4DD61A5B7CCB&displaylang=en
Install the “mom2005Mpc.exe” . Just click the buttons you normally will click. Choose all the programs to install. The setup will create 2 websites on the given ports (default 1280 and 1281). It will also create an database MOMMPC on the database server you selected during the install. This database will contain 3 tables and stored procedures needed for the web service to authenticate the mobile devices.
Connect to the mobile phone console website http://localhost:1280/default.aspx You will see this in Chinese….
Change for the MobilePhoneConsole website the web.config as following. Search the text “DefaultLocaleId” and change the value to 1033. This is English US. Now we are almost there.
Connect again to http://localhost:1280/default.aspx . You will see this in English. Log on with a correct user that has mom privileges. I used the local administrator. Now you will see the “device not approved” message.
Go to the SQL server where the database MOMMPC and tables are created. Go to the table “MPChwId” . Query the table. You will see an entry in it . Change for al rows the vaule from the column “IdStatus” to 2. And change the “LocaleId” to 1033.
Connect to http://localhost:1280/default.aspx And you will see it WORKS!!

Have fun with it.

Michel

Posted Wednesday, June 14, 2006 11:47 AM by michel kamp | 11 Comments

Filed under: MOM 2005

MOM 2000/2005 WAP Operator Console is born!.

MOM 2000/2005 WAP Operator Console is born.

Past week I had a great idea. We are now sending SMS alerts to our standby phone. This is working O.K but the problem was that the standby operator was getting multiply SMS parts because the alert message was longer than 160 chars. I had to figure out to get a fast and costless solution for this. I thought about this:

1) Get a XDA or PDA smart phone.

Send the alert as email to the standby operator mail box. Since Exchange SP2 you are getting right-on your messages.

Problem: You must have a XDA/PDA smart phone and an GPRS/UMTS connection.

2) Get a XDA or PDA smart phone.

Connect with the PDA internet explorer to the MOM web operator console and browse the alerts/events.

Problem: The web console is not written for a PDA screen resolution. So you are spending more time clicking on the scroll bars than reading you alerts.

3) Get a XDA or PDA smart phone.

Connect with the PDA internet explorer to the MOM Mobile operator console and browse the alerts/events. Seems the perfect solution. BUT….

Problem: Yea sure , Microsoft hasn’t writing one yet. They have indeed written one but that’s a Chinese version. (by the way : I have the source code , and I’m trying to translate this one…)

4) OR… You’re using your old Nokia phone (with WAP function)

So now we still send 1 SMS to this phone. This SMS is only saying that a “source” is in service unavailable state. The operator then connects with WAP to the MOM operator WAP console. Read the Alert information and browse other alerts/events.

Option 4 is the solution I’m going to explain. This one is written in 30min and installed in 5min. You don’t have to get to your boss and ask for a XDA/PDA investment, just use your old WAP compatible phone. I have written this one in my private time so I will share some code.

Short steps I’ve taken:

Open a new project in visual studio named: Mobile Web application
Drag a new form on it.
Drag a Object List on this form
Drag 3 buttons on it. (or more)
Name the button: SU alerts , CE alerts , Error Alerts etc..
Click on the (example CE alerts) button and assign a action.
The action is a procedure I will explain below. For now just fill in this code:

private void Command2_Click(object sender, System.EventArgs e)

{

try

{

// ResolutionState=0, Severity=70 critial error

GetAlerts(0,70);

}

catch(System.Exception err)

{

Label1.Text = "Fatal error : " + err.Message;

}

Now we are getting to the main part of this console. The Getalerts() procedure.

This procedure is for now using the (old unsupported?) MOM WMI interfaces. But you can however simple use the SDK MOM SQL views for this. That’s up to you!. I’m using for now the WMI MSFT_Alert interfaces to retrieve the alerts with a specific resolution state.

Here’s the code:

private void GetAlerts(int ResolutionState, int Severity )

{

try

{

string sMOMserver = ".";

ManagementScope scope = new ManagementScope("\\\\"+ sMOMserver +"\\root\\mom");

// display where to get the data

Label2.Text = "MOM " + sMOMserver;

// Create a DataSet (only needed if you want to save to XML )

System.Data.DataSet ds = new System.Data.DataSet();

// Create a DataTable to hold our results

System.Data.DataTable dt = new System.Data.DataTable("Alerts");

// Add the table to the dataset

ds.Tables.Add(dt);

// Create columns for our data

dt.Columns.Add(new System.Data.DataColumn("DateTime", typeof(DateTime)));

dt.Columns.Add(new System.Data.DataColumn("Type", typeof(String)));

dt.Columns.Add(new System.Data.DataColumn("Name", typeof(String)));

dt.Columns.Add(new System.Data.DataColumn("Message", typeof(String)));

scope.Connect();

ObjectQuery query= new ObjectQuery("Select * from MSFT_Alert where ResolutionState=" + ResolutionState.ToString() +" and Severity= " + Severity.ToString() );

ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query);

DateTime TimeLastModified = new DateTime();

// Loop through each item in the collection

foreach( System.Management.ManagementObject queryObj in searcher.Get() )

{

// convert the WMI datetime to a GM date time

TimeLastModified = ManagementDateTimeConverter.ToDateTime(queryObj["TimeLastModified"].ToString());

// Add a row of data to our table

dt.Rows.Add(new object[] {

TimeLastModified,

queryObj["Severity"],

queryObj["Name"],

queryObj["Description"] } );

}

Label2.Text = "ROWS: " + dt.Rows.Count.ToString();

// sort on datetime

DataView dv = new DataView(dt);

dv.Sort = "DateTime DESC";

ObjectList1.DataSource = dv;

ObjectList1.DataBind();

}

catch(ManagementException err)

{

Label1.Text = "An error occurred while querying for WMI data: " + err.Message;

}

catch(System.UnauthorizedAccessException unauthorizedErr)

{

Label1.Text = "Connection error (user name or password might be incorrect): " + unauthorizedErr.Message;

}

catch(System.Exception err)

{

Label1.Text = "Fatal error : " + err.Message;

}

9) Now you build the project and deploy it on your MOM server. This is a WEB project so it must be deployed as a IIS web application.

10)Open a internet explorer and browse to the IIS application site you have created. And now you must see the create WAP site. If so. Then you’re ready to test it with the WAP phone.

11)Open with the phone the WAP URL. I’ve created a bookmark so it can be request easily.

This is it up to now. You can easily extend this MOM WAP console and even get a trend performance graph in to it… But that’s up to you.

Hope this helps..

Any questions are welcome…

Michel

See for project download:

http://blogs.infosupport.com/files/folders/11170/download.aspx

Posted Sunday, March 12, 2006 10:15 AM by michel kamp | 5 Comments

Filed under: MOM 2005

[HOWTO] Installatie SNMP op de MOM management server

Sorry , only in Dutch. Use AltaVista's Babelfish to translate

1.1 Installatie SNMP op de MOM management server

Voor dat SNMP in combinatie met MOM gebruikt kan worden op Windows 2003 moet er een aantal onderdelen geïnstalleerd en geconfigureerd worden. SNMP in combinatie met MOM werkt via een WMI interface. In het kort is de werkwijze alsvolgt:

Een SNMP device heeft een aantal counters welke uit gelezen kunnen worden. De counters kunnen via een O.I.D (object indentifier ) uitgelezen worden. Een OID is een cijfer reeks gescheiden door punten. ( bijvoorbeeld: 1.0.2.3.42 ). Aangezien zo’n OID niets zeggend is maakt men gebruik een mapping naar echte namen . Deze koppeling tussen OID en een naam wordt in een MIB file gezet. Op deze mannier kan men via een SNMP object naam de counter opvragen. MOM heeft standaard niet de mogelijkheid om via een SNMP reader direct een SNMP device uit telezen. Dit wordt opgelost door een WMI SNMP Provider. Deze WMI provider werkt als een soort Proxy. Men kan dus direct een WQL query lost laten op deze WMI class zonder enige SNMP MIB kennis te hoeven hebben. De WMI SNMP provider zal de SNMP object gegevens ophalen en deze als een WMI class terug geven. Voor dat dit goed gaat werken moet er in WMI nog wel de MIB definities omgezet worden naar MOF definities. (omdat WMI alleen met MOF werkt). Je maakt als het ware een transformatie van de MIB naar MOF classes. Dit moet men doen met de Smi2smir compiler. Indien de translatie goed is gegaan moet de net gegenereerde MOF file in WMI gezet worden met het Mofcomp commando. Nu zijn de WMI MOF classes aanwezig maar nog niet via de normale WQL aanroep bruikbaar. De WMI SNMP provider weet namelijk nog niet welke device uitgelezen moet worden. Dit moet men aangeven in de context van de WMI connectie welke op 2 mannier uitgevoerd kan worden. Via een WMI namespace of in het WMI connectie object zelf. De meest gemakkelijke methode is deze op te nemen in het WMI connectie object.

De onderstaande procedures beschrijven de installatie en configuratie.

1.1.1 Installatie WMI SNMP provider.

Voer uit op de MOM management server.

Via de Control Panel, selecteer Add/Remove Programs.
Selecteer Add/Remove Windows Components, daarna Windows Components Wizard, en selecteer Management and Monitoring Tools.
Selecteer Simple Network Management Protocol en de WMI SNMP Provider, en druk op OK.

1.1.2 SNMP Security instellen

Na dat de installatie is uitgevoerd is de management server dus niet alleen een WMI SNMP proxy maar ook een SNMP device/trap receiver. Dit laatste kan een security issue zijn. Dus moeten we onder andere de Community string aanpassen.

Selecteer Computer Management -> Services -> SNMP Service -> Security.

Voeg toe in de “accepted community names” table:

Public met rights READ ONLY. Is alleen voor test noodzakelijk. Aangezien we de management server in ‘productie’ niet gaan uitlezen met als SNMP device. Daarvoor hebben we immers WMI.

Activeer de “Accept SNMP packets from any host”. Zodat we ook de SNMP TRAPs kunnen ontvangen.

1.1.3 Aanmaken WMI SNMP namespace.

Voordat de SNMP proxy provider weet van welk device deze de gegevens moet uitlezen, moet er een content namespace aangemaakt worden. Voer de onderstaande code uit mbv mofcomp . Je kunt deze actie , na aanpassing van de gegevens , voor elk SNMP device dat je wilt uitlezen uitvoeren , maar ook kun je in de programma code zelf deze gegevens dynamisch aanpassen. (voorkeur)

// Load classes and instances into <\\.\root> namespace

#pragma namespace("\\\\.\\root\\snmp")

[

AgentAddress( "localhost" ),

AgentReadCommunityName( "public"),

AgentWriteCommunityName( "private"),

AgentRetryCount( 1 ),

AgentRetryTimeout( 500 ),

AgentVarBindsPerPdu( 10 ),

AgentFlowControlWindowSize ( 3 )

]

instance of __Namespace

{

Name = "localhost" ;

};

blog community