Pandora FMS: Outlook Anywhere Plugin

378 views

Published on

Monitors the external connection through Outlook Anywhere (RPC over HTTP Proxy) to Exchange mailing system. For more information visit the following webpage: http://pandorafms.com/index.php?sec=Library&sec2=repository&lng=es&action=view_PUI&id_PUI=571

Published in: Software, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
378
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Pandora FMS: Outlook Anywhere Plugin

  1. 1. Pandora FMS Administrator Manual Outlook Web Access Plugin
  2. 2. Administrator Manual Outlook Web Access © Artica Soluciones Tecnológicas 2005-2012 Index 1Changelog...........................................................................................................................................3 2Introduction........................................................................................................................................4 3Compatibility Matrix..........................................................................................................................5 4Documentation provided by the requesting area................................................................................6 5Modules provided by the plugin.........................................................................................................7 6Requirements......................................................................................................................................8 7Installing.............................................................................................................................................9 7.1.Additional Configuration Fixes ................................................................................................9 7.1.1.Monitoring via Powershell.................................................................................................9 7.1.2.Monitoring the Outlook Anywhere Availability..............................................................13
  3. 3. 1 CHANGELOG Date Author Change Version 15/02/12 Tomas First version v1r1 Page 3
  4. 4. 2 INTRODUCTION This document has as main objective the description of monitoring of the Exchange mailing system from the client point of view.This document describes the way of monitoring the external connection through Outlook Anywhere (RPC over HTTP Proxy) to that mailing system. To extract the information, the following things are used: • Powershell Console 2.0(installed by default in Windows Server 2008 R2, and Windows 7. Available from Windows XP SP2 in advance). • An “open” interface (Pandora, as the extension of the administration section) to specify SQL free queries • The system, that is integrated with the Windows agent and that is able to distribute file colections, so it is possible to distribute the plugin by one hand and the file colections in an individual way-by agent-and/or by policy. It is important to say that the Performance Counters monitoring plugin could be used to collect information kind numeric (to manage the performance). 3 COMPATIBILITY MATRIX Page 4
  5. 5. The plugin compatibility matrix is the following: Systems where it has been tested • Windows Server 2008 Systems where it should work • Same system or higher. • Windows Server 2003 (with implementation kit). • Windows XP SP2 or higher (with implementation kit). Depending on the system language, the format of the counters to monitor could change, so it will be necesary to adapt the counters.txt file depending on the circumstances. 4 DOCUMENTATION PROVIDED BY THE REQUESTING AREA The requesting area must send the following information: Page 5
  6. 6. • IP address for Exchange or CAS Array. • Protocol to connect to RPC (ncacn_ip_tcp, ncacn_np, ncacn_http, etc). • IP address for RPC proxy. • Username to authenticate on Exchange. • Password to authenticate on Exchange. • Username to authenticate on RPC proxy. • Username to authenticate on RPC proxy. 5 MODULES PROVIDED BY THE PLUGIN The plugin generates the following modules: Page 6
  7. 7. • Windows Monitoring • OutlookAnywhere Connectivity (DS Proxy Service) • OutlookAnywhere Connectivity (DS Referral Service) • OutlookAnywhere Connectivity (Information Store Service) • CAS Exchange Monitoring • RPC/HTTP ProxyCurrent Number of Incoming RPC over HTTP Connections • RPC/HTTP ProxyCurrent Number of Unique Users • RPC/HTTP ProxyNumber of Failed Back-End Connection attempts per Second • RPC/HTTP ProxyRPC/HTTP Requests per Second 6 REQUIREMENTS The requirements for this monitoring works correctly are the following: Page 7
  8. 8. • To install the Pandora FMS agent in version 3.2.1 or higher. • A Powershell 2.0 console to execute the plugin. By default it comes installed in Windows Server 2008 R2 and Windows 7 systems, but it should be downloaded for Windows previous versions. Powershell is not compatible with Windows XP SP1 systems or lower. • It is necessary that the user with which the Pandora FMS agent is executed, that is the user that will execute the plugin, has the following permissions of the system: ◦ Local administrator • The policy for executing Powershell scripts should be fixed as RemoteSigned or lower. Set-ExecutionPolicy RemoteSigned • The different plugins will get automatically the information about all counters that we have specified in one list in the counters.txt file and it will create one module for each one in Pandora (Plugin PerfCounter).Besides, they will get information about the status of the critical elements for the Outlook Anywhere service (Plugin Outlook Anywhere). • Addecuate configuration of the connections and permissions in order to allow to the software agent from which the plugin is executed, to connect with the RPC Front-End of the Exchange architecture and to log with right credentials in this platform, using RPC on HTTP (Outlook Anywhere). Page 8
  9. 9. 7 INSTALLING You should copy the plugins to the agent plugin directory, distributing it through file collections. Do the same with the additional files that they need. The call from the agent will be similar to this, but using the paths where the plugin and the list are installed. For example: module_plugin "<ruta-powershell>powershell.exe" -command C:'<ruta- plugin>Pandora_Plugin_PerfCounter_vx.y.ps1' -list C:'<ruta-listado>counters.txt' 2> counter_plugin.error 7.1. Additional Configuration Fixes NOTE: It is extremely important to consider that the configuration files that are though for the plugin in WINDOWS should be edited and stored with carriage return kind “WINDOWS” and that carriage return kind “UNIX” are used, then the plugin will be not work correctly. There are some specific checks that has their own configuration “tokens”. They are described next. 7.1.1. Monitoring via Powershell Starting from the basis that we have already installed and configured both Pandora and the system to monitor,we are going to explain how to get information about the status of the Outlook Anywhere service in general, from performance management from counters of the “RPC/HTTP Proxy” and also checks of the availability of the service from clients based on Powershell that through the use of the rpcping command avilable from Windows 2003 as an uptading of the implementation kit, will be in charge of ckeching the RPC connectivity against the ports used by Outlook Anywhere for its performance (6001, 6002 y 6004). For this case, we install both the Pandora software agent and the different plugins of the Powershell agent in the machine. Summarizing, an agent plugin is an script that is executed in the local machine where the software agent is installed, and that extracts an useful information in XML format that the agent is going to send after to the Pandora server to be processed. In order the Pandora software agent that we have installed in our server to monitor executes that script, we should edit the agent configuration file and do the call to the plugin through the module_plugin configuration token. Page 9
  10. 10. We are going to edit the Pandora agent configuration file from the Pandora FMS administration console. To do this, we should activate previously the remote_config option in the same file to 1. This file is located by default at: C:Archivos de programapandora_agentpandora_agent.conf Counting on that we could edit the configuration by remote, we go to the Administration ->Agent management and click on the agent remote configuration icon that we want to monitor. We should introduce this at the end of the configuration file , for example: Page 10
  11. 11. # Agent Plugins for Outlook Anywhere Monitoring module_plugin "<ruta-powershell>powershell.exe" -command C:'<ruta- plugin>Pandora_Plugin_OutlookAnywhere_Monitoring_v1.0.ps1' -S exchange_server -type ncacn_http -R front_end_proxy -I 'username,domain,*' -P 'username,domain,*' 2>plugin_error.log module_plugin "<ruta-powershell>powershell.exe" -command C:'<ruta- plugin>Pandora_Plugin_PerfCounter_vx.y.ps1' -list C:'<ruta-listado>counters.txt' 2> counter_plugin.error We save the file and restart the Pandora agent. We should consider the plugin readress of errors to one error log, mainly because of the cmdlets execution timeout when you have to process a hugh quantity of informatin in little time. Supposing that we want to generate one module for each one of the machine counters , the cmdlet should have to process an average of 20000 counters at one time, so that until it has not processed all the counters list it doesn't show the information, the time since it process the information until it shows it, the Powershell cmdlet displays one error message after another, advising that the counter of the list has not been found. This is due to the fact that the Powershell cmdlet understands that if x time has passed since the counter request and the data hasn't been shown in the output, then the data it was looking for hasn't been found, even when indeed it has been found, but not shown yet though. In order to avoid to increase the log without control and even so get all the errors ocurred when executing the plugin in the last interval ( just in case if there is any real error), to do the readress using the symbol “2>” such as it comes specified in the line that should be introduced in the configuration file. Once it has been configured, we should distribute the necesary files through file collections. These are file packages that are sent to all the agents that have them assigned ( would be it separately or because it is included in a policy with assigned file collections) through a centralized distribution system integrated in Pandora FMS. This process will be explained in detail through the document. Page 11
  12. 12. One of the most powerful features of the plugin in Powershell is the posibility of specifying instead of creating the modules for each performance counter one by one, to select all the counters specified in one list so the plugin will do only one check and generates automatically one module for all these counters, optimizing at maximum the time necesary to extract all information. This list should be located in the same folder as that plugin is, and that is named counters.txt Lets see an example of its content: Web Service(*)Total Bytes Sent Web Service(*)Bytes Sent/sec Web Service(*)Total Bytes Received Web Service(*)Bytes Received/sec As the counters have counters.txt, the plugin will create one module for each one of them. If one counter has several instances, as in the case of (*), the plugin will do one module for each one of the instances of the counter. To develop any othe plugin that gets information via Powershell it is important to consider the cmdlet use: select-object -property * With this cmdlet as base, we could add it after any other cmdle that has statistics, preceded by this sign (|), and it will give us information about all the characteristics of this cmdlet, but when executing the first cmdlet in a general way without using any parameters, it will only return a default info list This way, our monitoring posibilities using Powershell are notably expanded. In case that we want to add new modules to our plugin, before doing anything, try to execute the cmdlet from which we want to get information with the previously mentioned one, to this way could get all the available information. One example of the use of this command would be this: Get-Service | Select-Object -Property * Usually, the result of the Get-Service cmdlet would be a list in table format of all services with their Page 12
  13. 13. description an status. However, when applying this second cmdlet, we get for each service some information about all the characteristics that this service has: Name : service RequiredServices : {service1, service2} CanPauseAndContinue : False CanShutdown : True CanStop : True DisplayName : This is a Windows Service DependentServices : {service3} MachineName : . ServiceName : service ServicesDependedOn : {service1, service2} ServiceHandle : SafeServiceHandle Status : Stopped ServiceType : Win32ShareProcess Site : Container : 7.1.2. Monitoring the Outlook Anywhere Availability Regardless of the configuration of our Exchange platform, for the correct work of the Outlook Anywhere service, it will be necessary to be sure that the Exchange server (or address of the Exchange CAS Array) would be accessible through the RPC proxy if it is defined (usually the external access address) . For this, the ports 6001, 6003 and 6004,that are the ones that this service uses for its work, should be open, to could use the RPCPing.exe tool against them to log with correct credentials and ensure the availability of the service. On the contrary, the usual thing will be to get an error code or 1722 exception showing that the RPC server is not available. The plugin does a RPC ping against the ports 6001, 6003 and 6004 (Outlook Anywhere) of the Exchange/Proxy RPC server combo using the credentials to authenticate with the server and the RPC/HTTP proxy, given as parameters. Once the plugin is executed, this create three different modules that are identified with the connectivity and authentication from the outside against each of this ports. If any of this ports is filtered or any of the credentials is wrong, the authentication in the Exchange server would't be possible, and will cause the critical status of the respective modules. The plugin configuration parameters are the following ones: • -S: Exchange server to connect to (it could be a CAS Array) Page 13
  14. 14. • -type: Protocol sequence to use. Could be any of the standar RPC protocol sequences– ncacn_ip_tcp, ncacn_np, ncacn_http, etc. • -R: Specify the location of the proxy RPC. • -I: Allows to specify credentials to authenticate in the Exchange server. • -P: Allows to specify credentials to authenticate in the proxy RPC/HTTP. An example of one module to execute the plugin would be: m o d u l e _ p l u g i n P o w e r s h e l l . e x e - c o m m a n d C : ' < r u t a - plugin>'Pandora_Plugin_OutlookAnywhere_Monitoring_v1.0.ps1 -S exchange_server -type ncacn_http -R front_end_proxy -I 'username,domain,*' -P 'username,domain,*' 2>plugin_error.log Page 14

×