Performance counters
Hello,
Is there somewhere any documentation about the required security changes for accessing the performance counters remotely?
I read something about SNMP and the UDP port 161 and 162 that should be open?
Can please someone help me?
Thanks!!
Thieu
Is there somewhere any documentation about the required security changes for accessing the performance counters remotely?
I read something about SNMP and the UDP port 161 and 162 that should be open?
Can please someone help me?
Thanks!!
Thieu
Comments
Unfortunately I don't have an easy answer for this. Windows performance counters, as far as I'm aware, are not built on SNMP. That's an open standard that does pretty much what Windows performance interface does. But for Windows, you should only need the SMB ports open. (137, 138,139,445)
Getting the traffic through is about half of the battle. The other half is permissions. Not only do you need the 'profile system performance' right in the local security policy, but you need file permissions to whatever dll the performance object resides in.
The best advice I can give is to run the test as a domain user that has local administrator rights to the server. This is the surest way to make sure your test can access the performance objects on the server, although it's not the best idea from a security standpoint.
I found also the next articles about this on the web:
http://www.testingreflections.com/node/view/1032
Links within this document:
http://patrolexpress.bmc.com/help/en_US/gal_webhelp/parameters/windows/windows_2000.htm
http://support.microsoft.com/default.aspx?scid=kb;en-us;164018
Receiving administrator rights is impossible because of existing SLA of our systemadministrators.
If you or someone else are having some good idea's, please let me know.
Thanks,
Thieu
Thanks! This will probably get you into all of the builtin counters for Windows -- just be aware that, for instance, some of the performance objects, for example the SQL Server ones, have some additional restrictions.