Hitachi

Job Management Partner 1 Version 10 Job Management Partner 1/Integrated Management - Manager Configuration Guide

1.18.1 Configuring WMI

This subsection describes how to configure WMI.

WMI connections require the following:

When all the settings have been completed, check whether a connection can be established from the JP1/IM - Manager host to a remote host that will be monitored remotely.

Note:

  • Log information cannot be collected if the startup status of Windows Management Instrumentation (service name WinMgmt) providing system management information in the OS on the monitored remote host is Disabled.

  • Users accessing a remotely monitored host must be members of the Administrators group on that host.

Organization of this subsection

(1) DCOM setting

The following describes how to configure DCOM on a JP1/IM - Manager host and a host to be monitored remotely.

(a) Configuring DCOM on a JP1/IM - Manager host

Configure DCOM on the JP1/IM - Manager host.

The procedure for configuring DCOM is described below.

Note that some steps in the procedure might differ depending on the OS on the remotely monitored host.

  • When the OS of the remotely monitored host is Windows Server 2008, Run might not appear in the Start menu of Windows. If it does not appear, hold down the Windows logo key and press the R key to invoke Run.

  1. From the Windows Start menu, choose Run.

  2. Enter dcomcnfg.exe and then click the OK button.

    The Component Services window appears.

  3. Click Component Services and Computers to expand the tree.

  4. Choose My Computer, and then from the right-click menu, choose Properties.

    The My Computer Properties dialog box appears.

  5. Choose the Default Properties tab, and then select Enable Distributed COM on this computer.

  6. Click the OK button.

    The My Computer Properties dialog box closes.

  7. If the OS of the JP1/IM - Manager host is Windows Server 2008, Windows Server 2008 (x64), Windows Server 2008 R2 (x64), Windows Server 2012 (x64), or Windows Server 2012 R2 (x64) and you want to monitor the remote-monitoring event log traps after the user logs off, configure using the following steps:

    • From the Windows Start menu, choose Run.

    • Enter gpedit.msc, and then click the OK button.

      The Group Policy dialog box appears.

    • In the Group Policy dialog box, click Computer Configuration, Administrator Templates, and System. Then, expand the User Profiles node.

    • For Do not forcefully unload the user registry at user logoff, click Enabled.

  8. Restart the machine.

    This step is not needed if you have not changed the setting of Enable Distributed COM on this computer.

(b) Configuring DCOM on a remote host to be monitored remotely

Configure DCOM on a host to be monitored remotely.

The procedure for configuring DCOM is described below.

Note that some steps in the procedure might differ depending on the OS on the host to be monitored remotely.

  • When the OS of the host is Windows Server 2003 without any service packs, steps 6 to 11 are unnecessary because there is no Edit Limits button.

  • When the OS of the host is Windows Server 2008, UAC security is enabled. You can therefore use an account other than the built-in Administrator, in which case steps 6 to 11 are necessary.

  1. From the Windows Start menu, choose Run.

  2. Enter dcomcnfg.exe and then click the OK button.

    The Component Services window appears.

  3. Click Component Services and Computers to expand the tree.

  4. Choose My Computer, and then from the right-click menu, choose Properties.

    The My Computer Properties dialog box appears.

  5. Choose the Default Properties tab, and then select Enable Distributed COM on this computer.

  6. Choose the COM Security tab, and then click the Edit Limits button for Access Permissions.

    The Access Permission dialog box appears.

    Check to see if the user who connects to the monitored host or the group to which the user belongs is displayed in Group or user names:.

    If it is not displayed, click the Add... button, and then add the user or the group to which the user belongs.

  7. In the Select Users or Groups window, select the user who will connect to the host to be monitored or the group to which the user belongs.

    Check to see if Allow is selected in Remote Access. If this option is not selected, select it.

  8. Click the OK button.

    The Access Permission dialog box closes.

  9. Choose the COM Security tab, and then click the Edit Limits button for Launch and Activation Permissions.

    The Launch Permission dialog box appears.

    In the Launch Permission dialog box, in the Group or user names: section, check to see if the user who will connect to the remote host to be monitored or the group to which the user belongs is displayed.

    If the user or a group is not displayed, click the Add... button to add the user or the group to which the user belongs.

  10. In the Select Users or Groups window, in the Launch Permission dialog box, select the user who will connect to the host to be monitored remotely or the group to which the user belongs.

    Check to see if Allow is selected for both Remote Launch and Remote Activation. If it is not selected, select it.

  11. Click the OK button.

    The My Computer Properties dialog box is displayed again.

  12. Click the OK button.

    The My Computer Properties dialog box closes.

  13. Restart the machine.

    This step is not needed if you have not changed the setting of Enable Distributed COM on this computer.

To Page Top

(2) Configuring the firewall

You need to configure the firewall when Windows Firewall is enabled.

In the Windows Start menu, click Control Panel and then Windows Firewall to check whether Windows Firewall is enabled.

If the OS of the monitored host is Windows Server 2003 without any service packs, Windows Firewall is not available, and this procedure is unnecessary.

To configure the firewall when Windows Firewall is enabled:

  1. From the Windows Start menu, choose Run.

  2. Enter gpedit.msc and then click the OK button.

    The Group Policy Object Editor dialog box appears.

  3. Click Computer Configuration, Administrator Templates, Network, Network Connections, and Windows Firewall to expand the tree.

  4. Click Standard Profile#1, and then in the right-hand pane, from the right-click menu of Windows Firewall: Allow remote administration exception#2, choose Properties#3.

    The Windows Firewall: Allow remote administration exception Prop... dialog box appears.

    #1: If the host machine is a domain environment, this will be Domain Profile.

    #2: When the OS of the host to be monitored remotely is Windows Server 2008 or Windows Server 2012, right-click Windows Firewall: Allow inbound remote administration exception.

    #3: When the OS is Windows Server 2008 or Windows Server 2012, choose Edit.

  5. Choose the Setting tab, and then select Enabled#.

    #: When the OS is Windows Server 2008 or Windows Server 2012, select the Enabled radio button in the Windows Firewall: Allow remote administration exception Prop... dialog box.

  6. Click the OK button.

    The Windows Firewall: Allow remote administration exception Prop... dialog box closes.

To Page Top

(3) Checking WMI connections

Use the Windows tool wbemtest.exe to check whether the JP1/IM - Manager host and the host to be monitored remotely are connected.

The following procedure describes how to check WMI connections. Perform the procedure on the JP1/IM - Manager host.

  1. At the command prompt, execute the following command:

    runas /user:user-name wbemtest

    The Windows Management Instrumentation Tester dialog box appears.

    Note that for the user name, you need to enter the value specified in the User name box on the IM Host Account page in the System Common Settings window. If you are prompted to enter a password after a command is executed, specify the value set in the Password box on the IM Host Account page.

  2. Click the Connect... button.

    The Connect window appears.

  3. In Namespace, User:, Password:, and Authority:, enter the appropriate information.

    The following describes each item.

    • Namespace

      Enter \\monitored-host-name\root\cimv2.

      Replace monitored-host-name with the name of the host that will actually be monitored.

    • User:

      Enter the name of the user who will log on to the monitored remote host.

    • Password:

      Enter the user's password.

    • Authority:

      Enter ntlmdomain:domain-name-of-monitored-host. Leave this box blank if the remote host is a work group.

  4. Click the Connect... button.

    If connection is established successfully, the Connect... dialog box closes and all buttons are enabled in the Windows Management Instrumentation Tester dialog box.

    If an error notification appears, check the item indicated by the error number. Causes of errors and the corresponding error numbers are given below.

    An error might occur if you change settings while the tool (wbemtest.exe) is active and then re-establish the connection. In that case, restart the tool and check the connection.

    • 0x8001011c

      DCOM is not configured on the JP1/IM - Manager host.

    • 0x80070005

      One of the following is the probable cause of the error.

      - DCOM is not configured on the JP1/IM - Manager host.

      - DCOM is not configured on the host to be monitored remotely.

      - The user name, password, or domain name for connecting to the host to be monitored remotely is incorrect.

    • 0x80041003

      No value is set in Namespace on the host to be monitored remotely.

    • 0x80041008

      The value specified in Authority: does not begin with ntlmdomain:.

    • 0x800706XX

      One of the following is the probable cause of the error.

      - The name of the host to be monitored remotely is incorrect.

      - The host to be monitored remotely is not running.

      - No firewall is configured on the host to be monitored remotely

      - The password of the user who will log on to the host to be monitored remotely has expired.

  5. Confirm that there is an event log whose log type is System or Application on the host to be monitored remotely, and then click the Query button. When the Query window appears, enter the next query, and then click the Apply button.

    Select * From Win32_NTLogEvent Where ( Logfile='System' Or Logfile='Application' )

    After you click the Apply button, check whether the execution results of the query appear in the Query Result window.

To Page Top

Trademarks

All Rights Reserved. Copyright (C) 2012, 2014, Hitachi, Ltd.