WMI Poller

To install Windows Get advanced statistics for your device , You need to install WMI Console Application .

install WMIC

In the use of WMI Before the poller , You need to WMIC Install to your Observium On a host .

WMI The source code is fairly old , Many packages can lead to Python There is a problem with the dependency , So using precompiled static binaries is the easiest . Download the following file , Unzip and wmic Binary files are put into /usr/bin

wget https://www.observium.org/files/wmic_1.3.16_static_64bit.tar.gz
tar zxvf wmic_1.3.16_static_64bit.tar.gz
mv wmic winexe /usr/bin

You can rtunning Test whether it can execute on your system wmic --version：

[email protected]:~# ./wmic --version
Version 4.0.0tp4-SVN-build-UNKNOWN
[email protected]:~#

To configure WMI Security to allow users to poll WMI

There are several ways to solve this problem ：

1. Create a domain user and place them where you want to use WMI In the administrators group of all servers polled
2. Use the domain administrator account
3. Create a WMI Private domain user with read permission

choice (1) or (2) It's a test WMI The first choice of , Because it's the fastest . By default ,WMI Security allows any administrator of the system to control . If you are a domain administrator , You can test to ensure that WMIC Work normally immediately after installation （ The explanation is as follows ）.

On the other hand , choice (3) Is a safer but more complex option . It is recommended that you take this route to reduce security risks .

Set up WMI User access rights

1. choice Start > function .
2. stay “ function ” Dialog box “ open ” Type... In the field wmimgmt.msc .
3. single click determine To display Windows Manage infrastructure (WMI) Control panel .
4. stay WMI In the left pane of the control panel , highlight WMI control （ Local ） entry , Right click , And then choose “ attribute ” Menu options . This will show WMI Control （ Local ） Properties dialog box .
5. stay WMI Control （ Local ） Select... In the properties dialog box Security tab .
6. stay Security In the namespace tree within the tab , an Root Folder . This action lists the available WMI The name space .
7. single click CIMV2 Namespace to highlight it .
8. single click Security To display ROOT\CIMV2 Security dialog for .
9. single click “ROOT\CIMV2 The security of ” In the dialog box “ add to ” To display “ Select users or groups ” Dialog box .
10. Add a domain user account that will be used as your proxy data collection user account . This should be a domain account （ Not a local computer account ）, But it does not need to be an account with administrative access .
11. single click “ determine ” close “ Select users or groups ” Dialog box and return to “ROOT\CIMV2 The security of ” Dialog box . The user account you selected should now be listed at the top of the dialog In the name list .
12. Select the newly added user （ If not already selected ） And enable the following permissions ：
    • Enable account

    • Remote enable .

      If the permission has not been checked , Please click on the “ allow ” Box to enable this permission . You should have selected enable account permissions , But you need choice Remote enable jurisdiction .13. single click “ determine ” close “ROOT\CIMV2 The security of ” Dialog box .

It is now time to properly set permissions for the proxy data collection user account .

Try querying on one of your servers

wmic --domain=DOMAIN --user=USER --password=PASSWORD //SERVER.DOMAIN.COM "SELECT * FROM Win32_ComputerSystem"

For command line only ： Please note that , If your password is included in Ubuntu Any character used on the command line , It must be escaped （ namely , If your password is Bob!1000 You need to enter Bob\!1000）.

Output example

When WMIC Properly installed and WMI When the user has the correct permissions , You should see the following valid output ：

$ /usr/bin/wmic  --user='user' --password='password' --workgroup='OBSERVIUM' --delimiter=## --namespace='root\CIMV2' //win.server "SELECT Name FROM Win32_ComputerSystem"
CLASS: Win32_ComputerSystem
Name
WIN

Access denied

If WMI The user does not have permission to read WMI Monitoring parameters , You will see the following error ：

$ /usr/bin/wmic  --user='user' --password='password' --workgroup='OBSERVIUM' --delimiter=## --namespace='root\CIMV2' //win.server "SELECT Name FROM Win32_ComputerSystem"
[librpc/rpc/dcerpc_util.c:1290:dcerpc_pipe_auth_recv()] Failed to bind to uuid 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57 - NT_STATUS_NET_WRITE_FAULT
[librpc/rpc/dcerpc_connect.c:790:dcerpc_pipe_connect_b_recv()] failed NT status (c0000022) in dcerpc_pipe_connect_b_recv
[wmi/wmic.c:196:main()] ERROR: Login to remote object.
NTSTATUS: NT_STATUS_ACCESS_DENIED - Access denied

Check the user name 、 password 、 Domain parameters and WMI User permissions ！

Configure observation

Global configuration

nano /opt/observium/config.php

// Enable default WMI Paramaters
$config['wmi']['domain'] = "domainname"; // NetBIOS Name Shorthand Domain/Workgroup (ie. notdomain.local.com)
$config['wmi']['user'] = "username";
$config['wmi']['pass'] = "passw0rd";

$config['poller_modules']['wmi'] = 1;

Device configuration

If you need to select a specific WMI The module polls or passes a specific user to the device / password , You can change it on the device edit page .