I am using Mikrotik’s the DUDE monitoring tool since many years to monitor my Company’s Server’s and devices health, Recently I decided to add users subnet also on the server’s sub map to view online/offline users, there CPU / Memory/ HDD usage, personnel printers health and tons of other info.
As we all knows that for this purpose SNMP service is required on the target Windows OS. The problem was that there were over 120 nodes and I didn’t wanted to visit them each physically or didn’t wanted to take there remote to install SNMP due to some permission issues. After some googling I found one way to install SNMP service right from my admin pc by doing some fine tuning and tweaks of various commands using pstools. It’s not neat and clean , also it requires some manual work to do, but it does the job. Once you get used to it, you will find it relatively easy to deploy snmp using various method, Either its dos base batch file (that I personally use) , OR its VBS file, or running it via GPO or any other method. ! Every method works for sure.
[Remember in this example , I am using this technique in Active directory domain environment, and using domain administrator account to login to my admin pc windows, ]
First download pstools utility from following location
http://download.sysinternals.com/files/PSTools.zip
Extract it any any folder, e.g
c:\pstools
Now open command prompt , and navigate to pstools directory , e.g
cd \pstools
Adding SNMP Service remotely on Windows 7
Use the below command to initiate snmp service installation on remote windows 7 client pc.
1 | PsExec.exe \\syedjz -s -i -d ocsetup.exe SNMP |
After 2-3 minutes (depending on the remote PC hardware speed), snmp service will be installed with the default public string, and will be available to serve any snmp request, example via dude. You can verify it by login to that PC and open services console and look for SNMP Service. Now the important point is that SNMP service is installed without any community string by default & without defining any string and define allow monitoring hosts section, you will not be able to do any query via snmp.
You can use the following batch file to create public string on the client pc , right from your desktop.
First create a batch file name change_snmp_String.bat , open notepad , and paste the following text.
1 2 3 4 5 6 7 | @echo off cls reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SNMP\Parameters" /v EnableAuthenticationTraps /t REG_DWORD /d 0 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SNMP\Parameters\PermittedManagers" /v 1 /t REG_SZ /d 10.1.1.1 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SNMP\Parameters\PermittedManagers" /v 2 /t REG_SZ /d 10.1.1.2 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SNMP\Parameters\ValidCommunities" /v public /t REG_DWORD /d 4 /f cls |
You can change the PUBLIC string to one of your own choice, as public is very common, Also you need to change the IP defined in above batch file script to match your pc from where you want to monitor the clients or where DUDE is installed. I have two monitoring servers , DUDE+LINUX, therefore I added two IP’s
Now save this file with the name of change_snmp_String.bat (Make sure file name ends with .bat, as notepad adds .txt extension, you have to remove it by selecting ALL FILES in file type, or rename it afterward, grrrrrrr)
Save this file in any shared folder of your system, a folder that every one can access easily , preferably file server location.
Now from command prompt and within pstools directory, use the below command to initiate above batch file so that it can change the snmp string from blank to public and allow our monitoring server IP’s to query the snmp service.
1 | PsExec.exe \\syedjz -s -i -d \\fileserver\softwares\TOOLS_RELATED\snmp\change_snmp_String.bat |
OR if you get access denied message, then try passing the admin credentials along with the command
1 | PsExec.exe \\syedjz -u mydomain\administrator -p ponka cmd "/c \\fileserver\softwares\TOOLS_RELATED\snmp\change_snmp_String.bat" |
All Done, Now lo-gin to that client PC , and check snmp service / security tab and verify that new public string have been added. The benefit of using PUBLIC string is that dude by default use public string, and if you use this string, then dude will auto fetch the snmp data and will show the cpu/mem/hdd on devices.
To install SNMP on local Windows 7 PC using CLI, use the below command
1 | start /w ocsetup.exe SNMP |
Adding SNMP Service remotely on Windows XP/2003
Adding snmp service on Remote Windows XP is a bit tricky and require some manual work to do, Once you manage to get it working, you can then wrap all command in one single file and use this file to install SNMP service via single file by monitoring target pc name only. Ok Let’s Start . . .
Create new file name snmp.inf with the following contents
(This file will be used for ocsetup to instruct that it should install snmp service)
1 2 3 4 5 | [Components] NetOC=ON [NetOptionalComponents] SNMP=1 |
Copy this snmp.inf to any shared folder, preferably any file sharing server.
Now Copy windows CD contents to any shared folder on your file sharing server or local PC. Copy the whole CD, which will be required at the time of snmp service installation.
e.g:
Now create a registry file name winpath.reg with the following contents [This file will be used on remote xp to update the windows xp registry for XP setup source files , which will be required at the time of snmp service installation.]
Make sure you change the path defined in the below script to match your local location.
1 2 3 4 5 | Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup] "SourcePath"="\\\\file-server\\zaib-XP-LIC-SP2" "ServicePackSourcePath"="\\\\file-server\\zaib-XP-LIC-SP2" |
Now copy this winpath.reg file to the target Client Windows XP in root , e.g C:\
Now execute the following command Which will add the windows source path to the client windows XP registry
(You must have pstools in c:\pstools folder, as explained in windows 7 section above)
1 | PsExec.exe \\syedjz cmd "/c reg import C:\winpath.reg" |
Now that the client XP now knows about the windows XP setup CD, its time to hit the road, (remote execution of snmp service installation on remote windows XP). Use the below command to execute the setup.
1 | PsExec.exe \\syedjz -s -i -d sysocmgr /i:%windir%\inf\sysoc.inf /u:\\files-server\softwares\TOOLS_RELATED\snmp\snmp.inf /x /q |
After 2-3 minutes (depending on the remote PC hardware speed), snmp service will be installed with the default public string, and will be available to serve any snmp request, usually I used DUDE 🙂
Remember, I only explained the raw method of doing snmp installation on remote pc’s. There are many other fine tuned method to perform this action. You can adopt whatever you like. Following are 2 batch files that do job via batch file, so you don’t’ have to type he whole commands, just type the batch file and the target PC name,
For Windows 7 , We will use two batch file.
1- win7_snmp_install.bat
2- win7_snmp_string.bat
One that will install SNMP Service on remote win 7,
1 | PsExec.exe \\%1 -s -i -d ocsetup.exe SNMP |
Second that will change the SNMP String
1 | PsExec.exe \\%1 -s -i -d \\file-server\softwares\TOOLS_RELATED\snmp\change_snmp_String.bat |
You can use this file by defining client pc name with the file
e.g: win7_snmp_install.bat clientpcname
For Windows XP, Single Batch file will be enough
1- winXP_snmp_install.bat
1 2 3 4 5 6 7 8 9 10 11 12 | @echo off cls copy /Y "C:\snmp\winpath.reg" "\\%1\c$" echo. echo. PsExec.exe \\%1 cmd "/c reg import C:\winpath.reg" echo. echo. PsExec.exe \\%1 -s -i -d sysocmgr /i:%windir%\inf\sysoc.inf /u:\\file-server\softwares\TOOLS_RELATED\snmp\snmp.inf /x /q echo. echo. echo All Done, Hopefully. Script by Syed Jahanzaib |