Windows Server Configuration
Last updated
Last updated
1. In the IT-Conductor main menu, navigate to Dashboards > Administrator.
4. A pop-up message will confirm that the Linux Host has been added successfully. Click OK to dismiss and proceed to configure the Linux user to be used for monitoring.
Note Please take note of the WinRM Configuration Requirements.
6. A pop-up message will confirm that the account has been created successfully. Click OK to complete the process.
7. The newly added system will appear in the Windows System panel.
8. The Windows System will show up in the service grid within 5-15 minutes.
IT-Conductor accesses Windows systems utilizing WinRM. If WinRM TLS (HTTPS) has been enabled then ignore the Configuration section. Otherwise (which is the most common situation) Windows uses a proprietary payload encryption mechanism and client whitelisting for unsecured (HTTP) connections. In this case, the following configurations have to be performed:
Use Domain Group Policy to apply these settings to multiple Windows machines:
If configuring manually run the following commands on each monitored machine:
The commands need to be executed from command prompt with elevated permissions (As Administrator).
Make sure WinRM is enabled. Run the following command:
Enable "AllowUnencrypted". Run the following command:
Add Gateway host to WinRM trusted hosts. Run the following command:
Please make sure the failover Gateway Host (when configured) is included.
Enable Basic Authentication (Optional). If the monitored Windows host is a standalone computer (not part of a Domain) the Basic authentication needs to be enabled. Run the following command:
The easiest way to enable remote user access to WinRM is to add it to the local Administrators group.
If granting administrative access is not possible due to the security policy please follows the procedure to enable monitoring with a non-privileged account:
The local group membership can be assigned with Domain Group Policy (see above), otherwise, follow the instructions below.
Open the Computer Management console (compmgmt.msc).
Go to Local Users and Groups.
Expand Groups.
Add desired domain Group or User to Performance Log Users, Performance Monitor Users, and Remote Management Users groups.
WMI Namespace access configuration is not supported in Domain Group Policy and has to be configured on each monitored machine.
From the Computer Management console, expand Service and Applications.
Right-click on WMI Control and then click Properties to access to WMI configuration.
Open the Security tab.
Select the "\Root\CIMV2" namespace:
Click on Security to choose which user or group will be granted access.
In the Security dialog box, click Add.
In the Select Users, Computers, or Groups dialog box, enter the name of the object (user or group) you want to add.
Click OK.
Click Advanced to open the Advanced Security Settings dialog box:
On the Permissions tab select the desired user in the Permissions entries.
Click Edit.
Set Type to Allow, set Applies to This namespace and subnamespaces, and select the Execute Methods, Enable Account, and Remote Enable options:
Click OK to close all windows and apply the changed settings.
See Authorize WMI users and Set Permissions for more details.
We need to grant the user Windows Service Configuration Manager Access.
Run a Command Prompt as Administrator, and execute the following command:
2. In the Administrator dashboard, locate the Windows Systems panel and click to start adding a system for monitoring.
3. In the Create Windows System wizard, fill out all the necessary information. Once completed, click to add the system.
5. Provide the account information in the wizard and click to complete the configuration.
Note It may take a few minutes to change the status to "In Progress," refresh the panel if needed. If there are issues with the configuration, such as wrong connection parameters or an invalid account etc. the status will stay "Ready", troubleshoot by displaying the log. Click for the new record or click object icon and select Log from the menu popup.
