No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

eSight V300R009C00 Operation Guide 09

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Managing Host Agent

Managing Host Agent

Overview

Agent is a host agent component provided by eSight. Connecting hosts in Agent mode enables central management of host data, performance monitoring, and alarm report. Connecting Agent to hosts using HTTPS ensures the security of operating system accounts and makes it easy and convenient for eSight to manage the hosts.

Installation scenarios

  • Monitoring host performance and alarms
  • Using HTTPS to connecting hosts

Installation requirements

  • The following host operating systems support Agent:
    • Linux
      • SUSE Linux Enterprise Server 11 SP2/SP1 64-bit
      • SUSE Linux Enterprise Server 10 SP2 64-bit
      • SUSE Linux Enterprise 11.3
      • Red Hat Enterprise Linux 7 WS, ES, AS 7.3/7.1/7.0 64-bit
      • Red Hat Enterprise Linux 6 WS, ES, AS 6.8/6.6/6.5/6.4/6.2/6.1/6.0 64-bit
      • Red Hat Enterprise Linux 5 WS, ES, AS 5.10/5.7/5.6/5.5/5.3/5.2/5.1 64-bit
      • Red Hat Enterprise Linux 4 WS, ES, AS 4.6/4.5/4.4/4.2/4.0 64-bit
      • Oracle Linux 6.2/6.1 64-bit
      • CentOS 6.5/6.4
      • CentOS 7.1/7.0
      • EulerOS
    • Windows
      • Windows Server 2003
      • Windows Server 2008
      • Windows Server 2008 R2
      • Windows Server 2012
      • Windows Server 2012 R2
  • You must add TCP port 43156 to the host firewall exception list.

    For details, see eSight Cannot Discover Hosts After the Agent is Configured.

  • To ensure that a host running the Windows operating system is correctly discovered in Agentless mode, you need to start the WMI preconfiguration tool on the host.

    For details, see Running the WMI Preconfiguration Tool on a Host.

Installation mode

  • Install Agent one by one using the installation package.
  • Batch install Agent using eSight.

Impact on the System

The Agent operation has the following impact on the system.

Table 10-27

Indicator

Value

CPU usage

1% to 2%

Occupied physical memory capacity

20 MB

Occupied virtual memory capacity

200 MB

NOTE:

The impact varies slightly with operating systems.

Installing Agent One by One Using the Installation Package

Deploying Agent to a Host

Agent is used to ensure performance and alarm data transfer between managed hosts and the eSight. Each managed host in the eSight requires Agent.

Prerequisite
NOTE:

The Agent package name may different from the description, please refer to the actual installation package.

  • Time on the managed host must be the current time and consistent with the time on theeSight server.
  • You have logged in to the managed host.
NOTE:

Resources that are added as hosts are used to implement Storage Network Analysis functions.

Procedure
  • Deploying Agent to an host that runs the Windows operating system

    In Windows, you must install Agent as an administrator user.

    1. Copy the Agent installation package eSight_IT_HostAgent_x.x.x.zip to a managed host.
    2. Decompress the Agent installation package eSight_IT_HostAgent_x.x.x.zip to obtain HostAgent.zip in the WindowsServer folder.
    3. Store the HostAgent.zip package in a path that does not contain any Chinese characters, for example, D:\HostAgent.

      In the Windows operating system, the path cannot contain brackets.

      NOTE:
      • If the operating system is Windows 2003, the path cannot contain spaces.
      • The free disk space in the path for storing the HostAgent.zip package is greater than 100 MB.
    1. Decompress HostAgent.zip and run startup.bat to set the HostAgent start with the operating system.
    2. Double-click install.bat and then double-click startup.bat to start the Agent service
  • Deploying Agent to a host that runs the Linux operating system
    • In Linux, you must install Agent as user root.
    • SUSE 11.1 is used as an example to explain how to install Agent in Linux.
    1. On a PC, decompress the Agent installation package eSight_IT_HostAgent_x.x.x.zip to obtain HostAgent.zip in the Suse11 directory.
    2. Upload the HostAgent.zip package to a directory of a host running the Linux operating system through FTP or other methods. The path can be, for example, /opt.
      NOTE:
      • The upload directory cannot contain any Chinese characters.
      • The free disk space in the path for storing the HostAgent.zip package is greater than 100 MB.
      • If the desired upload directory does not exist, log in to host as a root user to create a directory. The command output is as follows:

      # mkdir /opt

    3. Run the following command, and decompress HostAgent.zip to the current directory:

      # cd /opt

      # unzip HostAgent.zip -d HostAgent

      NOTE:

      /opt indicates the directory where the HostAgent.zip package is stored. During your operation, you need to change this directory to the actually used directory.

    4. Run the following command to set the HostAgent start with the operating system, and install the Agent service:

      # cd /opt/HostAgent

      # ./install.sh

    5. After installation, run the following command and start the Agent service:

      # ./startup.sh

Follow-up Procedure

Batch Installing Agent Using eSight

Managing a Host Agent Package

Before installing or upgrading a host agent, you must add the agent software package to be installed first. This section describes how to add or delete a host agent package.

Procedure
  1. On the menu bar, choose Resource > Storage Subnet.

  2. In the left navigation tree, choose Host Agent Management > Package Management.
  3. In the function pane, view information about host agent package. The following table describes the parameters.

    Parameter

    Description

    Name

    Name of the host agent package, for example, eSight_IT_HostAgent_1.1.0.zip.

    Agent Package Version

    The version of the agent package.

    Size

    The size of the agent package.

    Upload Time

    The upload time of the agent package.

    NOTE:
    • Click Add to add the host agent package and digital certificate file. You can obtain the digital certificate file as follows:
      • For enterprise users:
      1. Log into Huawei's enterprise support website http://support.huawei.com/enterprise.
      2. Search for eSight. In the search results, choose Vertical Industries Solutions > eSight Solution > eSight.
      3. On the Downloads tab page, download the eSight software and digital signature files.
      • For carriers:
      1. Log into Huawei's carrier support website http://support.huawei.com/carrier.
      2. Search for eSight VxxxRxxxCxxSPCxxx.
      3. On the Software tab page, download the eSight software and digital signature files.
    • After the software is downloaded, use the digital certificate and verification tool available on Huawei technical support website to verify the digital signature.
    • Select a host agent package and click Delete to delete the selected host agent package.

Installing and Upgrading a Host Agent

This operation allows you to install and upgrade a host agent.

Prerequisite

Prerequisites for installing a host agent:

  • The host has been connected in Agentless mode.
  • No agents are installed on the host.
Procedure
  1. On the menu bar, choose Resource > Storage Subnet.

  2. In the left navigation tree, choose Host Agent Management > Installation and Upgrade.
  3. In the function pane, query information about host agent.

    • Choose the subnet you want to query in the Subnet. Click Search to query information about corresponding host agent in the subnet.
    • Enter a Huawei storage device name you want to query in the Name. Click Search to query information about the corresponding host agent.
    • Enter a IP address you want to query in the IP address. Click Search to query information about the corresponding host agent.
    NOTE:

    Select a host and click Install, Upgrade, or Uninstall to install, upgrade, or uninstall the host agent package.

  4. In the function pane, view information about host agent. The following table describes the parameters.

    Parameter

    Description

    Name

    Name of the device that installed the host agent package.

    IP Address

    IP address of the management network port on the device.

    Agent Package Version

    Agent package version on the device.

    Last Refresh At

    Time when the device was last refreshed.

    Progress

    Progress of the agent package on the device.

    Operation

    Operation on the agent package on the device.

    Result

    Result of agent package operation.

    Details

    Details about agent package operation.

    NOTE:

    Read the following instructions when upgrading and uninstalling the host agent:

    • Upgrade
      • An upgrade can be performed only between different versions of the host agent.
      • When upgrading the host agent in Linux operating system, use the lftp tool. If the lftp tool is not installed, the upgrade plug-in will automatically install the lftp tool in the host agent software package. For Red Hat 4.x or GreatTurbo 10.5, the system will not automatically install the lftp tool. You need to install the tool manually. For details, see How Can I Manually Install the lftp Tool of the Agent Software Package.
      • During the upgrade process, the host agent involves periodic tasks. If the periodic service is disabled, the upgrade plug-in will automatically enables the periodic service.
      • After the host agent is upgraded in Windows operating system, the BackupOldAgent.bat file will be generated in the upper-layer directory of the installation directory. For example, if the installation directory is D:\HostAgent\eSight_IT_HostAgent_1.1.2, the file will be generated in the D:\HostAgent directory. Perform operations based on onsite conditions and manually delete the file.
      • After the host agent is upgraded, the backup file of the original version will be generated in the upper-layer directory of the installation directory. For example, if the installation directory of the original version is D:\HostAgent\eSight_IT_HostAgent_1.1.0 in Windows operating system, the eSight_IT_HostAgent_1.1.0.zip backup file will be generated in the D:\HostAgent directory. If the installation directory of the original version is /opt/HostAgent/eSight_IT_HostAgent_1.1.0 in Linux operating system, the eSight_IT_HostAgent_1.1.0.zip backup file will be generated in the /opt/HostAgent directory. Perform operations based on onsite conditions and manually delete the file.
    • Uninstall
      • When uninstalling host agent in the Windows operating system, there are files in the directory. For example: D:\HostAgent\eSight_IT_HostAgent_1.1.2, select the required directory. Please manually to delete the files.
      • When uninstalling host agent in the Linux operating system, there may be files in the directory. For example: /opt/HostAgent/eSight_IT_HostAgent_1.1.2, select the required directory. Please manually to delete the files.

Follow-up Procedure

To ensure that a host running the Windows operating system is correctly discovered in Agentless mode, you need to run the WMI preconfiguration tool on the host. Please refer to Running the WMI Preconfiguration Tool on a Host on a Host to run the tool.

Checking the Agent

If the Agent cannot be started properly, the eSight cannot properly communicate with hosts, and the system cannot obtain host performance data.

Procedure
  • Check the Agent status on Windows.
    1. Log in to a host.
    2. Check whether the HostAgent process exists.
      1. Right-click on the operating system taskbar and choose the task manager from the shortcut menu.
      2. In the Task Manager window, click the Process tab page.
      3. Check whether the HostAgent process exists on the Process tab page.
        • If the HostAgent process exists, the Agent is properly started.
        • If the HostAgent process does not exist, the Agent is not started. Go to Step 3.
    3. On the operating system, find and double-click startup.bat to start the Agent service.
  • Check the Agent status on Linux.
    1. Use a remote login tool to log in to the host.
    2. Run the following command to check whether the HostAgent process is started.

      ps -ef | grep "HostAgent" | grep -v "grep"

      • If the following information is returned, the HostAgent process is started correctly.

        root 22157 1 0 10:10 pts/1 00:00:00 sh ./HostAgentTimedTask.sh

        root 31060 1 0 08:38 pts/1 00:00:08 ./HostAgent

      • If no information is returned, the HostAgent is not started. Go to Step 3.
    3. Run the following command to start the Agent service.
    NOTE:

    /opt/HostAgent indicates the folder where the related scripts of the Agent service are stored. Select the required folder.

    # cd /opt/HostAgent

    # ./startup.sh

    1. Run the following command to check whether the HostAgent process is normal.

      # lsof -i:43156

    NOTE:

    The HostAgent process occupies port 43156. If the port is occupied by another process, the HostAgent cannot work correctly.

    • If the following information is displayed, port 43156 is being used by the HostAgent and the HostAgent process works correctly.

      COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME

      HostAgent 31060 root 6u IPv4 52660506 TCP *:43156 (LISTEN)

    • If the character string below COMMAND is not HostAgent, port 43156 is occupied by another process. Shut down the process and perform Step 3 to restart the HostAgent process.
    • If no information is returned, go to Step 2.

----End

Uninstalling Agent

How Do I Stop the Agent Service on a Host

Perform the following steps to stop the Agent service on a host. After the Agent service is stopped on a host, performance and alarm data of the host cannot be sent to the eSight.

Prerequisite
  • You have configured the Agent program on the host.

    For details, see Deploying Agent to a Host.

  • The time of the host must be the current time, which is consistent with the time of the eSight server.
  • You have logged in to the host.
Procedure
  • Stopping the Agent Service on Windows
    1. Log in to the host operating system.
    2. Go to the installation directory of the Agent program, for example, D:\HostAgent.
    3. Double-click shutdown.bat.
  • Stopping the Agent Service on Linux
    1. Log in to the host operating system as user root.
    2. Run the following command to stop the Agent service.
    NOTE:

    /opt/HostAgent indicates the installation directory of the Agent program. Select the required directory.

    # cd /opt/HostAgent

    # ./shutdown.sh

----End

How Can I Uninstall Agent from a Host

You can uninstall Agent from host using the following method.

Prerequisite
  • Agent has been deployed on host.

    For details, see Deploying Agent to a Host.

  • The system time of host is consistent with that of the eSight server.
  • You have logged in to host.
Procedure
  • Uninstall Agent from a Windows operating system.
    1. Run shutdown.bat to shut down the Agent service. For details, see How Do I Stop the Agent Service on a Host.
    2. Run uninstall.bat.
    3. Delete the installation directory of the Agent program.
  • Uninstall Agent from a Linux operating system.
    NOTE:

    In this example, /opt/HostAgent is the Agent installation directory. Change the installation directory based on your site requirements.

    1. Run shutdown.sh to shut down the Agent service. For details, see How Do I Stop the Agent Service on a Host.
    2. Run the following command to uninstall the Agent dynamic database.

      # cd /opt/HostAgent

      # ./uninstall.sh

    3. Run the following command to delete the Agent installation directory.

      rm –rf is a highly risky command. Make sure that the Agent installation directory in the command is correct.

      # rm -rf /opt/HostAgent/*

----End

Reference

eSight Cannot Discover Hosts After the Agent is Configured
Symptom

The eSight cannot automatically discover hosts after the Agent program is configured on target hosts.

Possible Causes

On the operating system (OS) of a target host, port 43156 used by the Agent program is not added a firewall exception.

Fault Diagnosis

Adding a firewall exception of the port 43156.

Procedure
  • Adding a firewall exception of the port 43156 on Windows 2003
    1. Log in to the host operating system.
    2. On the taskbar, choose Start > Control Panel.
    3. In the displayed window, click Windows Firewall.
    4. In the displayed window, click Exceptions.
    5. In the displayed window, click Add Port.
    6. In the displayed window, set the parameters as follows:
      • In Name, enter HostAgent.
      • Click the Specific local Port (S) option button, and enter 43156 in the text box.
      • Click the TCP option button.
    7. Click Finish to close the windows in sequence.
  • Adding a firewall exception of the port 43156 on Windows 2012.
    1. Log in to the host operating system.
    2. On the taskbar, choose Start > Control Panel.
    3. In the displayed window, click Windows Firewall.
    4. In the displayed window, click Advanced Settings.
    5. In the navigation tree on the left of the displayed window, select Inbound Rules.
    6. Click New Rules in the upper right corner.
    7. In the right pane of the displayed window, click the Port option button, and click Next.
    8. In the displayed window, set the parameters as follows:
      • Click the TCP option button.
      • Click the Specific local Port (S) option button, and enter 43156 in the text box.
    9. Click Next.
    10. In the displayed window, click the Allow the connection (A) option button, and click Next.
    11. In the displayed window, select the following check boxes:
      • Domain
      • Private
      • Public
    12. Click Next.
    13. In the Name text box, enter a rule name, for example, HostAgent.
    14. Click Finish and create a new rule.
    15. Close the windows in sequence.
  • Adding a firewall exception of the port 43156 on RedHat 6.x or earlier.
    1. Log in to the host operating system as user root.
    2. Run the following command and check whether iptables exists in /etc/sysconfig.

      # ls -l /etc/sysconfig | grep iptables

    3. Run the following command to open the iptables file using a text editor.

      # vi /etc/sysconfig/iptables

    4. Press i to edit the file.
      • If the rule list has RH-Firewall-1-INPUT, enter the following rule. For details, see Figure1.
        -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 43156 -j ACCEPT
        Figure 10-19 iptables rule list
      • If the rule list has INPUT, enter the following rule. For details, see Figure 2.
        -A INPUT -m state --state NEW -m tcp -p tcp --dport 43156 -j ACCEPT
        Figure 10-20 iptables rule list
    5. Press Esc.
    6. Enter :wq to save the changes and close the iptables file.
    7. Run the following command to restart the firewall:

      # /etc/init.d/iptables restart

    8. Run the following command to set the firewall to allow entry of TCP port 43156:

      # /usr/sbin/iptables -I INPUT -p tcp --dport 43156 -j ACCEPT

    9. Run the following command to save the setting:

      # /etc/rc.d/init.d/iptables save

    10. Run the following command to restart the firewall:

      # /etc/init.d/iptables restart

  • Adding a firewall exception of the port 43156 on Redhat7.x
    1. Log in to the host operating system as user root.
    2. Run the following command to set the firewall to allow entry of TCP port 43156:

      firewall-cmd --zone=public --permanent --add-port=43156/tcp

    3. Run the following command to restart the firewall:

      firewall-cmd --reload

    4. Run the following command to check the result:

      firewall-cmd --zone=public --list-all

  • Adding a firewall exception of the port 43156 on SUSE
    1. Log in to the host operating system as user root.
    2. Run the following command to open the SuSEfirewall2 file using a text editor.
    3. # vi /etc/sysconfig/SuSEfirewall2
    4. Press i to edit the file. Enter the following content to add port number 43156. For details, see Figure 3.
      FW_SERVICES_EXT_TCP="43156"
      Figure 10-21 port
    5. Press Esc.
    6. Enter :wq to save the changes and close the SuSEfirewall2 file.
    7. Run the following command to make the firewall settings take effect.

      # rcSuSEfirewall2 restart

      # /sbin/SuSEfirewall2 start

host Alarms Cannot Be Reported to eSight After Agent Is Deployed
Symptom

After a host is connected in Agent mode and the firewall is enabled, alarms of the host cannot be reported to the eSight.

Possible Causes

On the operating system (OS) of a target host, port 10165 used by the Agent program is not added a firewall exception.

Fault Diagnosis

Adding a firewall exception of the port 10165.

Procedure
  • Adding a firewall exception of the port 10165 on Windows 2003
    1. Log in to the host operating system.
    2. On the taskbar, choose Start > Control Panel.
    3. In the displayed window, click Windows Firewall.
    4. In the displayed window, click Exceptions.
    5. In the displayed window, click Add Port.
    6. In the displayed window, set the parameters as follows:
      • In Name, enter HostAgent.
      • Click the Specific local Port (S) option button, and enter 10165 in the text box.
      • Click the UDP option button.
    7. Click Finish to close the windows in sequence.
  • Adding a firewall exception of the port 10165 on Windows 2012.
    1. Log in to the host operating system.
    2. On the taskbar, choose Start > Control Panel.
    3. In the displayed window, click Windows Firewall.
    4. In the displayed window, click Advanced Settings.
    5. In the navigation tree on the left of the displayed window, select Inbound Rules.
    6. Click New Rules in the upper right corner.
    7. In the right pane of the displayed window, click the Port option button, and click Next.
    8. In the displayed window, set the parameters as follows:
      • Click the UDP option button.
      • Click the Specific local Port (S) option button, and enter 10165 in the text box.
    9. Click Next.
    10. In the displayed window, click the Allow the connection (A) option button, and click Next.
    11. In the displayed window, select the following check boxes:
      • Domain
      • Private
      • Public
    12. Click Next.
    13. In the Name text box, enter a rule name, for example, HostAgent.
    14. Click Finish and create a new rule.
    15. Close the windows in sequence.
  • Adding a firewall exception of the port 10165 on RedHat 6.x or earlier.
    1. Log in to the host operating system as user root.
    2. Run the following command and check whether iptables exists in /etc/sysconfig.

      # ls -l /etc/sysconfig | grep iptables

    3. Run the following command to open the iptables file using a text editor.

      # vi /etc/sysconfig/iptables

    4. Press i to edit the file.
      • If the rule list has RH-Firewall-1-INPUT, enter the following rule. For details, see Figure 1.
        -A RH-Firewall-1-INPUT -m udp -p udp -dport 10165 -j ACCEPT
        Figure 10-22 iptables rule list
      • If the rule list has INPUT, enter the following rule. For details, see Figure 2.
        -A INPUT -m udp -p udp --dport 10165 -j ACCEPT
        Figure 10-23 iptables rule list
    1. Press Esc.
    2. Enter :wq to save the changes and close the iptables file.
    3. Run the following command to restart the firewall:

      # /etc/init.d/iptables restart

    4. Run the following command to set the firewall to allow entry of UDP port 10165:

      # /usr/sbin/iptables -I INPUT -p udp --dport 10165 -j ACCEPT

    5. Run the following command to save the setting:

      # /etc/rc.d/init.d/iptables save

    6. Run the following command to restart the firewall:

      # /etc/init.d/iptables restart

  • Adding a firewall exception of the port 10165 on Redhat7.x
    1. Log in to the host operating system as user root.
    2. Run the following command to set the firewall to allow entry of UDP port 10165:

      firewall-cmd --zone=public --permanent --add-port=10165/udp

    3. Run the following command to restart the firewall:

      firewall-cmd --reload

    4. Run the following command to check the result:

      firewall-cmd --zone=public --list-all

  • Adding a firewall exception of the port 10165 on SUSE
    1. Log in to the host operating system as user root.
    2. Run the following command to open the SuSEfirewall2 file using a text editor.

      # vi /etc/sysconfig/SuSEfirewall2

    3. Press i to edit the file. Enter the following content to add port number 10165. For details, see Figure 3.
      FW_SERVICES_EXT_UDP="10165"
      Figure 10-24 port
    1. Press Esc.
    2. Enter :wq to save the changes and close the SuSEfirewall2 file.
    3. Run the following command to make the firewall settings take effect.

      # rcSuSEfirewall2 restart

      # /sbin/SuSEfirewall2 start

Running the WMI Preconfiguration Tool on a Host

To ensure that a host running the Windows operating system is correctly discovered in Agentless mode, you need to run the WMI preconfiguration tool on the host.

Prerequisite

Before installing the WMI preconfiguration tool, please perform the following steps to modify the host registry page related to the DCOM, to make sure the Windows Server 2012 hosts are discovered normally.

  1. Click Start > Run, the Run dialog box is displayed.
  2. Input regedit, press Enter to open the Registry Editor, select the HKEY_CLASSES_ROOT > CLSID > {76a64158- cb41-11d1-8b02-00600806d9b6}.
    NOTE:

    The configuration item is used for WBEM script locator.

  3. Right-click {76a64158- cb41-11d1-8b02-00600806d9b6}, in the shortcut menu, select Permission.
  4. Click Advanced, in the dialog box, click Owner tab, and set the Change the owner to to Administrators.
  5. Click Apply and OK.
  6. Click Permission tab, set the right of the Administrators to Full control.
    NOTE:

    If the Administrators is not in the Group or user name list, please click Add to Administrators group users.

  7. Select Administrators in the dialog box, set the right of the Administrators to Full control.
  8. Click OK.
Context
NOTE:

The WMI protocol is not recommended for security protocol, please refer to Postrequisite to close the remote WMI protocol.

The WMI preconfiguration is tool is used to:

  • Configure a local security policy. You can use this tool to change Network access: Sharing and security to Classic.
  • Configure local WMI controls. You can use this tool to change the states of Win32_Processor, Win32_WMISetting, Security information, and Win32_OperatingSystem to Successful.
  • Configure the DCOM control.
  • Start system services, including Print Spooler, DCOMLAUNCH service, and RPCSS service.
  • Enable the firewall exception configuration.
    • Enable File and Printer Sharing (ICMPv4).
    • Enable the RPC dynamic port.
      Programs: C:\Windows\system32\svchost.exe 
            Protocol Type: TCP  
             Local Port:RPC/RPC-EPMap 
             Remote Port:All Port
      NOTE:

      If the host runs the Windows 2003 operating system, manually modify the registry, enable the RPC dynamic port, and restart the host.

  • Enable Remote Administration.
  • Copypsftp.exe to the %TEMP% directory.
    NOTE:

    The value of %TEMP% varies with systems. The WMI preconfiguration tool copies psftp.exe to the XX\Temp directory.

    NOTE:

    If the system cannot use the Agentless mode after run the WMI preconfiguration tool, please check the following configurations (default configurations are correct) : configure a local security policy, configure local WMI controls and configure the DCOM control.

Procedure
  1. Upload the WMI preconfiguration tool to the host and execute WMIPreConfig.bat. The preconfiguration tool automatically configures the host.

    NOTE:

    The directory of WMIPreConfig.bat cannot contain spaces.

  2. Optional: If the host runs the Windows 2003 operating system and enables the firewall, you need to manually configure the host.

    1. In the Run dialog box, type regedit to go to the registry page.
    2. Change the value of HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole EnableDCOM to Y.
    3. In Internet of HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc, add Ports (MULTI_SZ), PortsInternetAvailablePorts (MULTI_SZ), PortsInternetAvailable(REG_SZ), and UseInternetPorts(REG_SZ).
      NOTE:

      Right-click the registry entry and modify the value, the registry entry is displayed as follows (port range 1024 to 1030 is used as an example):

      Ports:REG_MULTI_SZ: 1024-1030 
      PortsInternetAvailable:REG_SZ:Y  
      UseInternetPorts:REG_SZ:Y     
    4. Add ports to the firewall exception list.
      1. In the Run dialog box, type cmd to go to the CLI.
      2. Run the following command based on the port range added in the registry (port range 1024 to 1030 is used as an example):
        netsh firewall add  portopening TCP 1024 Local_RPC_Dynamic_Port ENABLE > nul
        netsh firewall add  portopening TCP 1025 Local_RPC_Dynamic_Port ENABLE > nul
        netsh firewall add  portopening TCP 1026 Local_RPC_Dynamic_Port ENABLE > nul
        netsh firewall add  portopening TCP 1027 Local_RPC_Dynamic_Port ENABLE > nul
        netsh firewall add  portopening TCP 1028 Local_RPC_Dynamic_Port ENABLE > nul
        netsh firewall add  portopening TCP 1029 Local_RPC_Dynamic_Port ENABLE > nul
        netsh firewall add  portopening TCP 1030 Local_RPC_Dynamic_Port ENABLE > nul
    5. Restart the server.
    6. Discover the host in Agentless mode.

Follow-up Procedure

If the host is not managed in Agentless mode, execute RollbackWMIConfig.bat to cancel the automatic configuration of the WMI preconfiguration tool. The host running the Windows 2003 operating system has manual configurations, delete those configurations and restart the host.

Download
Updated: 2019-05-17

Document ID: EDOC1100011877

Views: 285091

Downloads: 550

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next