Lokisite
2012-11-10 00:43:25 UTC
Lokisite [http://community.zenoss.org/people/Lokisite] created the discussion
"Yet Another WMI Question..."
To view the discussion, visit: http://community.zenoss.org/message/69798#69798
--------------------------------------------------------------
Hi folks. Just about done pulling my hair out here with Zenoss and WMI. I've been up and down every post I can find, coming tantalizingly close to solving things but never quite getting there. I've created a testbed environment in order to isolate as much as I can. Here's what I've got so far.
* One Windows 2008 R2 EC2 instance (not attached to a domain). Call it TARGET.
* Windows Firewall is off
* EC2 Firewall allows ALL TRAFFIC
* Another Windows 2008 R2 EC2 instance, also standalone (no domain). Call it SOURCE
* WBEMTest and Solar Windows WMI Monitor on SOURCE are *both able to connect* to TARGET using admin-level credentials. I can query against WMI without issue. WMI is definitely working on TARGET.
* I have a Centos 6 instance running Zenoss Core 4. Call this ZENOSS. Again, completely standalone, isolated system.
* Running the following wmic command (and many, many variations) yields...
./wmic -d20 -U ./Administrator%Passw0rd //ec2-12-42-97-33.compute-1.amazonaws.com "select LoadPercentage from Win32_Processor"
.... some debug output... about a 120 second pause.. and finally..
[librpc/rpc/dcerpc_connect.c:337:dcerpc_pipe_connect_ncacn_ip_tcp_recv()] failed NT status (c0000017) in dcerpc_pipe_connect_ncacn_ip_tcp_recv
[librpc/rpc/dcerpc_connect.c:820:dcerpc_pipe_connect_b_recv()] ENTER function dcerpc_pipe_connect_b_recv
[librpc/rpc/dcerpc_connect.c:828:dcerpc_pipe_connect_b_recv()] failed NT status (c0000017) in dcerpc_pipe_connect_b_recv
[librpc/rpc/dcerpc_connect.c:837:dcerpc_pipe_connect_b_recv()] EXITÂ function dcerpc_pipe_connect_b_recv (PASS)
[lib/com/dcom/main.c:1054:bind_new_pipe_continue()] Unable to bind to 2001:0:9d38:6ab8:243a:35ef:f53c:a010[49154]: NT_STATUS_NO_MEMORY
[lib/com/dcom/main.c:1098:try_next_binding()] dcom_get_pipe: Skipping binding \\\\IP-0AC35FEF[\\PIPE\\srvsvc]
[wmi/wmic.c:196:main()] ERROR: Login to remote object.
NTSTATUS: NT code 0xc002001b - NT code 0xc002001b
When I see network-sensitive apps pause, I immediately think name resolution problems. Now here's something interesting. If I look at the wmic debug output I see...
[lib/com/dcom/main.c:1054:bind_new_pipe_continue()] Unable to bind to ip-0AC35FEF[49154]: NT_STATUS_IO_TIMEOUT
[lib/com/dcom/main.c:1054:bind_new_pipe_continue()] Unable to bind to 10.195.95.219[49154]: NT_STATUS_IO_TIMEOUT
[lib/util/util.c:334:interpret_addr()] sys_gethostbyname: Unknown host. 2001:0:9d38:6ab8:243a:35ef:f53c:a020
These are all valid interfaces on TARGET, but obviously they won't resolve/bind, because we're going across the WAN. Is this relevant/bad/a glimmer of hope? I'm thinking that a) I should see a bind against the WAN address and b) all of these bad binds are timing out and perhaps taking the whole wmic attempt down with it.
Please.. please.. I love SNMP, but damnit Jim, I need more metrics (see what I did there? Bones and Scotty, all in one).
Please pepper me with questions and insults!
Thanks,
Mike
--------------------------------------------------------------
Reply to this message by replying to this email -or- go to the discussion on Zenoss Community
[http://community.zenoss.org/message/69798#69798]
Start a new discussion in zenoss-users by email
[discussions-community-forums-zenoss--***@community.zenoss.org] -or- at Zenoss Community
[http://community.zenoss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2003]
"Yet Another WMI Question..."
To view the discussion, visit: http://community.zenoss.org/message/69798#69798
--------------------------------------------------------------
Hi folks. Just about done pulling my hair out here with Zenoss and WMI. I've been up and down every post I can find, coming tantalizingly close to solving things but never quite getting there. I've created a testbed environment in order to isolate as much as I can. Here's what I've got so far.
* One Windows 2008 R2 EC2 instance (not attached to a domain). Call it TARGET.
* Windows Firewall is off
* EC2 Firewall allows ALL TRAFFIC
* Another Windows 2008 R2 EC2 instance, also standalone (no domain). Call it SOURCE
* WBEMTest and Solar Windows WMI Monitor on SOURCE are *both able to connect* to TARGET using admin-level credentials. I can query against WMI without issue. WMI is definitely working on TARGET.
* I have a Centos 6 instance running Zenoss Core 4. Call this ZENOSS. Again, completely standalone, isolated system.
* Running the following wmic command (and many, many variations) yields...
./wmic -d20 -U ./Administrator%Passw0rd //ec2-12-42-97-33.compute-1.amazonaws.com "select LoadPercentage from Win32_Processor"
.... some debug output... about a 120 second pause.. and finally..
[librpc/rpc/dcerpc_connect.c:337:dcerpc_pipe_connect_ncacn_ip_tcp_recv()] failed NT status (c0000017) in dcerpc_pipe_connect_ncacn_ip_tcp_recv
[librpc/rpc/dcerpc_connect.c:820:dcerpc_pipe_connect_b_recv()] ENTER function dcerpc_pipe_connect_b_recv
[librpc/rpc/dcerpc_connect.c:828:dcerpc_pipe_connect_b_recv()] failed NT status (c0000017) in dcerpc_pipe_connect_b_recv
[librpc/rpc/dcerpc_connect.c:837:dcerpc_pipe_connect_b_recv()] EXITÂ function dcerpc_pipe_connect_b_recv (PASS)
[lib/com/dcom/main.c:1054:bind_new_pipe_continue()] Unable to bind to 2001:0:9d38:6ab8:243a:35ef:f53c:a010[49154]: NT_STATUS_NO_MEMORY
[lib/com/dcom/main.c:1098:try_next_binding()] dcom_get_pipe: Skipping binding \\\\IP-0AC35FEF[\\PIPE\\srvsvc]
[wmi/wmic.c:196:main()] ERROR: Login to remote object.
NTSTATUS: NT code 0xc002001b - NT code 0xc002001b
When I see network-sensitive apps pause, I immediately think name resolution problems. Now here's something interesting. If I look at the wmic debug output I see...
[lib/com/dcom/main.c:1054:bind_new_pipe_continue()] Unable to bind to ip-0AC35FEF[49154]: NT_STATUS_IO_TIMEOUT
[lib/com/dcom/main.c:1054:bind_new_pipe_continue()] Unable to bind to 10.195.95.219[49154]: NT_STATUS_IO_TIMEOUT
[lib/util/util.c:334:interpret_addr()] sys_gethostbyname: Unknown host. 2001:0:9d38:6ab8:243a:35ef:f53c:a020
These are all valid interfaces on TARGET, but obviously they won't resolve/bind, because we're going across the WAN. Is this relevant/bad/a glimmer of hope? I'm thinking that a) I should see a bind against the WAN address and b) all of these bad binds are timing out and perhaps taking the whole wmic attempt down with it.
Please.. please.. I love SNMP, but damnit Jim, I need more metrics (see what I did there? Bones and Scotty, all in one).
Please pepper me with questions and insults!
Thanks,
Mike
--------------------------------------------------------------
Reply to this message by replying to this email -or- go to the discussion on Zenoss Community
[http://community.zenoss.org/message/69798#69798]
Start a new discussion in zenoss-users by email
[discussions-community-forums-zenoss--***@community.zenoss.org] -or- at Zenoss Community
[http://community.zenoss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2003]