zenoss 4.2.0 and postfix mysql dep

December 17, 2012, 3:06 pm

Hi Folks,

I've just completed a clean manual install (not using the auto-install script) of 4.2.0 on centos 6.3, and am running into a hell of a dep issue with mysql, zenoss, and postfix. I've installed all of the MySQL stuff indicated in the install docs:

MySQL-client.x86_64	5.5.28-1.el6	@/MySQL-client-5.5.28-1.el6.x86_64
MySQL-server.x86_64	5.5.28-1.el6	@/MySQL-server-5.5.28-1.el6.x86_64
MySQL-shared.x86_64	5.5.28-1.el6	@/MySQL-shared-5.5.28-1.el6.x86_64

However, now postfix won't start:

# postfix

postfix: error while loading shared libraries: libmysqlclient.so.16: cannot open shared object file: No such file or directory

Obviously the "shared" package isn't handling the requests for libmysqlclient.so.16 - not surprising since, according ro rpm at least, it only provides .18 files:

# rpm -ql MySQL-shared-5.5.28-1.el6.x86_64

/usr/lib64/libmysqlclient.so

/usr/lib64/libmysqlclient.so.18

/usr/lib64/libmysqlclient.so.18.0.0

/usr/lib64/libmysqlclient_r.so

/usr/lib64/libmysqlclient_r.so.18

/usr/lib64/libmysqlclient_r.so.18.0.0

I have seen a few mentions of this on the forums here, but no solutions. Anyone have an idea how I might fix this? Reinstalling postfix sneaks mysql-libs in with the install, strangely not complaining about deps, so that's not really an option.

PS - how to I indicate code or quote tags on this BBS?

↧

ssCpuIdle value showing zero

March 24, 2009, 4:58 pm

≫ Next: pb d'installation de mibs sur zenoss 3.0.1

≪ Previous: zenoss 4.2.0 and postfix mysql dep

I keep getting 'threshold of low CPU idle not met' warnings on a few servers, one in particular. It shows a value of zero constantly. If I run a manual snmpget command with ssCpuIdle (OID=1.3.6.1.4.1.2021.11.11.0) I get the same thing but I can see from all the usual tools that the CPU isn't maxed out (or zero idle time).
When I search the net all I find is documents telling us to change to using ssCpuRawIdle but this is known to max out and give invalid readings too plus you have to take two readings and figure it out yourself.
I fixed this for a short period (minutes) by restarting SNMP on the effected server. Got a value of 84 for a few minutes and now it is back to zero again. The server is a SUSE 9 server much the same as most of the other servers on our network, running Nagios if you can't figure that out from the name.
Any ideas?

zenoss@crt-monitor:~> snmpget -c snmpstring -v1 crt-nagios.blahblah.gov.au 1.3.6.1.4.1.2021.11.11.0
UCD-SNMP-MIB::ssCpuIdle.0 = INTEGER: 84
zenoss@crt-monitor:~> snmpget -c snmpstring -v1 crt-nagios.blahblah.gov.au 1.3.6.1.4.1.2021.11.11.0
UCD-SNMP-MIB::ssCpuIdle.0 = INTEGER: 0

↧

pb d'installation de mibs sur zenoss 3.0.1

August 26, 2010, 7:42 am

≫ Next: HOW TO CONFIGURE WMI ACCESS ON WINDOWS FOR A NON ADMIN USER

≪ Previous: ssCpuIdle value showing zero

Bonjour, j'ai une

Linu/ubuntu 10.04 et un kernel 2.6.32-24-generic-pae i686 GNU/Linux .

J'essaie d'installer des mibs mais j'ai des erreurs lié à pythons (je croie ). Pour les mibs cisco, (téléchargé ici ), j'ai énormement d'erreurs du genre:

2010-08-26 14:23:25,828 INFO zen.ZenMib: Parsed 17 nodes and 0 notifications from CISCO-WAN-SCT-MGMT-MIB
2010-08-26 14:23:25,831 INFO zen.ZenMib: Loaded MIB CISCO-WAN-SCT-MGMT-MIB into the DMD
2010-08-26 14:23:27,255 INFO zen.ZenMib: Parsed 1 nodes and 0 notifications from CISCO-LWAPP-TC-MIB
2010-08-26 14:23:27,259 INFO zen.ZenMib: Loaded MIB CISCO-LWAPP-TC-MIB into the DMD
2010-08-26 14:23:27,888 ERROR zen.ZenMib: smidump: module `/usr/local/zenoss/common/share/mibs/site/cisco/CISCO-CALL-TRACKER-MODEM-MIB.my' contains errors, expect flawed output

2010-08-26 14:23:28,431 ERROR zen.ZenMib: smidump: module `/usr/local/zenoss/common/share/mibs/site/cisco/CISCO-MGX8800-IF-MAPPING-MIB.my' contains errors, expect flawed output

2010-08-26 14:23:31,126 INFO zen.ZenMib: Parsed 43 nodes and 1 notifications from CISCO-5800-HEALTH-MON-MIB
2010-08-26 14:23:31,133 INFO zen.ZenMib: Loaded MIB CISCO-5800-HEALTH-MON-MIB into the DMD
2010-08-26 14:23:32,588 INFO zen.ZenMib: Parsed 2 nodes and 0 notifications from CISCO-SYSAPPL-CAPABILITY
2010-08-26 14:23:32,589 INFO zen.ZenMib: Loaded MIB CISCO-SYSAPPL-CAPABILITY into the DMD
2010-08-26 14:23:41,184 INFO zen.ZenMib: Parsed 155 nodes and 2 notifications from RSVP-MIB
2010-08-26 14:23:41,193 INFO zen.ZenMib: Loaded MIB RSVP-MIB into the DMD
2010-08-26 14:23:41,335 ERROR zen.ZenMib: Failed to load MIB: /usr/local/zenoss/common/share/mibs/site/cisco/CISCO-FLEX-LINKS-MIB.my
Traceback (most recent call last):
File "/usr/local/zenoss/zenoss/Products/ZenModel/zenmib.py", line 1017, in main
    if self.loadMibFile(mibFileObj, dmdMibDict):
File "/usr/local/zenoss/zenoss/Products/ZenModel/zenmib.py", line 887, in loadMibFile
    mibNamesInFile)
File "/usr/local/zenoss/zenoss/Products/ZenModel/zenmib.py", line 696, in generatePythonFromMib
    proc = Popen(dumpCommand, stdout=PIPE, stderr=PIPE)
File "/usr/local/zenoss/python/lib/python2.6/subprocess.py", line 595, in __init__
    errread, errwrite)
File "/usr/local/zenoss/python/lib/python2.6/subprocess.py", line 1009, in _execute_child
    self.pid = os.fork()
OSError: [Errno 12] Cannot allocate memory
2010-08-26 14:23:41,412 ERROR zen.ZenMib: Failed to load MIB: /usr/local/zenoss/common/share/mibs/site/cisco/CISCO-ENTITY-VENDORTYPE-OID-MIB.my
Traceback (most recent call last):
File "/usr/local/zenoss/zenoss/Products/ZenModel/zenmib.py", line 1017, in main
    if self.loadMibFile(mibFileObj, dmdMibDict):
File "/usr/local/zenoss/zenoss/Products/ZenModel/zenmib.py", line 887, in loadMibFile
    mibNamesInFile)
File "/usr/local/zenoss/zenoss/Products/ZenModel/zenmib.py", line 696, in generatePythonFromMib
    proc = Popen(dumpCommand, stdout=PIPE, stderr=PIPE)
File "/usr/local/zenoss/python/lib/python2.6/subprocess.py", line 595, in __init__
    errread, errwrite)
File "/usr/local/zenoss/python/lib/python2.6/subprocess.py", line 1009, in _execute_child
    self.pid = os.fork()
OSError: [Errno 12] Cannot allocate memory
2010-08-26 14:23:41,412 ERROR zen.ZenMib: Failed to load MIB: /usr/local/zenoss/common/share/mibs/site/cisco/CISCO-GSLB-HEALTH-MON-MIB.my
Traceback (most recent call last):
File "/usr/local/zenoss/zenoss/Products/ZenModel/zenmib.py", line 1017, in main
    if self.loadMibFile(mibFileObj, dmdMibDict):
File "/usr/local/zenoss/zenoss/Products/ZenModel/zenmib.py", line 887, in loadMibFile
    mibNamesInFile)
File "/usr/local/zenoss/zenoss/Products/ZenModel/zenmib.py", line 696, in generatePythonFromMib
    proc = Popen(dumpCommand, stdout=PIPE, stderr=PIPE)
File "/usr/local/zenoss/python/lib/python2.6/subprocess.py", line 595, in __init__
    errread, errwrite)
File "/usr/local/zenoss/python/lib/python2.6/subprocess.py", line 1009, in _execute_child
    self.pid = os.fork()
OSError: [Errno 12] Cannot allocate memory
2010-08-26 14:23:41,413 ERROR zen.ZenMib: Failed to load MIB: /usr/local/zenoss/common/share/mibs/site/cisco/CISCO-BRIDGE-CAPABILITY.my

Je joins à ce post, le fichier d'erreur. Avez vous des suggestions ?

↧

HOW TO CONFIGURE WMI ACCESS ON WINDOWS FOR A NON ADMIN USER

November 18, 2009, 2:35 am

≫ Next: zenmib.py issue

≪ Previous: pb d'installation de mibs sur zenoss 3.0.1

Hi,

If you, like me have to configure WMI access on Windows servers for a non admin user in order for Zenoss to read the eventlog etc, read on...

Introduction

Zenoss is able to read & query Windows servers via WMI in order to obtain Eventlog information. Windows Management Instrumentation (WMI) is the infrastructure for management data and operations on Windows-based operating systems. WMI also supplies management data to other parts of the operating system and products like zenoss. For security purposes you can use a limited domain user account to access the WMI infrastructure and relevant components. The domain user acount has rights to only access the appropriate areas of the server to obtain information for Zenoss.

As the main objective is read & query the Windows event logs via WMI. Modifications to the windows server security will need to have access granted to the specific account (zenwmi) at 4 different levels in order for Zenoss to function correctly and obtain the event log information the Windows team requires to be displayed in Zenoss.

The following information describes the 4 levels or areas that require acess to be configured for the specific user. These 4 requirements are all needed and are in logical order as one follows on to the next as shown in this diagram attached .

1. DCOM

DCOM stands for Distributed COM and COM stands for Component Object Model (COM). COM is the standard method for communication between client/server apps and highlevel APIs for Windows developers. DCOM users Remote Procedure Call to expose COM objects on a computer to remote clients on other computers.
Prior to XP SP2 (and the introduction of these 2 DCOM security settings), it was difficult for an administrator to assess or control which COM objects were available to remote users and this is even more important since COM objects can allow anonymous access. Each COM object has its own ACL and you would have had to look at each COM object's ACL to determine if remote access were allowed and to whom. This policy and DCOM: Machine Access Restrictions In Security Descriptor Definition Language (SDDL) syntax put a system wide access check that all DCOM clients (local or remote) must pass before hitting the individual COM object's ACLs. This system-wide DCOM check is like share permissions on a shared folder. Many files may be accessible through a given network share and each file may have it's own unique permissions but you must first pass the share level permissions before the file permissions are checked.

Security in WMI is related to connecting to a WMI namespace. WMI uses DCOM to handle remote calls. One reason for failure to connect to a remote computer is due to a DCOM failure, Therefore, this is the first access that must be granted to the specific user and happily can be granted by adding the user to the local or domain distributed COM users group on the Server. There is a domain GPO which adds the domain user to the relevant grounds need by Zenoss. Specific user access can be granted by following & applying the following link.
http://msdn.microsoft.com/en-us/library/aa393266.aspx

2. WMI

Windows Management Instrumentation (WMI) is the Microsoft implementation of Web-based Enterprise Management (WBEM), which is an industry initiative to develop a standard technology for accessing management information in an enterprise environment. WMI uses the Common Information Model (CIM) industry standard to represent systems, applications, networks, devices, and other managed components. CIM is developed and maintained by the Distributed Management Task Force (DMTF). The ability to obtain management data from remote computers is what makes WMI useful. Remote WMI connections are made through DCOM.

WMI provides a uniform interface for any local or remote applications or scripts that obtain management data from a computer system, a network, or an enterprise. The uniform interface is designed such that WMI client applications and scripts do not have to call a wide variety of operating system application programming interfaces (APIs). Many APIs cannot be called by automation clients like scripts or Visual Basic applications. Other APIs do not make calls to remote computers.

To obtain data from WMI, an application like Zenoss accesses WMI Classes or provides data to WMI by writing a WMI provider.

Namespace Access Settings

You can change the access to a WMI namespace using the WMI Control or programmatically.

Term	Description
Execute Methods	Permits the user to execute methods defined on WMI classes. Corresponds to the WBEM_METHOD_EXECUTE access permission constant.
Full Write	Permits full read, write, and delete access to WMI classes and class instances, both static and dynamic. Corresponds to the WBEM_FULL_WRITE_REP access permission constant.
Partial Write	Permits write access to static WMI class instances. Corresponds to the WBEM_PARTIAL_WRITE_REP access permission constant.
Provider Write	Permits write access to dynamic WMI class instances. Corresponds to the WBEM_WRITE_PROVIDER access permission constant.
Enable Account	Permits read access to WMI class instances. Corresponds to the WBEM_ENABLE access permission constant.
Remote Enable	Permits access to the namespace by remote computers. Corresponds to the WBEM_REMOTE_ACCESS access permission constant.
Read Security	Permits read-only access to DACL settings. Corresponds to the READ_CONTROL access permission constant.
Edit Security	Permits write access to DACL settings. Corresponds to the WRITE_DAC access permission constant.

This is the second access requirement that is needed for Zenoss. For the DMSI Windows team, the zenwmi domain user is manually given Remote Enable & Enable Account permissions to the CIMV2 class. This is done by a user written program, WMISecurity that can be run in a command line.
The syntax is as follows:

WmiSecurity.exe /C="%computername%" /A /N=Root/CIMV2 /M=" DOMAIN\USER:REMOTEACCESS" /R

Specific user access can be granted by following & applying the following link.
http://technet.microsoft.com/en-us/library/cc787533%28WS.10%29.aspx

3. Service Control Manager

The service control manager (SCM) is started at system boot. It is a remote procedure call (RPC) server, so that service configuration and service control programs can manipulate services on remote machines. SCM maintains a database of the installed services and driver services that allow the operating system to start successfully, and provides a unified and secure means of controlling them. The database, which is stored in the Windows system registry, includes configuration and security information about each service or driver service.

System administrators should use the Services snap-in or the sc.exe command-line tool to query or configure services.

The service functions provide an interface for the following tasks performed by the SCM:

Maintaining the database of installed services.
Starting services and driver services either upon system startup or upon demand.
Enumerating installed services and driver services.
Maintaining status information for running services and driver services.
Transmitting control requests to running services.
Locking and unlocking the service database.

Zenoss requires access to this manager in order to scan the machine for which windows services are installed on it and subsequently provide status information on the event page besides gaining access to the eventlog (which is a service). This is the third access requirement which needs to be modified for Zenoss. This is configured by command line (sc.exe) and is also included in the tasks section of the automatic network install. Specific user access is the only method of configuration for this type of access & can be granted by following & applying the following link.
http://support.microsoft.com/kb/907460

The command line used for Windows servers is:
sc sdset SCMANAGER D:(A;;CC;;;AU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)(A;;CCLCRPRC;;;IU)(A;;CCLCRPRC;;;SU)(A;;CCLCRPRC;;;S-1-5-21-1248577188-10479689-3873521419-99999)S:(AU;FA;KA;;;WD)(AU;OIIOFA;GA;;;WD)

4. Event Log Permissions

Finally to read and list the Windows events in Zenoss event page, the user defined in the properties of Zenoss Orangiser has to be given rights to read the log. Unfortuntely as you have just read, you are not able to just add the rights to the event log and be done with it, the above modifications needed to have been actioned beforehand. The easiest way to perfom this task for the hundreds of Windows servers at Sopra was to create a domain wide GPO.

A policy setting determines which user accounts have access to log files and what usage rights are granted. Individual setting may be specified for each of the Application, Security, Setup, and System event log channels. For Zenoss each Log must by modified in order the the ZenEventlog connection is UP.

Enabling this setting allows you to enter a security descriptor for the log file. The security descriptor controls who can read, write, or clear the event log. You enter the security descriptor using Security Definition Description Language (SDDL) as we have read above. The following link explains how to add specific user access to the Eventlog via a GPO
http://support.microsoft.com/default.aspx/kb/323076

The structure of the Eventlog key is as follows:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application,Security,System,CustomLog

Note that domain controllers record events in the Directory service and File Replication service logs and DNS servers record events in the DNS server.

CustomSD Restricts access to the event log. This value is of type REG_SZ. The format used is Security Descriptor Definition Language (SDDL). Construct an ACL that grants one or more of the following rights:

Read (0x0001)

Write (0x0002)

Clear (0x0004)

To be a syntactically valid SDDL, the CustomSD value must specify an owner and a group owner (for example, O:BAG:SY), but the owner and group owner are not used. If CustomSD is set to a wrong value, an event is fired in the System event log when the event log service starts, and the event log gets a default security descriptor which is identical to the original CustomSD value for the Application log. SACLs are not supported.

The SDDL permissions used for Windows servers is:
O:BAG:SYD:(D;;0xf0007;;;AN)(D;;0xf0007;;;BG)(A;;0xf0007;;;SY)(A;;0x7;;;BA)(A;;0x7;;;SO)(A;;0x3;;;IU)(A;;0x3;;;SU)(A;;0x3;;;S-1-5-3)(A;;0x1;;;S-1-5-21-1248577188-10479689-3873521419-99999)

Error Summary

I have figured out the following after lots of trial and error. It is a logical process, almost like walking through one security door after another to get to the windows Eventlog. If you see the following ZenWinor ZenEventlogerrors in the event page you need to check the relevant section or link to determine where the fault lies.

Component: ZenWin
Message: Could not read the status of Windows services (NT_STATUS_ACCESS_DENIED). Check your username/password settings and verify network connectivity.

Component: ZenEventlog
Message: Could not read the Windows event log (NT_STATUS_ACCESS_DENIED). Check your username/password settings and verify network connectivity.

This error relates to the DCOM Permissions& is resolved by implementing http://msdn.microsoft.com/en-us/library/aa393266.aspx, check that the ZenWMI user is a member of the Distributed COM users group on the server.

Component: ZenWin
Message: Could not read the status of Windows services (NT code 0x80041003). Check your username/password settings and verify network connectivityconnectivity.

Component: ZenEventlog
Message: Could not read the Windows event log (NT code 0x80041003). Check your username/password settings and verify network connectivity

This error relates to the WMI Permissions& is resolved by implementing http://technet.microsoft.com/en-us/library/cc787533.aspx, Check to see that the ZenWMI users has Enable Account & Remote Enable access to the CIMV2 namespace in WMI Control on the server

Component: ZenWin
Message: Could not read the status of Windows services (NT code 0x80041001). Check your username/password settings and verify network connectivity

This error relates to the SCM Permissions& is resolved by implementing http://support.microsoft.com/kb/907460, check to see if the ZenWMI user Unique SID has been added to the SCM SSDL, type "sc sdhow scmanager", if not copy and pase the above command, once this is done you should get a cleared "zenwin wmi connection is up" message

Component: ZenWin
Message: Could not read the status of Windows services (NT code 0xc002001b). Check your username/password settings and verify network connectivity.

Component: ZenEventlog
Message: Could not read the Windows event log (NT code 0xc002001b). Check your username/password settings and verify network connectivity.

This error relates to the Eventlog Permissions& is resolved by implementing http://support.microsoft.com/kb/323076, As this is set by GPO, check to see if the GPO was correctly enforced and use the regisitry editior to check that the above SDDL is present, goto HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\"LOG" and read the Custom SD string value, once this is modified correctly, you should get a cleared "zeneventlog wmi connection is up" message

Other Errors

Component: ZenEventlog
Message: Could not read the Windows event log (ExecNotificationQuery (WBEM_E_ACCESS_DENIED)). Check your username/password settings and verify network connectivity.

This usually relates to an missing EventLog permission and that the SSDL has not been applied to all the event logs, application system, security, etc.

Component: ZenPerfwmi
Message: Could not read the WMI value (NT code 0x80010105). Check your username/password settings and verify network connectivity.

I forget.. will have to recall how I fixed it... I think it was due to the "users" group being removed the right to log onto the computer in the local policy..

Component: ZenPerfwmi
Message: Could not read the WMI value (NT code 0x80041010). Check your username/password settings and verify network connectivity.

This usually relates to a missing WMI namespace, check that Service pack 2 is installed,or recreate/reset the WMI namespaces.
The command winnts2k\system32\wbem\wmiadap.exe /f will often restore missing WMI performance counters.

Sources:
http://msdn.microsoft.com/en-us/library/aa392740%28VS.85%29.aspx
http://support.microsoft.com/kb/820847
http://msdn.microsoft.com/en-us/library/aa394528%28VS.85%29.aspx

Final thanks to all the forum members for their help and input over time.

Alzoo

↧

zenmib.py issue

November 13, 2006, 2:02 am

≫ Next: Syslog daily report help

≪ Previous: HOW TO CONFIGURE WMI ACCESS ON WINDOWS FOR A NON ADMIN USER

I've been trying to register mibs.
I worked around my unresolved path problem by
qualifying smidump's name in zenmib.py;

exec os.popen('smidump -fpython %s 2>/dev/null' % mibname) in result
to
exec os.popen('/usr/local/zenoss/bin/smidump -fpython %s 2>/dev/null'
% mibname) in result

I then came accross a name error.
the method load() defines mibs;
mibs = self.dmd.Mibs

and the method load1() refers to mibs;
mod = mibs.createMibModule(modname, self.options.path)

but it is not in the scope of load1()
I replaced the line in load1() with
mod = self.dmd.Mibs.createMibModule(modname, self.options.path)

I was then able to register mibs.

Thanks,
Kent

Post generated using Mail2Forum (http://www.mail2forum.com)

↧

Syslog daily report help

August 25, 2010, 9:03 am

≫ Next: Escalate Count: on /Perf/CPU

≪ Previous: zenmib.py issue

Hello,

I am interested in recieving by email, once a day, all the syslog events (per device) that happened one day before, and i can not seem to find something like this.

I have tried to do this with alerts per user, or on the reporting tab.

I must specify i am a newbie at this.

Please help me with getting this report up and running.

Any tips, trick or hints will be greately appreciated.

↧

Escalate Count: on /Perf/CPU

July 13, 2012, 4:54 am

≫ Next: what is normalization and how does zenucsevents normalize events

≪ Previous: Syslog daily report help

Hi,

We have enabled events on /Perf/CPU high thresholds in our environment.

Zenoss 3.2.1
Linux (x86_64) 2.6.32 (Linux nk-mgmt-dh-17 2.6.32-41-server #91-Ubuntu SMP Wed Jun 13 11:58:56 UTC 2012 x86_64)

But we do not want to get an event on every little performance spike:

I tried to set on both: Device(/Server/Linux) and WMIDevice(/Server/Windows) this.

(See scrots)

But still the events shows up after every little spike..

From what I read I thought that warning - 5 would take 5*5*3 minutes to create and show up that critical event?

Or am I being misled here by my own incompetence

Regards Falk

↧

what is normalization and how does zenucsevents normalize events

April 25, 2013, 6:14 am

≫ Next: New ZenPacks in the Community

≪ Previous: Escalate Count: on /Perf/CPU

I come across an tranform in one of zenoss set up which is written to translate events when event is not pre-normalized so am curious to know and learn about Normalization

↧

New ZenPacks in the Community

October 2, 2009, 12:06 pm

≫ Next: WMI Non-Admin user not seeing all services

≪ Previous: what is normalization and how does zenucsevents normalize events

There was a sizeable thread on New ZenPacks in the Community in the old forums, I'm going to go ahead and restart it here. New ZenPacks get announced in zenoss-zenpacks as well.

Thanks,

Matt Ray

Zenoss Community Manager

↧

WMI Non-Admin user not seeing all services

July 24, 2013, 8:28 am

≪ Previous: New ZenPacks in the Community

Hi,

I have gone through all the steps to set up a non-admin user for monitoring (DCOM, WMI, enable ntlm2 etc). All LOOKS good, except the zenoss user does not see all the services. I have not found any solutions out there:

Non Admin User:

wmic -U <domain>/zenoss --password='<PW>' //<server> "Select caption From Win32_Service" -d 1Caption|Name
Application Management|AppMgmt
DCOM Server Process Launcher|DcomLaunch
DHCP Client|Dhcp
DNS Client|Dnscache
Windows Event Log|EventLog
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Windows CardSpace|idsvc
KtmRm for Distributed Transaction Coordinator|KtmRm
Distributed Transaction Coordinator|MSDTC
Network Access Protection Agent|napagent
Net.Msmq Listener Adapter|NetMsmqActivator
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Net.Pipe Listener Adapter|NetPipeActivator
Net.Tcp Listener Adapter|NetTcpActivator
Net.Tcp Port Sharing Service|NetTcpPortSharing
Office Source Engine|ose
BranchCache|PeerDistSvc
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Performance Logs & Alerts|pla
Remote Access Auto Connection Manager|RasAuto
Remote Access Connection Manager|RasMan
Routing and Remote Access|RemoteAccess
Remote Procedure Call (RPC)|RpcSs
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Resultant Set of Policy Provider|RSoPProv
Security Accounts Manager|SamSs
Task Scheduler|Schedule
System Event Notification Service|SENS
Print Spooler|Spooler
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Secure Socket Tunneling Protocol Service|SstpSvc
Virtual Disk|vds
Windows Color System|WcsPlugInService
WinHTTP Web Proxy Auto-Discovery Service|WinHttpAutoProxySvc
Windows Update|wuauserv
[wmi/wmic.c:212:main()] OK   : Retrieve result data.

Admin User:

wmic -U <domain>/administrator --password='<PW>' //<server> "Select caption From Win32_Service" -d 1Caption|Name

Caption|Name
Application Experience|AeLookupSvc
Application Layer Gateway Service|ALG
Application Information|Appinfo
Application Management|AppMgmt
ASP.NET State Service|aspnet_state
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Windows Audio Endpoint Builder|AudioEndpointBuilder
Windows Audio|Audiosrv
Backup Exec Remote Agent for Windows Systems|BackupExecAgentAccelerator
Base Filtering Engine|BFE
Background Intelligent Transfer Service|BITS
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Computer Browser|Browser
Symantec Event Manager|ccEvtMgr
Symantec Settings Manager|ccSetMgr
Certificate Propagation|CertPropSvc
Microsoft .NET Framework NGEN v2.0.50727_X86|clr_optimization_v2.0.50727_32
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Microsoft .NET Framework NGEN v4.0.30319_X86|clr_optimization_v4.0.30319_32
COM+ System Application|COMSysApp
Cryptographic Services|CryptSvc
Offline Files|CscService
DCOM Server Process Launcher|DcomLaunch
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
DHCP Client|Dhcp
DNS Client|Dnscache
Wired AutoConfig|dot3svc
Diagnostic Policy Service|DPS
Extensible Authentication Protocol|EapHost
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Windows Event Log|EventLog
COM+ Event System|EventSystem
Microsoft Fibre Channel Platform Registration Service|FCRegSvc
Function Discovery Provider Host|fdPHost
Function Discovery Resource Publication|FDResPub
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Windows Font Cache Service|FontCache
Windows Presentation Foundation Font Cache 3.0.0.0|FontCache3.0.0.0
Group Policy Client|gpsvc
Human Interface Device Access|hidserv
Health Key and Certificate Management|hkmsvc
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Windows CardSpace|idsvc
IKE and AuthIP IPsec Keying Modules|IKEEXT
PnP-X IP Bus Enumerator|IPBusEnum
IP Helper|iphlpsvc
CNG Key Isolation|KeyIso
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
KtmRm for Distributed Transaction Coordinator|KtmRm
Server|LanmanServer
Workstation|LanmanWorkstation
LiveUpdate|LiveUpdate
Link-Layer Topology Discovery Mapper|lltdsvc
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
TCP/IP NetBIOS Helper|lmhosts
Multimedia Class Scheduler|MMCSS
Windows Firewall|MpsSvc
Distributed Transaction Coordinator|MSDTC
SQL Server FullText Search (MSSQLSERVER)|msftesql
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Microsoft iSCSI Initiator Service|MSiSCSI
Windows Installer|msiserver
SQL Server (MSSQLSERVER)|MSSQLSERVER
SQL Server Active Directory Helper|MSSQLServerADHelper
SQL Server Analysis Services (MSSQLSERVER)|MSSQLServerOLAPService
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Network Access Protection Agent|napagent
Netlogon|Netlogon
Network Connections|Netman
Net.Msmq Listener Adapter|NetMsmqActivator
Net.Pipe Listener Adapter|NetPipeActivator
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Network List Service|netprofm
Net.Tcp Listener Adapter|NetTcpActivator
Net.Tcp Port Sharing Service|NetTcpPortSharing
Network Location Awareness|NlaSvc
Network Store Interface Service|nsi
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Office Source Engine|ose
BranchCache|PeerDistSvc
Performance Logs & Alerts|pla
Plug and Play|PlugPlay
IPsec Policy Agent|PolicyAgent
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
User Profile Service|ProfSvc
Protected Storage|ProtectedStorage
Remote Access Auto Connection Manager|RasAuto
Remote Access Connection Manager|RasMan
Routing and Remote Access|RemoteAccess
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Remote Registry|RemoteRegistry
Remote Procedure Call (RPC) Locator|RpcLocator
Remote Procedure Call (RPC)|RpcSs
Resultant Set of Policy Provider|RSoPProv
Special Administration Console Helper|sacsvr
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Security Accounts Manager|SamSs
Smart Card|SCardSvr
Task Scheduler|Schedule
Smart Card Removal Policy|SCPolicySvc
Secondary Logon|seclogon
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
System Event Notification Service|SENS
Terminal Services Configuration|SessionEnv
Internet Connection Sharing (ICS)|SharedAccess
Shell Hardware Detection|ShellHWDetection
Software Licensing|slsvc
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
SL UI Notification Service|SLUINotify
Symantec Management Client|SmcService
Symantec Network Access Control|SNAC
SNMP Trap|SNMPTRAP
Print Spooler|Spooler
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
SQL Server Browser|SQLBrowser
SQL Server Agent (MSSQLSERVER)|SQLSERVERAGENT
SQL Server VSS Writer|SQLWriter
SSDP Discovery|SSDPSRV
Secure Socket Tunneling Protocol Service|SstpSvc
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Microsoft Software Shadow Copy Provider|swprv
Symantec Endpoint Protection|Symantec AntiVirus
Superfetch|SysMain
Telephony|TapiSrv
TPM Base Services|TBS
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Terminal Services|TermService
Themes|Themes
Thread Ordering Server|THREADORDER
Distributed Link Tracking Client|TrkWks
Windows Modules Installer|TrustedInstaller
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Interactive Services Detection|UI0Detect
Terminal Services UserMode Port Redirector|UmRdpService
UPnP Device Host|upnphost
Desktop Window Manager Session Manager|UxSms
Virtual Disk|vds
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Volume Shadow Copy|VSS
Windows Time|W32Time
Block Level Backup Engine Service|wbengine
Windows Color System|WcsPlugInService
Diagnostic Service Host|WdiServiceHost
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Diagnostic System Host|WdiSystemHost
Windows Event Collector|Wecsvc
Problem Reports and Solutions Control Panel Support|wercplsupport
Windows Error Reporting Service|WerSvc
WinHTTP Web Proxy Auto-Discovery Service|WinHttpAutoProxySvc
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Windows Management Instrumentation|Winmgmt
Windows Remote Management (WS-Management)|WinRM
WMI Performance Adapter|wmiApSrv
Portable Device Enumerator Service|WPDBusEnum
Windows Presentation Foundation Font Cache 4.0.0.0|WPFFontCache_v0400
[wmi/wmic.c:212:main()] OK   : Retrieve result data.
Windows Update|wuauserv
Windows Driver Foundation - User-mode Driver Framework|wudfsvc

↧