How to Install SNMP Remotely
 |
This topic is a how to. Please keep it as clear and simple as possible. Avoid speculative discussions as well as a deep dive into underlying mechanisms or related technologies. |
1. What We Need to Do
There are three major parts of remote installation of any software: files to install, command line to run and how to run it remotely. There will be also one additional step for SNMP to run it properly: configuration. The installation parts are the same for Windows 2000 and Windows 2003. It is completely different and way easier for Windows 2008. The configuration part is the same for all of them
2. Command to Run
Let’s start with the second part, with command to run on a remote server. As you know SNMP is a part of Windows optional components and can be installed with sysocmgr.exe. The command looks like this:
"%windir%\system32\sysocmgr.exe" /r /q /i:"%windir%\inf\sysoc.inf" /u:"c:\temp\snmp.inf"
The snmp.inf file pretends to be a part of sysoc.inf. It contains the lines saying what to install, so for SNMP installation the file is pretty simple
[Components]
NetOC=ON
[NetOptionalComponents]
SNMP=1
It seems to be simple to run, but it is not
3. Files to Install
If you have ever installed SNMP via the Add/Remove Programs applet, you remember that the installer needs some additional files from Windows installation CD. During the user-led installation it is pretty easy to click on the Browse button and select the proper location. How to do so in the command line installation?
3.1. Path to Installation CD
If sysocmgr.exe cannot find the necessary files it reads a registry key to find the location of installation files. Actually, there are two registry keys:
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\SourcePath
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ServicePackSourcePath
Let’s say we have all installation files copied to the \SERVER\WINDOWS_CD folder. In this case the path for these registry keys will look like
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
"SourcePath"="\\\\SERVER\\Windows_CD "
"ServicePackSourcePath"="\\\\SERVER\\Windows_CD "
**
Note:**
The Windows installer will add I386 or/and AMD64 to this path automatically, so we do not need to add them here.
3.2. Registry Change
Now we have two more commands to run before calling sysocmgr.exe. This one to make a copy of the registry settings…
reg save "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup" "C:\TEMP\Original.reg"
…and this one to change them to what we want to have for the installation
reg import "C:\TEMP\InstallationSource.reg"
One more command is required after the installation…
reg restore "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup" "c:\TEMP\Original.reg"
…to return everything back
3.3. What Files Are Used?
Not always is it possible to use a shared folder for the installation files. In such a case all necessary files can be copied locally to the server, where we want to install SNMP. Those files are:
For Windows 2000 and Windows 2003 32-bit edition
- i386\.mi_
- i386\evnt*.*
- i386\hostmib.*
- i386\lmmib2.*
- i386\snmp*.*
For Windows 2003 64-bit edition
- i386\wsnmp*.*
- amd64\.mi_
- amd64\evnt*.*
- amd64\hostmib.*
- amd64\lmmib2.*
- amd64\snmp*.*
- amd64\wsnmp32.dl_
4. How to Run It Remotely
Let’s combine all the commands we want to run on the remote server into one batch file, called snmpinstall.bat. There are a lot of ways to run our batch file on the remote machine. Let’s copy all the files to the server and try psexec from sysinternals (http://technet.microsoft.com/en-us/sysinternals ).
4.1. PSExec
PSExec \\RemoteComputer SNMPInstall.bat
When it runs sysocmgr.exe, it gives the error
401.339.0: 0x80070002 (WIN32: 2)
401.432.0: 0x80070002 (WIN32: 2)
Error code is 2; we will return to its meaning a bit later. Now let’s try to run it with admin account
PSExec \\RemoteComputer -u "Domain\Account" -p “Password” SNMPInstall.bat
Now it even does not want to start. Maybe my copy of PSExec is corrupted, but it just did not work
Logon failure: unknown user name or bad password.
OK, Let’s try schtasks.exe
4.2. SCHTASKS
Create a scheduled task on a server…
SCHTASKS /CREATE /S RemoteComputer /SC ONCE /RU "Domain\Account" /RP “Password” /TN TaskName /TR SNMPInstall.bat /ST 00:00:01
WARNING: The Scheduled task "TaskName" has been created, but may not run because the account information could not be set.
Oops… SCHTASKS cannot pass the password to the remote machine to create a scheduled task. OK, we can run this scheduled task under SYSTEM account
SCHTASKS /CREATE /S RemoteComputer /SC ONCE /RU "SYSTEM" /TN TaskName /TR SNMPInstall.bat /ST 00:00:01
SCHTASKS /RUN /S RemoteComputer /TN TaskName
Now it runs suspiciously quickly. If we check out the scheduled tasks log file, we will see the reason:
"TaskName.job" (SNMPInstall.bat)
Started 6/13/2011 3:43:51 PM
"TaskName.job" (SNMPInstall.bat)
Finished 6/13/2011 3:44:01 PM
Result: The task completed with an exit code of (2).
Error code 2 means “No such folder”
The NT ATHORITY\SYSTEM account, which we used this time, is a local account and it does not have any privileges to go to the network. The same error happened to PSExec and the reason is the same: PSExec runs through a service on a remote machine and this service uses local SYSTEM account
Now we see that we have to copy all necessary files to the remote server and run the installation batch file under system account. It will do the job. Both PSExec and SCHTASKS will work. The only difference is that PSExec has to install a service on a remote machine, SCHTASKS uses Windows Task Scheduler and does not install anything.
Note:
Windows 2008 has very simple way to install any components from the command line. This single command will install SNMP on Windows 2008
Servermanagercmd –install “SNMP-Services”
Here's another option for Windows Server 2008 R2 (requires Windows Remote Management to be enabled):
"%SystemRoot%\System32\winrs.exe" -remote:%1 dism.exe /online /enable-feature /featurename:"SNMP" /featurename:"WMISnmpProvider"
Notes. The second package is optional. If you're not using the above command as part of a batch file you'd need to subsitude %1 with the actuall network address of your remote server.
5. Configuration
All the SNMP settings are stored in registry, which makes this task a bit easier. The settings we need to configure are shown below
- HKLM\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\EnableAuthenticationTraps
- HKLM\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\NameResolutionRetries
- HKLM\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\PermittedManagers
- HKLM\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration
- HKLM\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities
- HKLM\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\RFC1156Agent\sysContact
- HKLM\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\RFC1156Agent\sysLocation
EnableAuthenticationTraps, NameResolutionRetries, sysContact, and sysLocation are just registry values. We can leave them untouched. ValidCommunities, PermittedManagers, and TrapConfiguration are way more important. They define what systems can communicate to the host via SNMP
5.1. ValidCommunities
The ValidCommunities key contains the list of SNMP communities and permissions. It looks like
"<Community Name>"=dword:<Access Rights>
The access rights have the following values:
- NONE – 0x0001
- NOTIFY – 0x0002
- READ ONLY – 0x0004
- READ/WRITE – 0x0008
- READ/CREATE – 0x0010
For example:
"public"=dword:00000004
"private"=dword:00000008
5.2. PermittedManagers
The PermittedManagers key contains the list of hosts, which can query or update a host via SNMP. It is a numbered list of names or IP addresses. For example:
"1"="10.10.10.1"
"2"="MonitoringServer.doamin.com"
5.3. TrapConfiguration
The TrapConfiguration key is a list of subkeys, one per community names. In turn every subkey contains a list of hosts, to which the traps will be sent. For example:
TrapConfiguration\public
"1"="10.10.10.1"
"2"="MonitoringServer.doamin.com"
Note:
Community names are case-sensitive
6. Real Example
This example has been tested and works.
Very important note:
Since sysocmgr.exe is used to install any optional Windows components, it stops all services it can potentially change and then starts them again. Not a big deal? One of these services is MS DTC, so if we use sysocmgr.exe on a SQL cluster, the cluster loses the DTC cluster resource and fails over. No way to prevent that, just use sysocmgr.exe on a passive node and fail it over manually when it is possible.
6.1. Assumptions
Our workstation name: WKS1
Remote server name: SRV1
Installation files location:\SOFTWARE\WIN2K3\
SNMP Community name: CommNAME
SNMP access rights: Read-only
Monitoring server IP address: 10.10.10.1
All the commands run off of WKS1; SRV1 is Windows 2003 32-bit server
6.2. Create Installation Folder
Create a batch file, call it SNMPTempFolder.bat and add the following lines to it
C:
CD\
MD TEMP
CD TEMP
MD SNMP
CD SNMP
MD I386
Run these commands:
Copy SNMPTempFolder.bat \\SRV1\C$\
SCHTASKS /CREATE /S SRV1 /SC ONCE /RU "SYSTEM" /TN SNMP_Remote_Install /TR C:\SNMPTempFolder.bat /ST 00:00:01
SCHTASKS /RUN /S SRV1 /TN SNMP_Remote_Install
6.3. Create Files for Remote Installation
Create the InstallationSource.reg file with the following content
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
"SourcePath"="C:\\TEMP\\SNMP"
"ServicePackSourcePath"="C:\\TEMP\\SNMP"
Create the SNMPConfig.reg file with the following content
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters]
"EnableAuthenticationTraps"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\PermittedManagers]
"1"="10.10.10.1"
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration\public]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration\CommNAME]
"1"="10.10.10.1"
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities]
"CommNAME"=dword:00000004
Create the SNMP.inf file with the following content
[Components]
NetOC=ON
[NetOptionalComponents]
SNMP=1
Create the SNMPInstall.bat file with the following content
DEL "c:\TEMP\SNMP\Original.reg" /q
REG Save "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup" "C:\TEMP\SNMP\Original.reg"
REG Import "C:\TEMP\SNMP\InstallationSource.reg"
"%windir%\system32\sysocmgr.exe" /r /i:"%windir%\inf\sysoc.inf" /u:"C:\TEMP\SNMP\SNMP.inf"
NET STOP snmptrap
NET STOP snmp
REG Import "C:\TEMP\SNMP\SNMPConfig.reg"
NET START snmp
REG Restore "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup" "C:\TEMP\SNMP\Original.reg"
Copy files for remote installation
Copy InstallationSource.reg \\SRV1\C$\TEMP\SNMP
Copy SNMPConfig.reg \\SRV1\C$\TEMP\SNMP
Copy SNMP.inf \\SRV1\C$\TEMP\SNMP
Copy SNMPInstall.bat \\SRV1\C$\TEMP\SNMP
Copy SNMP installation files
Copy \\SOFTWARE\WIN2K3\i386\*.mi_ \\SRV1\C$\TEMP\SNMP\I386
Copy \\SOFTWARE\WIN2K3\i386\evnt*.* \\SRV1\C$\TEMP\SNMP\I386
Copy \\SOFTWARE\WIN2K3\i386\hostmib.* \\SRV1\C$\TEMP\SNMP\I386
Copy \\SOFTWARE\WIN2K3\i386\lmmib2.* \\SRV1\C$\TEMP\SNMP\I386
Copy \\SOFTWARE\WIN2K3\i386\snmp*.* \\SRV1\C$\TEMP\SNMP\I386
6.4. Install!
Run the following commands:
SCHTASKS /CREATE /S SRV1 /SC ONCE /RU "SYSTEM" /TN SNMP_Remote_Install /TR C:\TEMP\SNMP\SNMPInstall.bat /ST 00:00:01
SCHTASKS /RUN /S SRV1 /TN SNMP_Remote_Install
We can monitor the process by running
SCHTASKS /QUERY /S SRV1
SNMP has been installed, configured and should be accessible now.
The job is done!