14
Pandora FMS Administrator Manual Outlook Web Access Plugin

Pandora FMS: Outlook Anywhere Plugin

Embed Size (px)

DESCRIPTION

Monitors the external connection through Outlook Anywhere (RPC over HTTP Proxy) to Exchange mailing system. For more information visit the following webpage: http://pandorafms.com/index.php?sec=Library&sec2=repository&lng=es&action=view_PUI&id_PUI=571

Citation preview

Page 1: Pandora FMS: Outlook Anywhere Plugin

Pandora FMSAdministrator Manual

Outlook Web Access Plugin

Page 2: Pandora FMS: Outlook Anywhere Plugin

Administrator Manual Outlook Web Access

© Artica Soluciones Tecnológicas 2005-2012

Index1Changelog...........................................................................................................................................32Introduction........................................................................................................................................43Compatibility Matrix..........................................................................................................................54Documentation provided by the requesting area................................................................................65Modules provided by the plugin.........................................................................................................76Requirements......................................................................................................................................87Installing.............................................................................................................................................9

7.1.Additional Configuration Fixes ................................................................................................97.1.1.Monitoring via Powershell.................................................................................................97.1.2.Monitoring the Outlook Anywhere Availability..............................................................13

Page 3: Pandora FMS: Outlook Anywhere Plugin

1 CHANGELOG

Date Author Change Version

15/02/12 Tomas First version v1r1

Page 3

Page 4: Pandora FMS: Outlook Anywhere Plugin

2 INTRODUCTION

This document has as main objective the description of monitoring of the Exchange mailing system

from the client point of view.This document describes the way of monitoring the external

connection through Outlook Anywhere (RPC over HTTP Proxy) to that mailing system.

To extract the information, the following things are used:

• Powershell Console 2.0(installed by default in Windows Server 2008 R2, and Windows 7.

Available from Windows XP SP2 in advance).

• An “open” interface (Pandora, as the extension of the administration section) to specify

SQL free queries

• The system, that is integrated with the Windows agent and that is able to distribute file

colections, so it is possible to distribute the plugin by one hand and the file colections in an

individual way-by agent-and/or by policy.

It is important to say that the Performance Counters monitoring plugin could be used to collect

information kind numeric (to manage the performance).

3 COMPATIBILITY MATRIX

Page 4

Page 5: Pandora FMS: Outlook Anywhere Plugin

The plugin compatibility matrix is the following:

Systems where it has been tested • Windows Server 2008

Systems where it should work

• Same system or higher.• Windows Server 2003 (with

implementation kit).• Windows XP SP2 or higher (with

implementation kit).

Depending on the system language, the format of the counters to monitor could change, so it will

be necesary to adapt the counters.txt file depending on the circumstances.

4 DOCUMENTATION PROVIDED BY THE REQUESTING AREA

The requesting area must send the following information:

Page 5

Page 6: Pandora FMS: Outlook Anywhere Plugin

• IP address for Exchange or CAS Array.

• Protocol to connect to RPC (ncacn_ip_tcp, ncacn_np, ncacn_http, etc).

• IP address for RPC proxy.

• Username to authenticate on Exchange.

• Password to authenticate on Exchange.

• Username to authenticate on RPC proxy.

• Username to authenticate on RPC proxy.

5 MODULES PROVIDED BY THE PLUGIN

The plugin generates the following modules:

Page 6

Page 7: Pandora FMS: Outlook Anywhere Plugin

• Windows Monitoring

• OutlookAnywhere Connectivity (DS Proxy Service)

• OutlookAnywhere Connectivity (DS Referral Service)

• OutlookAnywhere Connectivity (Information Store Service)

• CAS Exchange Monitoring

• \RPC/HTTP Proxy\Current Number of Incoming RPC over HTTP Connections• \RPC/HTTP Proxy\Current Number of Unique Users• \RPC/HTTP Proxy\Number of Failed Back-End Connection attempts per Second• \RPC/HTTP Proxy\RPC/HTTP Requests per Second

6 REQUIREMENTS

The requirements for this monitoring works correctly are the following:

Page 7

Page 8: Pandora FMS: Outlook Anywhere Plugin

• To install the Pandora FMS agent in version 3.2.1 or higher.

• A Powershell 2.0 console to execute the plugin. By default it comes installed in Windows

Server 2008 R2 and Windows 7 systems, but it should be downloaded for Windows

previous versions. Powershell is not compatible with Windows XP SP1 systems or lower.

• It is necessary that the user with which the Pandora FMS agent is executed, that is the user

that will execute the plugin, has the following permissions of the system:

◦ Local administrator

• The policy for executing Powershell scripts should be fixed as RemoteSigned or lower.

Set-ExecutionPolicy RemoteSigned

• The different plugins will get automatically the information about all counters that we have

specified in one list in the counters.txt file and it will create one module for each one in

Pandora (Plugin PerfCounter).Besides, they will get information about the status of the

critical elements for the Outlook Anywhere service (Plugin Outlook Anywhere).

• Addecuate configuration of the connections and permissions in order to allow to the

software agent from which the plugin is executed, to connect with the RPC Front-End of the

Exchange architecture and to log with right credentials in this platform, using RPC on

HTTP (Outlook Anywhere).

Page 8

Page 9: Pandora FMS: Outlook Anywhere Plugin

7 INSTALLING

You should copy the plugins to the agent plugin directory, distributing it through file collections.

Do the same with the additional files that they need. The call from the agent will be similar to this,

but using the paths where the plugin and the list are installed.

For example:

module_plugin "<ruta-powershell>\powershell.exe" -command C:\'<ruta-plugin>\Pandora_Plugin_PerfCounter_vx.y.ps1' -list C:\'<ruta-listado>\counters.txt' 2> counter_plugin.error

7.1. Additional Configuration Fixes

NOTE: It is extremely important to consider that the configuration files that are though for the

plugin in WINDOWS should be edited and stored with carriage return kind “WINDOWS” and

that carriage return kind “UNIX” are used, then the plugin will be not work correctly.

There are some specific checks that has their own configuration “tokens”. They are described next.

7.1.1. Monitoring via Powershell

Starting from the basis that we have already installed and configured both Pandora and the system to monitor,we are going to explain how to get information about the status of the Outlook Anywhere service in general, from performance management from counters of the “RPC/HTTP Proxy” and also checks of the availability of the service from clients based on Powershell that through the use of the rpcping command avilable from Windows 2003 as an uptading of the implementation kit, will be in charge of ckeching the RPC connectivity against the ports used by Outlook Anywhere for its performance (6001, 6002 y 6004).

For this case, we install both the Pandora software agent and the different plugins of the Powershell agent in the machine.

Summarizing, an agent plugin is an script that is executed in the local machine where the software agent is installed, and that extracts an useful information in XML format that the agent is going to send after to the Pandora server to be processed.

In order the Pandora software agent that we have installed in our server to monitor executes that script, we should edit the agent configuration file and do the call to the plugin through the module_plugin configuration token.

Page 9

Page 10: Pandora FMS: Outlook Anywhere Plugin

We are going to edit the Pandora agent configuration file from the Pandora FMS administration console. To do this, we should activate previously the remote_config option in the same file to 1. This file is located by default at:

C:\Archivos de programa\pandora_agent\pandora_agent.conf

Counting on that we could edit the configuration by remote, we go to the Administration ->Agent

management and click on the agent remote configuration icon that we want to monitor.

We should introduce this at the end of the configuration file , for example:

Page 10

Page 11: Pandora FMS: Outlook Anywhere Plugin

# Agent Plugins for Outlook Anywhere Monitoring

module_plugin "<ruta-powershell>\powershell.exe" -command C:\'<ruta-plugin>\Pandora_Plugin_OutlookAnywhere_Monitoring_v1.0.ps1' -S exchange_server -typencacn_http -R front_end_proxy -I 'username,domain,*' -P 'username,domain,*' 2>plugin_error.log

module_plugin "<ruta-powershell>\powershell.exe" -command C:\'<ruta-plugin>\Pandora_Plugin_PerfCounter_vx.y.ps1' -list C:\'<ruta-listado>\counters.txt' 2> counter_plugin.error

We save the file and restart the Pandora agent.

We should consider the plugin readress of errors to one error log, mainly because of the cmdlets

execution timeout when you have to process a hugh quantity of informatin in little time.

Supposing that we want to generate one module for each one of the machine counters , the cmdlet

should have to process an average of 20000 counters at one time, so that until it has not processed

all the counters list it doesn't show the information, the time since it process the information until

it shows it, the

Powershell cmdlet displays one error message after another, advising that the counter of the list

has not been found.

This is due to the fact that the Powershell cmdlet understands that if x time has passed since the

counter request and the data hasn't been shown in the output, then the data it was looking for

hasn't been found, even when indeed it has been found, but not shown yet though.

In order to avoid to increase the log without control and even so get all the errors ocurred when

executing the plugin in the last interval ( just in case if there is any real error), to do the readress

using the symbol “2>” such as it comes specified in the line that should be introduced in the

configuration file.

Once it has been configured, we should distribute the necesary files through file collections. These

are file packages that are sent to all the agents that have them assigned ( would be it separately or

because it is included in a policy with assigned file collections) through a centralized distribution

system integrated in Pandora FMS.

This process will be explained in detail through the document.

Page 11

Page 12: Pandora FMS: Outlook Anywhere Plugin

One of the most powerful features of the plugin in Powershell is the posibility of specifying instead

of creating the modules for each performance counter one by one, to select all the counters

specified in one list so the plugin will do only one check and generates automatically one module

for all these counters, optimizing at maximum the time necesary to extract all information. This list

should be located in the same folder as that plugin is, and that is named counters.txt Lets see an

example of its content:

\Web Service(*)\Total Bytes Sent\Web Service(*)\Bytes Sent/sec\Web Service(*)\Total Bytes Received\Web Service(*)\Bytes Received/sec

As the counters have counters.txt, the plugin will create one module for each one of them. If one

counter has several instances, as in the case of (*), the plugin will do one module for each one of the

instances of the counter. To develop any othe plugin that gets information via Powershell it is

important to consider the cmdlet use:

select-object -property *

With this cmdlet as base, we could add it after any other cmdle that has statistics, preceded by this

sign (|), and it will give us information about all the characteristics of this cmdlet, but when

executing the first cmdlet in a general way without using any parameters, it will only return a

default info list

This way, our monitoring posibilities using Powershell are notably expanded.

In case that we want to add new modules to our plugin, before doing anything, try to execute the

cmdlet from which we want to get information with the previously mentioned one, to this way

could get all the available information.

One example of the use of this command would be this:

Get-Service | Select-Object -Property *

Usually, the result of the Get-Service cmdlet would be a list in table format of all services with their

Page 12

Page 13: Pandora FMS: Outlook Anywhere Plugin

description an status. However, when applying this second cmdlet, we get for each service some

information about all the characteristics that this service has:

Name : serviceRequiredServices : {service1, service2}CanPauseAndContinue : FalseCanShutdown : TrueCanStop : TrueDisplayName : This is a Windows ServiceDependentServices : {service3}MachineName : .ServiceName : serviceServicesDependedOn : {service1, service2}ServiceHandle : SafeServiceHandleStatus : StoppedServiceType : Win32ShareProcessSite :Container :

7.1.2. Monitoring the Outlook Anywhere Availability

Regardless of the configuration of our Exchange platform, for the correct work of the Outlook

Anywhere service, it will be necessary to be sure that the Exchange server (or address of the

Exchange CAS Array) would be accessible through the RPC proxy if it is defined (usually the

external access address) .

For this, the ports 6001, 6003 and 6004,that are the ones that this service uses for its work, should

be open, to could use the RPCPing.exe tool against them to log with correct credentials and ensure

the availability of the service.

On the contrary, the usual thing will be to get an error code or 1722 exception showing that the RPC

server is not available.

The plugin does a RPC ping against the ports 6001, 6003 and 6004 (Outlook Anywhere) of the

Exchange/Proxy RPC server combo using the credentials to authenticate with the server and the

RPC/HTTP proxy, given as parameters.

Once the plugin is executed, this create three different modules that are identified with the

connectivity and authentication from the outside against each of this ports.

If any of this ports is filtered or any of the credentials is wrong, the authentication in the Exchange

server would't be possible, and will cause the critical status of the respective modules.

The plugin configuration parameters are the following ones:

• -S: Exchange server to connect to (it could be a CAS Array)

Page 13

Page 14: Pandora FMS: Outlook Anywhere Plugin

• -type: Protocol sequence to use. Could be any of the standar RPC protocol sequences–

ncacn_ip_tcp, ncacn_np, ncacn_http, etc.

• -R: Specify the location of the proxy RPC.

• -I: Allows to specify credentials to authenticate in the Exchange server.

• -P: Allows to specify credentials to authenticate in the proxy RPC/HTTP.

An example of one module to execute the plugin would be:

m o d u l e _ p l u g i n P o w e r s h e l l . e x e - c o m m a n d C : \ ' < r u t a -

plugin>'\Pandora_Plugin_OutlookAnywhere_Monitoring_v1.0.ps1 -S exchange_server -type

ncacn_http -R front_end_proxy -I 'username,domain,*' -P 'username,domain,*'

2>plugin_error.log

Page 14