KS-Soft. Network Management Solutions
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister    ProfileProfile    Log inLog in 

How to monitor services and processes on windows vista
Goto page 1, 2  Next
 
Post new topic   Reply to topic    KS-Soft Forum Index -> Configuration, Maintenance, Troubleshooting
View previous topic :: View next topic  
Author Message
vpavel



Joined: 30 Oct 2007
Posts: 12

PostPosted: Tue Oct 30, 2007 9:08 am    Post subject: How to monitor services and processes on windows vista Reply with quote

HI
We want to monitor some processes on vista,Remote registry is enabled and firewall is off but we still get "can't connect to remote registry or win32 error #5"
Any ideas?
Thank you
Back to top
View user's profile Send private message
KS-Soft Europe



Joined: 16 May 2006
Posts: 2832

PostPosted: Tue Oct 30, 2007 9:30 am    Post subject: Reply with quote

What exact test method do you use? "Process"? "WMI"? "Process" test method requires admins privileges as well. What account do you use to start HostMonitor? Have you specified certain account for the "Process" test into "Connect as" input box? Or you do use "Connection Manager"?

Please ensure:
1. RPC service is started on the remote system
2. PerfProc.DLL is enabled on target system

Regards,
Max
Back to top
View user's profile Send private message Send e-mail Visit poster's website
vpavel



Joined: 30 Oct 2007
Posts: 12

PostPosted: Tue Oct 30, 2007 10:30 am    Post subject: Reply with quote

We are using process test with admin user in "connect as" field. tried both (ip\user) or(user).
rpc is running.
I enabled perfproc.dll via regsvr32- didnt work. We have no problems to monitor processes and other tests on windows xp...
Back to top
View user's profile Send private message
KS-Soft Europe



Joined: 16 May 2006
Posts: 2832

PostPosted: Tue Oct 30, 2007 11:02 am    Post subject: Reply with quote

vpavel wrote:
We are using process test with admin user in "connect as" field. tried both (ip\user) or(user).
We recommend to start HostMonitor under admins account and use "Connection Manager" instead of using "Connect as" box. Connection Manager provides one convenient place to store account information necessary to perform connections to remote systems. http://www.ks-soft.net/hostmon.eng/mframe.htm#profiles.htm#conmgr

vpavel wrote:
I enabled perfproc.dll via regsvr32- didnt work.
Microsoft provides "Extensible Counter List" utility: http://www.microsoft.com/downloads/details.aspx?FamilyID=7ff99683-b7ec-4da6-92ab-793193604ba4&displaylang=en
This utility displays list of DLLs that are used to support Performance Counters, using the utility you may disable/enable specific DLLs.

vpavel wrote:
We have no problems to monitor processes and other tests on windows xp...
Could you take a look at the "Event Viewer"'s "Security" log? Do you see any messages regarding HostMonitor? "Failure audit" messages should help us to find out the cause. Please note: audit should be enabled on the remote machine.

Regards,
Max
Back to top
View user's profile Send private message Send e-mail Visit poster's website
vpavel



Joined: 30 Oct 2007
Posts: 12

PostPosted: Tue Oct 30, 2007 12:36 pm    Post subject: Reply with quote

I enabled audit and found this : "The Windows Filtering Platform has blocked a bind to a local port." event id 5159 and "A handle to an object was requested." event 4656, both failure audit events in security log.I think its related..
Also i tried with "connection manager" - no success
Thank you
Back to top
View user's profile Send private message
KS-Soft Europe



Joined: 16 May 2006
Posts: 2832

PostPosted: Wed Oct 31, 2007 10:20 am    Post subject: Reply with quote

Actually, I had tried to find information regarding errors you provided, but found nothing interesting. Looks like some third party software, like antivirus or firewall (e.g. ZoneAlarm, which uses WFP (Windows Filtering Platform) API) are blocking connections from remote hosts.
Do you have installed antivirus monitor? Additional firewall? Content monitoring software? Non-standard winsock components? Network packet analyzer?


Regards,
Max
Back to top
View user's profile Send private message Send e-mail Visit poster's website
vpavel



Joined: 30 Oct 2007
Posts: 12

PostPosted: Wed Oct 31, 2007 10:52 am    Post subject: Reply with quote

nothing.
just clean vista installation,I must find the way for monitoring because i have 10 more machines to upgrade from xp..
For examle for cpu performance monitor i get error form HM " Unable to locate "processor" performance object.
For process test - its only win32 error #5
Back to top
View user's profile Send private message
KS-Soft Europe



Joined: 16 May 2006
Posts: 2832

PostPosted: Wed Oct 31, 2007 11:34 am    Post subject: Reply with quote

vpavel wrote:
just clean vista installation,I must find the way for monitoring because i have 10 more machines to upgrade from xp..
Could you provide more information, please?
- What version of HostMonitor do you use?
- What Windows is installed on the machine, where HostMonitor is running? Service Pack?
- Is HostMonitor started as a service or as an application?
- What exact Vista version do you use? Ultimate? Business?

vpavel wrote:
For examle for cpu performance monitor i get error form HM " Unable to locate "processor" performance object.
It means "PerfOS.dll" is not enabled on the system. Have you tried to use Microsoft's "Extensible Counter List" utility? It is a free tool for enabing/disabling counters from Microsoft. http://www.microsoft.com/downloads/details.aspx?FamilyID=7ff99683-b7ec-4da6-92ab-793193604ba4&displaylang=en
You should run it on your Vista. To run "CPU" test method, PerfOS.dll should be enabled on the system, and to run "Process" test PerfProc.dll should be enabled on the system.

Regards,
Max
Back to top
View user's profile Send private message Send e-mail Visit poster's website
vpavel



Joined: 30 Oct 2007
Posts: 12

PostPosted: Wed Oct 31, 2007 12:50 pm    Post subject: Reply with quote

OK,i downloaded that tool, installed it.I can see now dll list,can read information regarding dll's , but i can't enable or disable it.The only button that is clickable in that tool is "refresh" button.
I am using last version of host monitor 6.82 running on windows xp sp2.
I am trying to monitor windows vista business.Monitorinh of 2003 and xp works fine.HM is starting as aplication.
Thank you


Last edited by vpavel on Wed Oct 31, 2007 12:53 pm; edited 1 time in total
Back to top
View user's profile Send private message
vpavel



Joined: 30 Oct 2007
Posts: 12

PostPosted: Wed Oct 31, 2007 12:52 pm    Post subject: Reply with quote

sorry,my mistake, i foud checkbox for enabling.Perfproc.dll is enabled there....
Back to top
View user's profile Send private message
KS-Soft Europe



Joined: 16 May 2006
Posts: 2832

PostPosted: Wed Oct 31, 2007 1:39 pm    Post subject: Reply with quote

vpavel wrote:
sorry,my mistake, i foud checkbox for enabling.Perfproc.dll is enabled there....
So, what about perfos.dll? If you see the "Unable to locate "processor" performance object", it means you have passed thru authentication.

Regards,
Max
Back to top
View user's profile Send private message Send e-mail Visit poster's website
vpavel



Joined: 30 Oct 2007
Posts: 12

PostPosted: Wed Oct 31, 2007 10:15 pm    Post subject: Reply with quote

All counters enabled there,including perfos.dll
Do you have any other suggestions ?
Back to top
View user's profile Send private message
KS-Soft Europe



Joined: 16 May 2006
Posts: 2832

PostPosted: Thu Nov 01, 2007 1:52 am    Post subject: Reply with quote

Hm. Ok. We will try to figure it out and let you know ASAP.

Regards,
Max
Back to top
View user's profile Send private message Send e-mail Visit poster's website
KS-Soft Europe



Joined: 16 May 2006
Posts: 2832

PostPosted: Thu Nov 01, 2007 9:38 am    Post subject: Reply with quote

So, we have played with Windows Vista Business and were able to check CPU usage and some process on Vista from Windows XP SP2. Please ensure:
1. Firewall is off (all profiles) on Vista
2. Remote Registry Service is started on Vista
3. "Software\Microsoft\Windows NT\CurrentVersion\Perflib" key is added into "Network access: Remotely Accessible Registry Paths" and "Network access: Remotely Accessible Registry Paths And Sub-Paths" security options (Local Security Policies -> Security Settings -> Local Policies -> Security Options) on Vista
4. Check if "admin" account, you have specified in HostMonitor's "Connection manager", has KEY_READ access to the following registry key on target system: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib.

Regards,
Max
Back to top
View user's profile Send private message Send e-mail Visit poster's website
vpavel



Joined: 30 Oct 2007
Posts: 12

PostPosted: Thu Nov 01, 2007 12:07 pm    Post subject: Reply with quote

HI, thank you
Before i saw your last reply i wanted to update you that i had some advances in monitoring cpu performance and processes. Now,the only thing that a can't monitor is disk space and services.I will try your last recomendations.Thank you
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    KS-Soft Forum Index -> Configuration, Maintenance, Troubleshooting All times are GMT - 6 Hours
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group

KS-Soft Forum Index