View previous topic :: View next topic |
Author |
Message |
vpavel
Joined: 30 Oct 2007 Posts: 12
|
Posted: Tue Oct 30, 2007 9:08 am Post subject: How to monitor services and processes on windows vista |
|
|
HI
We want to monitor some processes on vista,Remote registry is enabled and firewall is off but we still get "can't connect to remote registry or win32 error #5"
Any ideas?
Thank you |
|
Back to top |
|
|
KS-Soft Europe
Joined: 16 May 2006 Posts: 2832
|
Posted: Tue Oct 30, 2007 9:30 am Post subject: |
|
|
What exact test method do you use? "Process"? "WMI"? "Process" test method requires admins privileges as well. What account do you use to start HostMonitor? Have you specified certain account for the "Process" test into "Connect as" input box? Or you do use "Connection Manager"?
Please ensure:
1. RPC service is started on the remote system
2. PerfProc.DLL is enabled on target system
Regards,
Max |
|
Back to top |
|
|
vpavel
Joined: 30 Oct 2007 Posts: 12
|
Posted: Tue Oct 30, 2007 10:30 am Post subject: |
|
|
We are using process test with admin user in "connect as" field. tried both (ip\user) or(user).
rpc is running.
I enabled perfproc.dll via regsvr32- didnt work. We have no problems to monitor processes and other tests on windows xp... |
|
Back to top |
|
|
KS-Soft Europe
Joined: 16 May 2006 Posts: 2832
|
Posted: Tue Oct 30, 2007 11:02 am Post subject: |
|
|
vpavel wrote: | We are using process test with admin user in "connect as" field. tried both (ip\user) or(user). | We recommend to start HostMonitor under admins account and use "Connection Manager" instead of using "Connect as" box. Connection Manager provides one convenient place to store account information necessary to perform connections to remote systems. http://www.ks-soft.net/hostmon.eng/mframe.htm#profiles.htm#conmgr
vpavel wrote: | I enabled perfproc.dll via regsvr32- didnt work. | Microsoft provides "Extensible Counter List" utility: http://www.microsoft.com/downloads/details.aspx?FamilyID=7ff99683-b7ec-4da6-92ab-793193604ba4&displaylang=en
This utility displays list of DLLs that are used to support Performance Counters, using the utility you may disable/enable specific DLLs.
vpavel wrote: | We have no problems to monitor processes and other tests on windows xp... | Could you take a look at the "Event Viewer"'s "Security" log? Do you see any messages regarding HostMonitor? "Failure audit" messages should help us to find out the cause. Please note: audit should be enabled on the remote machine.
Regards,
Max |
|
Back to top |
|
|
vpavel
Joined: 30 Oct 2007 Posts: 12
|
Posted: Tue Oct 30, 2007 12:36 pm Post subject: |
|
|
I enabled audit and found this : "The Windows Filtering Platform has blocked a bind to a local port." event id 5159 and "A handle to an object was requested." event 4656, both failure audit events in security log.I think its related..
Also i tried with "connection manager" - no success
Thank you |
|
Back to top |
|
|
KS-Soft Europe
Joined: 16 May 2006 Posts: 2832
|
Posted: Wed Oct 31, 2007 10:20 am Post subject: |
|
|
Actually, I had tried to find information regarding errors you provided, but found nothing interesting. Looks like some third party software, like antivirus or firewall (e.g. ZoneAlarm, which uses WFP (Windows Filtering Platform) API) are blocking connections from remote hosts.
Do you have installed antivirus monitor? Additional firewall? Content monitoring software? Non-standard winsock components? Network packet analyzer?
Regards,
Max |
|
Back to top |
|
|
vpavel
Joined: 30 Oct 2007 Posts: 12
|
Posted: Wed Oct 31, 2007 10:52 am Post subject: |
|
|
nothing.
just clean vista installation,I must find the way for monitoring because i have 10 more machines to upgrade from xp..
For examle for cpu performance monitor i get error form HM " Unable to locate "processor" performance object.
For process test - its only win32 error #5 |
|
Back to top |
|
|
KS-Soft Europe
Joined: 16 May 2006 Posts: 2832
|
Posted: Wed Oct 31, 2007 11:34 am Post subject: |
|
|
vpavel wrote: | just clean vista installation,I must find the way for monitoring because i have 10 more machines to upgrade from xp.. | Could you provide more information, please?
- What version of HostMonitor do you use?
- What Windows is installed on the machine, where HostMonitor is running? Service Pack?
- Is HostMonitor started as a service or as an application?
- What exact Vista version do you use? Ultimate? Business?
vpavel wrote: | For examle for cpu performance monitor i get error form HM " Unable to locate "processor" performance object. | It means "PerfOS.dll" is not enabled on the system. Have you tried to use Microsoft's "Extensible Counter List" utility? It is a free tool for enabing/disabling counters from Microsoft. http://www.microsoft.com/downloads/details.aspx?FamilyID=7ff99683-b7ec-4da6-92ab-793193604ba4&displaylang=en
You should run it on your Vista. To run "CPU" test method, PerfOS.dll should be enabled on the system, and to run "Process" test PerfProc.dll should be enabled on the system.
Regards,
Max |
|
Back to top |
|
|
vpavel
Joined: 30 Oct 2007 Posts: 12
|
Posted: Wed Oct 31, 2007 12:50 pm Post subject: |
|
|
OK,i downloaded that tool, installed it.I can see now dll list,can read information regarding dll's , but i can't enable or disable it.The only button that is clickable in that tool is "refresh" button.
I am using last version of host monitor 6.82 running on windows xp sp2.
I am trying to monitor windows vista business.Monitorinh of 2003 and xp works fine.HM is starting as aplication.
Thank you
Last edited by vpavel on Wed Oct 31, 2007 12:53 pm; edited 1 time in total |
|
Back to top |
|
|
vpavel
Joined: 30 Oct 2007 Posts: 12
|
Posted: Wed Oct 31, 2007 12:52 pm Post subject: |
|
|
sorry,my mistake, i foud checkbox for enabling.Perfproc.dll is enabled there.... |
|
Back to top |
|
|
KS-Soft Europe
Joined: 16 May 2006 Posts: 2832
|
Posted: Wed Oct 31, 2007 1:39 pm Post subject: |
|
|
vpavel wrote: | sorry,my mistake, i foud checkbox for enabling.Perfproc.dll is enabled there.... | So, what about perfos.dll? If you see the "Unable to locate "processor" performance object", it means you have passed thru authentication.
Regards,
Max |
|
Back to top |
|
|
vpavel
Joined: 30 Oct 2007 Posts: 12
|
Posted: Wed Oct 31, 2007 10:15 pm Post subject: |
|
|
All counters enabled there,including perfos.dll
Do you have any other suggestions ? |
|
Back to top |
|
|
KS-Soft Europe
Joined: 16 May 2006 Posts: 2832
|
Posted: Thu Nov 01, 2007 1:52 am Post subject: |
|
|
Hm. Ok. We will try to figure it out and let you know ASAP.
Regards,
Max |
|
Back to top |
|
|
KS-Soft Europe
Joined: 16 May 2006 Posts: 2832
|
Posted: Thu Nov 01, 2007 9:38 am Post subject: |
|
|
So, we have played with Windows Vista Business and were able to check CPU usage and some process on Vista from Windows XP SP2. Please ensure:
1. Firewall is off (all profiles) on Vista
2. Remote Registry Service is started on Vista
3. "Software\Microsoft\Windows NT\CurrentVersion\Perflib" key is added into "Network access: Remotely Accessible Registry Paths" and "Network access: Remotely Accessible Registry Paths And Sub-Paths" security options (Local Security Policies -> Security Settings -> Local Policies -> Security Options) on Vista
4. Check if "admin" account, you have specified in HostMonitor's "Connection manager", has KEY_READ access to the following registry key on target system: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib.
Regards,
Max |
|
Back to top |
|
|
vpavel
Joined: 30 Oct 2007 Posts: 12
|
Posted: Thu Nov 01, 2007 12:07 pm Post subject: |
|
|
HI, thank you
Before i saw your last reply i wanted to update you that i had some advances in monitoring cpu performance and processes. Now,the only thing that a can't monitor is disk space and services.I will try your last recomendations.Thank you |
|
Back to top |
|
|
|