System Administration-Some simplest scripts for daily tasks

[tweetmeme source=”mrnitishkumar” only_single=”false”]

Its been really a while when I last wrote over System administration, my office job. Might be the reason that you don’t find it enough interesting to write on, if things are not changing much. But let me say it..if we think the small things around us are boring and complicated, then its because we are not thinking about them.

Technology is not a panacea, technology is not some magic, but sure could be magical, if we apply it for solving our cause in intuitive ways. As a popular brand says Its what we do with it.

I am listing some of the simplest troubling tasks on System administration and easiest understandable solutions on them via scripts. Note that all the solutions are just raw and sure better implementations could be found, but its just to push your imagination and then share the same with whole world.

Task 1: Monitoring network connection of some server or some link on hourly/30mins basis and log it too.
Task 2: Taking system state backup of servers on Daily/ Weekly basis.
Task 3: Taking event logs backup of servers on Daily/ Weekly basis.

Task 1: Monitoring network connection of some server or some link on hourly/30mins basis and log it too.
Such scenarios are most common. You will asked to monitor some link on regular basis and obvious way to do the same is ping the same server. But in messy environments like sys admin usually get, its not possible for someone to sit in front of screen and MS DOS windows do not allow to check history of long back. What if one wanted to know that in whole day, when the link went down or might be some alert right then?

Yes there are softwares for doing the same, but why can’t you yourself think a simple solution? Check the script below..

echo off
set Today=%date:~6,4%%date:~0,2%%date:~3,2%
set Period=%time:~6,4%%time:~0,2%%time:~3,2%
mkdir \\\share\%Today%
sc.exe config "Messenger" start= auto
net start Messenger
echo The time at which the check was done: %time% >>\\\share\%Today%\log.txt
Ping -n 2 | find "Reply" >>\\\share\%Today%\log.txt
if errorlevel 1 net send failed %time%

Your PC IP here:
Monitored IP here:
Share location: \\\share

You just need to save this as a batch file and then put it in Windows scheduled tasks to run in each 10 mins or 20 mins to take the status. It will create date wise folders in any given share location (each new day, a new folder with name like ddmmyyyy) and also will pop up a message on your system ( via net send in case of failure. Logs will be created in a text file named log.txt, one in each of the date folder accordingly.

Note: you need to change the date/time format of system as DDMMYYYY otherwise, it will create the folders with weird names.

Task 2: Taking system state backup of servers on Daily/ Weekly basis

Yeah you will say that system state backup method doesn’t work most of the time in expected way, but that’s the case due to un-equal hardware configurations most of the time. Best practices always ask you for taking system state backup time to time.

In real world, we usually miss or ignore the task, which were never productive for us, so better scheduling the same via Windows scheduled tasks and your custom script.

REM – Create Date and Time strings
set Today=%date:~6,4%%date:~0,2%%date:~3,2%
net use X: /delete
net use x: \\\share
mkdir x:\%Today%
ntbackup backup systemstate /f x:\%Today%\AD.bkf
cd C:\Program Files\Windows Resource Kits\Tools
compress -Z x:\%Today%\AD.bkf x:\%Today%\AD.ZIP
del x:\%Today%\AD.bkf

Share location: \\\share

Like the last one, you just need to save the above as a batch file and put it in Windows scheduled task to run on weekly or daily basis (as your situations permit). Obviously the share location must be accessible\writeable and the script has to be placed in scheduled task of the same server, you want to backup. There should be sufficient disk space in the share to accommodate your needs. One day backup may be around 1-2 Gbs and after compressing (which the script does in last three lines) that will go sufficiently lesser. For using later on, you will be needed to expand the backup from compressed file via expand command in similar way.

1. you need to change the date/time format of system as DDMMYYYY
2. You need to install Windows Resource Toolkit in the same server for the compress tool.

Task 3: Taking event logs backup of servers on Daily/ Weekly basis

Well going through event logs might be irritating sometimes as Windows many times just skip to provide the info, we might be looking for. But as a compliance thing for Audit reviews or for security reasons, you always wishes to keep the logs for the longest period possible. So, what about backing up them on daily basis and removing them from the server?

The below is the VB script that I got from some forum.

Dim DestServer
‘ Put in the UNC path for where you want the logs to be stored
DestServer = \\\share\

‘Create the Time variables
sDate=Right("0" & Month(Date),2) _
& "-" & Right("0" & Day(Date),2) _
& "-" & Right(Year(Date),2)

sTime = DatePart("h", Now) & DatePart("n", Now)

set oFSO = CreateObject("Scripting.FileSystemObject")

‘If correct folder doesn’t exist, make it
if Not oFSO.FolderExists(DestServer & sDate) then
   set oFolder = oFSO.CreateFolder(DestServer & sDate )
end if

‘Gets the log files for this machine
strComputer = "."

Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate, (Backup, Security)}!\\" _
        & strComputer & "\root\cimv2")

Set colLogFiles = objWMIService.ExecQuery _
    ("Select * from Win32_NTEventLogFile")

‘This section goes out and gets the hostname this is run on for us.

Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")

Set colItems = objWMIService.ExecQuery("Select * from Win32_ComputerSystem",,48)

For Each objItem in colItems
  strHOSTNAME = objItem.Name

‘Now archive the logs and clear them
if oFSO.FolderExists(DestServer & sDate) then
  For Each objLogfile in colLogFiles
    strBackupLog = objLogFile.BackupEventLog _
        (DestServer & sDate & "\"  & strHOSTNAME & "_" & objLogFile.LogFileName & "_" & sDate & "_" & sTime & ".evt")
end if

Share location: \\\share

This time, its not a batch file like last two tasks and you have to save the above text as a .vbs file and then same routine.. put in Windows scheduled tasks. Note that security logs might be huge like some 800 mb – 1GB, so slow down the servers up to almost non-responsive state for a few mins sometime. I have not found any work around over the same yet, but till now, its safe to run the same in a time, where the servers are not in full production.

Note: you need to change the date/time format of system as DDMMYYYY.

Just thought to post the same scripts here, so that other might be benefitted and also to bring awareness that Windows scripts are not something to be completely ignored or to be thought as geeky stuff only. Hope others also will share few of such tricks with me.

Keep tuned in and drop a few words please.

Now you could download the app for this blog on your Nokia (Symbian5) via  this link or widget via this link.

Digg This

WSUS Step By Step – Installation, Deployment and troubleshooting

[tweetmeme source=”mrnitishkumar” only_single=”false”]

We all know that Windows updates are important for security and functionality of our Windows PCs and we all want to keep our systems updated. But at the same time, people on volume limited internet plans also blame these windows updates running in background for escalated data usages, specially if we are running many systems and want to keep all of them updated. Sometimes we think that why are we downloading the same updates for each of the PC separately? Or feel that its really hard to keep track of what’s got updated and what’s not? Windows Server Update Services (WSUS) is one of the best solution for your all such worries.

If you are running a setup of at least 50 PCs then you sure must be knowing about WSUS already and if you not or thought that its too hard to implement then its about time to take note of it. What’s next in my post is nothing special that most of smart admins might not been knowing about, but I thought to make a step by step guide over WSUS from the resources already available over internet.

Offline updates solution: Autopatcher:

When you talk about updating few PCs just built up and installed, then the best tool that strikes me is Autopatcher. This tool downloads all the patches as per your selection and stores in a folder, which will contain an executable to update any PC (XP, 2000, 2003, Vista, Windows 7) offline. Not only that before updating it also detects that what already had been updated and more of it, the tool downloads updates in incremental ways, so that every time the folder will keep on growing to catch up the new updates.

Give it a try, its a must tool for sysadmins for updating newly installed PC in most efficient and quickest way. But note that its not a Microsoft Product, though I could guarantee myself from my experience that its perfectly sane.

Why WSUS, when you have Autopatcher?

Autopatcher could be called as entry level solution and sure a great thing about preparing PCs without networks, but the problem is, its still manual work. I mean you might have flexibility to download the updates once and keep it on some Network share location, but still you need to install patches manually over PCs and manual works to keep track of what’s updated and what’s not.

WSUS is an amazing Microsoft tool to end all such worries and that’s totally free of cost, just you need a Windows 2003 Server license, that’s it. It’s a service you run inside your organization on one or more servers which you configure to serve software updates to one or more AU clients. You can configure a WSUS server to download updates either from Microsoft or from another WSUS server within your organization.

Once you approve an update for installation, WSUS downloads it from configured upstream partner, and can then issue these updates to clients that request it. You can approve any update for some, all, or none of your computers. Once an update is approved, the targeted WSUS clients download the update using the Windows AU client. WSUS also provides reports on which clients have, and have not, had which updates.

You administer WSUS from

Start –>All Programs –> Administrative Tools –> Microsoft Windows Server Update Services.

WSUS not only keep all Windows clients across the organization updated without providing internet on all of them, but also reduces the Internet Bandwidth requirements as the updates get downloaded once only, not separately for all the windows clients.


System Requirements:

Followings are the set of requirements for installing a WSUS server:

Server Hardware Requirements

WSUS requires a single server for basic operation, although you can scale your WSUS implementation to larger numbers of servers if you wish. For a basic implementation of up to 500 users, hardware requirements, per Microsoft, are:

1. 1GHz CPU

2. 1GB RAM

You also need a network card, and around free disk space (described below)

Server Software Requirements

You need the following software components:

1. A supported Windows Server operating system – Windows Server 2003 is the preferred OS, but Windows 2000 is also supported. WSUS is supported on all editions of Windows Server 2003, but there are some restrictions of you use the Web Edition (See [WUS Restritions With2k3 Web].

2. IIS – WUS is operated via IIS, so your WUS Server needs to have IIS loaded. You need at least IIS 5.0.

3. .NET Framework 1.1 SP1 – get this 7.982MB download from the Microsoft download site. The .NET Framework 1.1 SP1 is delivered as a hot fix installation file (see KB article KB867460 for details). This expands to 55.6 MB (58,335,654 bytes) on disk prior to installation. The installation of this hot fix alsos stop IIS, and requires a reboot.

4. Background Intelligent Transfer Service 2.0 (BITS 2.0 – this is a new version of BITS, at present only available to beta testers, or those on the OEP. This is a 1.34MB download.

5. WSUS Setup (WSUSSetup.exe) – Like BITS V2, this is available only to beta testers or members of the OEP at present. This is download is over 100mb.

6. SQL Database server. For Windows Server 2003 MSDE is installed during setup. For Windows 2000 it is not and MSDE or SQL server must be installed prior WUS setup.

Client Software Requirements

There are no special requirements for WUS Clients. Supported clients include Windows 2000, Windows XP and Windows 2003 Server (including the R2 server).

Server Disk Space Requirements

WUS Server disk space requirements fall into three categories: the WUS service, WUS updates and the WUS data base.

Microsoft recommends that you must have at least 6GB free disk space to store WUS content. At present, typical usage is around 1-2GB/language, although this does depend on what updates you specify and is likely to grow over time. Typical storage with multiple Operating systems can be as large as 60 or 70Gb.

The WSUS service installs (by default) into C:\Program Files\Update Services\. This folder takes up 365MB (371MB on disk) after the initial installation.

The WSUS Database is managed by MDSE, and is installed by default into C:\WSUS\MSSQL$WSUS. This folder takes up 216 MB after the initial install, synchronize and with only 2 clients. The size of the DB grows as you add more computers, and as you manage more updates.

Checklist before WSUS Installation:

The following is a simple checklist of possible issues.

1. Do you have Minimum Free Disk Space? See the WSUS Deployment Guide for more information on free disk space requirements.

2. Is the Installation drive & system partition formatted with NTFS? WSUS requires both the WSUS Database and the WSUS content to be loaded onto NTFS volumes.

3. Do you have IIS installed? IIS is required to setup, configure and manage (and use) WSUS.

4. Do you have Microsoft Internet Explorer 6.0 Service Pack 1 installed? This is required on your WSUS server.

5. Do you have Microsoft .NET Framework 1.1 Service Pack 1 installed? This is required, and WSUS server checks for it’s presence. NB: Installing the SP requires a reboot.

6. Do you have BITS 2.0 installed? This is required.

7. Do you have Database – SQL Server 2000/WMSDE/MSDE installed? A database is required, but WSUS will install WMSDE if no database service is found on the WSUS server.

Installing WSUS with in-built Local Database (SQL/MSDE):

Installing WUS with local database is pretty straight forward where, you have 2 Scenarios as given below:

· Installing WSUS on Default Website, with port 80.

· Installing WSUS on Custom Website, with port 8530.

Installing WSUS on Default Website, with port 80: This is the simplest installation with clicking over the WSUS Installation exe and following the instruction provided by the wizard.

Installing WSUS on Custom Website, with port 8530: Installing WSUS on custom Port 8530 is little different from the normal setup. You have to manually configure the client self update feature.

But, this kind of setup has many advantages including

· You can shut down port 80 to avoid malicious programs that target port 80.

· If you already have a website on port 80 like the Antivirus Applications, this kind of setup will help the functioning of both the sites independently.

Things to consider if you plan to install on custom port

· In this case, you have to manually set up up the selfupdate virtual directory on port 80 to enable client self update.

· You can use %\program\Update Services\Setup\InstallSelfupdateOnPort80.vbs script in order to allow those clients to self-update.

· To access the WSUS admin page, you have to include the custom port with the website like http://wsusserver:8350

· This port in not configurable during WSUSsetup, but can be changed later using IISADMIN.

Installation Overview:

As discussed earlier, WSUS Server holds the WSUS Software setup with IIS installed. Installation is very simple shown in these Steps:

Install WSUS on Server

· You need to setup WUSSETUP.exe

· Follow the wizard to specify content Folder & Administration Site.

· Take a note of Content folder which is needed while setting up the back End Server.

Initial WSUS Configuration

To setup, configure and manage your WUS server, you need to gain access to the WSUS Admin site on your WSUS Server:

From here you should do the following:

1. SET Server Options

This includes:

· Schedule – when to synchronize this WSUS Server

· Products and Classifications – define which patched to download. In particular, which products to download patches for (e.g. Windows 2000, Windows XP Pro, etc) and what type of updates to download (this includes security updates, driver updates, DDKs, tools, guidance, Feature Packs etc).

· Proxy Server Settings – you can specify a specific proxy server to use for updates,along with credentials if needed.

· Update Source – where this WSUS server should get it’s updates: from Microsoft, or an upstream WSUS server

· Languages – allows you to get language specific patches. NB: By Default, WSUS RC is set to download ALL languages. This is potentially harmful to your disk subsystem.

After you complete the configuration, ensure you save your options.

2. Perform Initial Synchronization

By default, WSUS is set to be synchronized manually. Once you configure your WSUS server, you should perform an initial synchronization. Depending on how many products, classifications and languages you have selected, and the speed of your internet connection, this could take a considerable amount of time.


WSUS Deployment:

There are a number of options available for deployment of WSUS like Group Policy based, Replica and Offline updates.

The following is the option that we use across our organization:

Group Policy based deployment

The following are a basic example setting that needs to apply over workstations for WSUS deployment:


The fact to notice is that this policy needs to be applied over the OU of workstations not the OU of Users and so the settings are under computer settings not the user settings

Offline Updates:

If your environment demands a network segment be disconnected from the Internet, or disconnected from the rest of your network altogether, don’t think you need to resort to the “sneaker net” method of patch distribution. Simply build a stand-alone WSUS server and import updates from removable media such as tape or DVD-ROM.

The process of exporting the updates from an Internet-connected server, and then importing them into your disconnected one is well documented in the WSUS Deployment Guide. However, here are the steps at a high level to give you an idea of the process.

1. Build your stand-alone WSUS server and configure its language and express installation options to match that of the Internet-connected WSUS server that will provide updates.

2. Copy the update content directory from the Internet-connected WSUS server to removable media. Remember that this content directory may be quite large (multi-gigabytes) so you may need to resort to tape, dual-layer DVD, or external USB hard drive.

3. Export and copy the update metadata from the Internet-connected WUS server’s database to removable media.

4. Copy the update content from removable media onto the disconnected WSUS server.

5. Import the update metadata from removable media into the disconnected WUS server’s database.

Again, please refer to the documentation for full export/import procedures, including command-line tool options and correct file system paths to back up.

Replica Mode:

Another option for advanced deployments is replica mode. Much like WSUS server chains, replica servers inherit settings and updates from their upstream master server. However, unlike server chains, replica servers are designed for environments where a central administrator controls computer groups and update approval for the entire enterprise.

The only information that isn’t synchronized between the master server and its replica servers is the content of the computer groups themselves. For instance, an administrator might create four computer groups on the master server named Branch A through Branch D. While all replica servers will receive these group names, they will not contain any members. The idea behind this design is that the WSUS administrator will create enough computer groups to cover the entire enterprise. Then, a WSUS replica server at a branch office will add the local PCs and servers to a group (say, Branch B) and the centrally approved patches for that group will be installed. It sounds complicated, but it really isn’t once you get wrap your brain around it. For more detailed information on replicas, refer to the WSUS Deployment Guide.

General Approaches to Patching with WSUS

There are a couple of approaches you can take to using WSUS:

1. Detect and deploy required patches This is a simple approach to using WSUS. The idea is you approve all patches for detection, then approve for installation any updates shown as being needed.

2. Investigate and authorize each patch individually In this approach, you examine, and hopefully test, each update for suitability in your organization as part of an overall change management process. Once you are satisfied the update is appropriate, you approve it for installation for the appropriate target groups. This patch management strategy is more time consuming, but should provide greater stability. This approach is probably more appropriate for larger organizations, or where you have a diverse network and multiple target groups.


Disk Space concerns

As mentioned in requirements section, WSUS requires huge disk space for storing patches, which could be overgrown anytime, if you do not choose the products to be updated wisely.

Better to choose only those updates that are required and skip other ones even if recommended. Like if your scenario doesn’t has Windows 7 PCs, then no need of downloading updates related to that, same with 64 bit OS’s, Itanium processor based updated and device drivers.

Once the disk space is full, it stops getting more updates, but it keeps on updating workstations with existing updates, but one has to clear up the space. That’s why its recommended “Not to keep the updates storage in OS drive (c:) otherwise, it may critical for the server.”

Cleanup activities

There is already a wizard in WSUS console for cleanup, which takes care of the following:

  • Unused updates and update revisions
  • Computers not contacting the server
  • Unneeded update files
  • Expired updates
  • Superseded updates

There are also ways for claiming disk space by removing some updates manually (wizard or console doesn’t remove updates from disk), but most of those procedures are messy and prone to error as of now. So, its recommended to use the wizard only and be wise while selecting the updates as once marked, the update will sure get downloaded, no matter you marked it as denied later.

WSUS Reports

For accessing reporting feature of WSUS, you are required to install report viewer from Microsoft

After the same WSUS console provides excellent options of generating reports with graphs, lists and tables in CSV, XLS or even PDF formats.

Although reporting tool of WSUS already provides plenty of options, but we are yet to find some option that could report in the way that when the update got released and when got downloaded.

Currently, we are going with manual ways by importing lists of all updates and finding the dates from the Microsoft Updates Download site itself. A tedious job for the first time, but later on you have to use excel tips like vlookup etc for avoiding the work for already reported updates and updating only those few updates that might be downloaded after the last report you prepared.

Note: As per Microsoft schedule, monthly updates arrive on second Tuesday of the month, though many updates arrive at the other days as well depending on severity.


WSUS deployment Troubleshooting

This is a topic of continuous learning with the issues and resolutions. Sharing here a few of known issues with WSUS Client configuration:

WSUS uses client-server architecture. The WSUS client, which runs on client computer, wakes up on a regular basis and queries a WSUS server to find applicable updates. The WSUS client is also designed to update itself, via what is known as self-update. The idea is that the client will look for, and download, both the OS and application updates, but also updates to the client itself. The latest version of the AU client is required for client computers to interact fully with the WSUS server.

In most cases this mechanism works ok, and clients get updated as needed and are able to check in with the WSUS server. But on some systems, client computers either do not properly check in with the WSUS server or do not self update. These problems are both fairly rare and easy to overcome.

There are a set of client configuration checks you can make on client computers that are not connecting to WSUS properly, and a set of know issues.

Client Configuration checks

1. The first thing to check is whether the client computer is using the latest Automatic Update client version.

The current version of the Windows Update Agent (the WSUS client component in AU) is determined by the version of the WUAUENG.DLL, located in %systemroot% \system32 folder. If the version of WUAUENG.DLL is 5.4.3790.1000 or greater, the WSUS client (or WUA) is installed. A version less than 5.4.3790.1000 indicates that SUS or earlier AU version 1.0 is installed.

If you have an earlier version of the AU client, it must be updated in order to work with WSUS. Computers running Windows XP with Service Pack 2 (SP2) already have the WSUS client installed.
The AU client, when contacting the WSUS server, will automatically update itself to the latest WSUS version if the self-update files are properly setup on the server. When connected to Windows Update or Microsoft Update, the AU client will also be able to self-update if it is not running the latest version. In addition, the AU client can also be updated by using a signed stand-alone, installation package that is available from Microsoft.

2. If you want AU clients to update from a WSUS server in your environment, be sure you have set anonymous access permissions on the virtual Self Update directory and that it is on a Web server running on port 80. WSUS uses IIS to automatically update client computers to the WSUS-compatible Automatic Updates software version. To do this, WSUS Setup creates a virtual directory named Self Update, under the Web site running on port 80 of the computer where you installed WSUS. This virtual directory, called the “self-update tree”, contains the WSUS-compatible Automatic Updates software. Earlier Automatic Updates client versions can only update if they find the self-update tree on a Web server running on port 80. The access permissions on this virtual directory must be set to allow anonymous access. This Automatic Updates version check is done every time the client checks-in with the server to detect new approved updates.

3. Be aware of GP replication time which may cause delay in your clients’ self-update process the first time a WSUS server and client are mapped. If clients have been mapped to WSUS servers using GP in an Active Directory environment, the timing of AU client check in with the WSUS server can be impacted by AD GP refresh timing (generally about every 90 to 120 minutes depending on environment). Clients mapped to servers in a non-Active Directory environment can be forced to check in and update right away by running wuauclt/detectnow from the command prompt.

4. Another variable that will impact client check-in behavior is the Automatic Updates detection frequency setting. By default, this value is set to the maximum of every 22 hours. This means that every 22 hours, minus a random offset, AU polls or checks in with the WSUS server for approved updates. Every time the client checks in, it also verifies it has the latest version of the client and if not, it self-updates from the server. This setting can be modified via policy or by directly editing the local policy or registry on the client. The minimum frequency is one hour. If clients have been mapped to a WSUS server via local policy or direct registry editing, without detection forced by running wuauclt/detectnow, it could be up to 22 hours until that client will self-update and appear in the WSUS Admin Console.

5. Imaged clients with a duplicate client ID will only appear once in the WSUS Admin Console. Each AU client must have a unique id which is created for each individual install. When imaging systems it is recommended always to use SysPrep. The WSUS admin console will only display one client for each unique ID. If you have multiple clients created from one image which are sharing the same ID, only one will appear in the WSUS admin console. All clients will check in and download updates, but only one will appear and display status in the WSUS admin console. In cases where clients are not checking in, and they were created from images without running SysPrep, the following steps will reset the existing duplicative client IDs.

a. Run regedit and go to


b. Delete the PingID, SUSClientID and the AccountDomainSID values

c. Stop and start the Wuauserv Service

d. From the command prompt run: wuauclt /resetauthorization /detectnow


From the command line, once you are sure the AU client is properly configured and not disabled, you could run a batch file (which might look something like this sample) and get the same results:

rem Fixes problem with client machines not showing up on the server due to imaging method

reg delete

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v

AccountDomainSid /f

reg delete

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v

PingID /f

reg delete

KLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v

SusClientId /f

@echo Triggering detection after resetting WSUS client identity

net stop wuauserv

net start wuauserv

wuauclt /resetauthorization /detectnow

Additionally the following VBScript can be deployed via group policy to perform the above function automatically at logon. The script creates a registry key that will allow the script to check if it has been run on that client before. If it has it ends without performing any further changes.

Dim objShell, strKeyPath, strValueName,strComputer

set objShell = wscript.createObject("")

const HKEY_LOCAL_MACHINE = &H80000002

strComputer = "."

Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set objRegistry = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")

strKeyPath = "SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate"
strValueName = "SUSClientIdReset"

objRegistry.GetStringValue HKEY_LOCAL_MACHINE, strKeyPath, strValueName, dwValue
IF (dwValue = "1") THEN
            ‘do nothing
            ‘Fixes problem with client machines not showing up on the server due to imaging method
            objRegistry.DeleteValue HKEY_LOCAL_MACHINE,strKeyPath,"SusClientId"
            objRegistry.DeleteValue HKEY_LOCAL_MACHINE,strKeyPath,"SusClientIdValidation"

   Set colServiceList = objWMIService.ExecQuery ("Select * from Win32_Service where Name = ‘wuauserv’")

   For Each objService in colServiceList
    If objService.State = "Running" Then
    Wscript.Sleep 10000
    End If
            objShell.Run("wuauclt /resetauthorization /detectnow ")
   Wscript.Sleep 10000   
            objShell.Run("wuauclt /r /reportnow")

            ‘Set reg value for SUSClientIdReset for checking against later.
   dwValue = "1"
            objRegistry.SetStringValue HKEY_LOCAL_MACHINE, strKeyPath, strValueName, dwValue
End If

Just save the above scipt as a *.vbs.

Though the above troubleshooting steps might be required in rare cases and if group policy updates are happening in proper manner then that solves the issue.


So, that’s all about starting up and working with WSUS, a must have tool to work with, for any IT Administrator or Sys Admin guy. Hoping to see some new faces on this side of table.

A Step by Step Guide about Spiceworks

[tweetmeme source=”mrnitishkumar” only_single=”false”]

Wrote twice about Spiceworks, once for just introducing and once for showing a preview of upcoming Spiceworks 5.0. But I always thought that there is a vacuum, when we try to find some proper book over this great IT tool. The only resource is their very active users forum (really serves the purpose in superb way), which sure does the job, but I thought there must be something out there like step by step as well. Why to just think, when I could come up with one of my own? Here I am with a step to step guide about Spiceworks.


Spiceworks provides a free systems management, inventory, and helpdesk software application, Spiceworks IT Desktop, designed for network administrators working in small- to medium-sized businesses.

Spiceworks IT Desktop is used to inventory, monitor, manage and report on software and hardware assets. It also includes an integrated help desk system. Spiceworks runs on Microsoft Windows and discovers Windows, UNIX, Linux and Mac OS X machines along with other IP-addressable devices such as routers, VOIP phones, printers, etc.

Spiceworks is an adware and is written in Ruby on Rails, It’s not a complete and detailed Monitoring Solution like Zabbix as of now, but it covers other aspects of your IT management that Zabbix left, in a powerful way like Inventory, events reporting like installations/ updates and complete out-of-the-box-Helpdesk segment.

What are the main features available with Spiceworks?

Here is feature list:

1. Scan SNMP Devices
2. Linux Scanning via an SSH login
3. Scan Windows Devices via WMI
4. Ability to manage your software licenses
5. Alerts on customizable definitions (eg machines with no anti-virus or low printer toner)
6. Software automatically categorizes machines into groups. eg Laptops, servers, routers etc
7. Ability to define custom devices
8. Ability to compare one machine with another
9. Ability to manage services on remote machines
10. Plugins
11. Reports
12. Network Map (Beta)
13. Helpdesk with user portal

For whom Spiceworks is designed for?

Spiceworks IT Desktop is designed for

  • IT Pros who have admin rights on their network.
  • Organizations with less than 1,000 devices on their network. It will work with more but it won’t be as fast.
  • Running on a PC. It discovers Windows, OS X, Linux and UNIX but you need to run it from only one PC on your network (which might be even just a desktop with provided resource requirements).

Advantages of Spiceworks:

Though Spiceworks integration with active directory is still a work in progress from Spiceworks community end and complete performance monitoring like Zabbix or NagiOS is not available with Spiceworks, but there are two areas, where Spiceworks is very useful for our scenario.

1. Inventory of Systems: With the changing requirements and movement of systems, it’s a hard and purely manual work to keep track of updated inventory of workstations with us in some particular campaigns as earlier it involved going PC to PC and collecting detailed profiles of workstations.

Spiceworks solves the same issue with collecting the system related info like Serial number, MAC Address, RAM, HDD, Processor, Product Keys etc from a centralized location. Though the setup requires specific changes in system firewalls, but it works for covering almost all the workstation with little troubleshooting skills. Most favorable thing is, it doesn’t works on agent-less way means it could start it work without affecting current existing scenario and without installing anything on production machines that might raise issues for any compliance.

2. Web Based Helpdesk Solution: Centralized helpdesk is a proven resource to keep the cost and quality of support optimized and after searching a lot of open source Helpdesk solutions for a web based helpdesk solution, there was no satisfactory solution matching our requirements. Most of the solutions out in market assume an IT Helpdesk person logging and assigning calls after receiving telephonic or mail based complaints as that’s a standard in most of the places.

Spiceworks was only available for free solution that provides a very flexible and customizable Helpdesk solution that could address most of the needs in our environment with continuous learning and efforts to improve it.

Installation procedure and requirements:

The Spiceworks software as a less than 25 Mb download file (as of now) could be downloaded from the The same executable is inclusive of all basic requirements for Spiceworks that includes the SQLite database for storing settings-n-stats and Apache web server (need to check if installations already there to avoid conflicts).

System Requirements

1. Windows XP Pro SP2, Windows Vista, Windows 7, Windows 2003 Server SP1, SP2 and R2, & Windows 2008 Server

2. 1.0 GHz Pentium III class processor

3. Minimum 1.0 GB RAM (Notice that this one is trickier as it has to cover a lot of aspects)

Browser Requirements

  • Firefox 3.0 – 3.5
  • Internet Explorer 7.0 – 8.0
  • Google Chrome

As its not always the case that you get a fresh server to install a new application, one should worry about two things with installing any of the web solution, first if its going to take the default http port 80 and if the database its going to use, already exists on the same server, you are going to install SpiceWorks IT Desktop.

Thankfully, Spiceworks goes well about both the cases. It takes port 9675 (Of course, choice is yours) for HTTP and the database used is not MySQL, but is a SQLite database.

~24 M of installation take a little while to install and greet you with a couple of questions about your network like range of IP Addresses to scan, various Windows username/ passwords details possibly across your network, ssh credentials and you are ready to scan your network for finding devices. As the very first step, it asks you to get registered with Spiceworks, which would be your one point help system and integration of your account with web resources.

There are also services related requirements on client side like WMI related services should be in running mode and firewall should not be blocking Spiceworks access. File and Printer sharing service and Remote Registry Service running on clients are the other main requirements for Spiceworks.

Working with Spiceworks:

There are two portions of the jobs that Spiceworks does in our environment and below is the details:

Inventory: The very first step to start with Spiceworks is running a Network scan from settings options. The following will be required inputs for the same:

1. It will require the credentials like Administrator passwords that are allowed to access registry of the clients and active directory info, SSH logins etc. Many times, it also requires to give local administrator auths than domain one.

2. Define the network range to scan. This has to be chosen systematically because scanning extra IPs increases overhead over Spiceworks and thus affecting other things.

3. After scanning, there must be many device mentioned in Inventory section and may be few reporting errors while scanning, which will be needed to sorted.

4. Once done with scanning all and sorting out error, you can always take a very flexible and customizable excel based inventory report based on almost every accessible info.


You have to go through http://<Server_IP&gt;:9675/user_portal to design the portal as per requirements and design preferences. For adding custom fields, there are plenty of options at the advanced setting page http://<Server_IP&gt;:9675/settings/advanced. For additional and useful customizations, there are many extensions and plugins available like we are making use of following plugins.

1. My Ticket Rules
2. My Ticket Views
3. Helpdesk only User Roles
4. Ticket Auto-Assign

After the required customizations, you can navigate to http://<Server_IP&gt;:9675/tickets for tickets being displayed there with filters like Open Tickets, Closed Tickets, Unassigned Ticket etc.

Now you have two ways; either let IT Staff lock the complaints themselves with details or even pass the responsibility to actual users themselves via portal (http://<Server_IP&gt;:9675/portal) that could be flexibly customized through (http://<Server_IP&gt;:9675/user_portal).

There are other options available with Helpdesk like Active Directory auth, so that clients could make use of their normal domain login to login into Helpdesk and many minor options in advanced pro configurations to suit the needs.

Backing up configuration:

For backing up the configuration, the settings page is on http://<Server_IP&gt;:9675/settings/backup, which defines the location for the backup and also option to schedule the backup on daily, weekly or monthly basis.

You can set it at automatic, which create a job in Windows Scheduled Tasks that will make use of the command Spiceworks.exe backup, where the exe is located at

C:\Program Files\Spiceworks\bin

The backup job creates zip files in C:\Program Files\Spiceworks\backup folder (by default) in the format


Restoring Spiceworks data:

There are following steps involved in restoring Spiceworks from the backup done in above way:

  • Right-click system tray and select exit (or stop the service if running as a service)
  • Verify that all Spiceworks* processes are no longer running
  • Delete the db and data directories in the Spiceworks installation folder
  • Copy the db and data folders into the Spiceworks installation folder
  • Start Spiceworks

Moving your Spiceworks installation to a new computer

If you’d like to move Spiceworks from one machine to another, the following steps will work for you:

  • Download and run Spiceworks installer on the target machine
  • Important: Use the same installation directory and port as the original installation
  • Do not complete the registration process
  • Follow the steps above to copy the data and db directories into the new installation


Problem 1: Spiceworks not starting, unable to access.

Solution: Spiceworks is proactive over such issues and updates are smooth at 90% occasions, so in most of the scenario re-installation of Spiceworks from the same exe will restore the configurations without any loss of info, which is most clean way than messing up with the configs.

Problem 2: Scanning errors for workstations.

Solution: There might be many reasons for the same like WMI services not enabled, remote registry not enabled, auths wrong or firewall denying the access. If everything is proper then running the following batch instruction should resolve the issue in most of the cases.

Net Stop WinMgmt /y
Net Start WinMgmt

The above commands basically set proper permissions on WMI Management Service of the client PC and restarts the WMI Management Service. It works in most of the cases, if all above precautions are taken.

One can make a batch file to run on problem PCs locally or remotely via using XCMD application to access the command prompt of the remote PC from a central location.

Problem 3: User not able to login into Helpdesk. Login failed.

Solution: This may happen due to two reasons:

1. The user has no read permissions on the Spiceworks folder of the server

2. The user’s LAN ID is restricted to login on some specific workstation and so denied login over other workstations.

Solution for the first is to provide read permissions to authenticated users on the following folder

C:\Program Files\Spiceworks

Solution for the second is to adding Server’s name in Logon To field of problematic LAN ID.

So, this is just a naive guide from my side, but I hope that it will help the people, who wants to know, wants to start with Spiceworks. Welcome friends.. let’s spice up the IT.

Spiceworks 5.0 The whole new frontier of Everything IT

[tweetmeme source=”mrnitishkumar” only_single=”false”]

We love updates, specially when it comes to products, which already might be topping our list of favorite; either it be next version of Windows or next version of Smartphone OS of our favorite brand or your favorite Management software. So, here you are, coming September (my birthday month) bringing the biggest release of the IT management software Spiceworks (I covered sometimes back), the 19th release.

Spiceworks and me: It took a learning curve to me to get used for Spiceworks, as I taken a look over it about two years back as a free Software. I wasn’t that big impressed that time or could say kind of scared of many options and ads around within the interface. But now I feel that I was stupid that time and when it came back again, then it kept on amazing me …

I primarily using it for two purposes as of now ..

  1. Gather Inventory info from Multi-Domain structure: That’s probably one of the biggest task for any infra, if you need to get your hand dirty by going to each PC by yourself to gather info. Spiceworks not only empower an IT Admin to gather the same info by sitting at one place, but it provides flexibility of using authentication of multiple domains as well means no more worries. Best part still remains the way it provides you excel reports in exact way you always wanted.

    But the last releases have enabled users to not only gather info but to interact with running processes at the moment and many other relevant info of IT Management.

  2. Helpdesk: Perhaps among all the free/ open source IT Helpdesk software’s, I might have gone through in all those years, never found anyone compared to Spiceworks IT Helpdesk Software. Other one either focuses on concept of one IT person managing the helpdesk and lodging calls on behalf of users and assigning calls to engineers accordingly or even if give users some kind of console, then leave it utterly simple without no option to customize as per your needs.

    I feel Spiceworks Helpdesk solution could very well stand as an independent product and still will be a hot cake. It really gives you enough hands on customizations, rules, priorities, designing and even associating tickets with asset’s profile. Great!!! what else you could have wanted.

What’s new inside version 5.0

There is a lot of info on the official community page, which you could find here and if you can’t hold yourself waiting till the final release in September, then yesterday night they already has released the beta that you could download from here. There are some rules about testing out any beta, but I will come over the same later on.

Spiceworks is just not the two features I mentioned above, it some huge, very huge that’s why they call it everything IT, keeping track of your purchases, IT Services and many more.. lets see what the latest version got as addition:

  • Multi-site Helpdesk: When heard the name for the first time, I was confused that what is it, but later on reading about, it fascinated me a lot. Multi-Site helpdesk means many Helpdesk consoles that might be running in different site with different customizations, different prospects and still gather the data for a central console. Wow!!!! what else I was looking for, got my wish granted even before wishing for it.

    Things to try out with this beta are:


    1. Connect a remote site to a central helpdesk site.
    2. Submit tickets from a remote sites portal and respond to them from the central helpdesk.
    3. Set-up email at the remote site and have users submit tickets (including attachments) and confirm they reach the central helpdesk. Respond to the ticket from the central site.
    4. Customize the remote portal.

  • Purchasing: If I am right then there are purchase ticket kind of option in current version as well, but it got a complete redesign and attention with this release only. Finance people should really check this feature out rather than working over some custom made buggy CRM or maintaining the track of purchases manually. You can now use a purchasing workflow on tickets to track approval, ordering and receipt of purchases.

    Things to try out with this beta are:

    1. Add purchase to tickets
    2. View purchases and how they relate to Help Desk tickets, inventory and IT Services
    3. Approve and track purchases
    4. Shop for purchases

  • LDAP Authentication via SSL: It always been a treat to watch that how effortless the authentication methods of Spiceworks are. Either be it on user side or IT side, I never faced any big issue and using the AD authentication for logging into Helpdesk been superb thing to me. New Addition is LDAP with SSL that sure going to grab attention of security savy techies, who were avoiding it on the basis of security risks.

    Things to try out with this beta are:

    1. Access via Help Desk > Settings
    2. Users who have an Active Directory will be able to use an SSL option for user portal login
    3. Users can choose an SSL Configuration or leave unchecked for a regular Active Directory Configuration

  • Hyper-V support: Virtualization is something everyone is talking about right now. Recession has taught IT Administrators and companies to work in most efficient manners and probably the biggest technology catching up been the Virtualization. Hyper-V support really adds the missing part of Spiceworks as Virtual is today’s real. 

    New support for Hyper-V in 5.0 means that you’ll be able to discover your Microsoft virtual machines servers. This is in addition to the ability 4.6 delivered to discover your VMware virtualization servers (ESX/ESXi & vSphere) and virtual machines.

    Things to try out with this beta are:

    1. After a scan of your Hyper-V device in 5.0, verify the VM’s tab displays when viewing the device.
    2. Verify the content on the VM tab is accurate.
    3. Verify the Hyper-V server displays in the Virtualization Hosts group
    4. Verify the Hyper-V VM’s display in the Virtual Machines group.

  • NAS support: This is brand new and advanced feature in compliance of escalating expectations from Spiceworks. Many were asking that if Spiceworks could report even individual workstation disk spaces from thousand machines on daily basis, then why not something real like Network Storage? Version 5.0 beginning support for Network Attached Storage (NAS) devices. By inspecting the Web-based Management User Interfaces (MUI) of your Buffalo and Netgear devices, Spiceworks can gather device and disk space details, and show any changes over time.

    Things to try out with this beta are:

    1. Create an HTTP account type on the network scan settings page. This is the same account name and password that you would normally use to access the NAS Web-based MUI.
    2. Scan your NAS device.
    3. Verify the Total Disk Usage Information on the Configuration tab.
    4. Report back to the community and please post the Manufacturer of your NAS. (We have tested this with a Buffalo NAS device but we are looking for users with Netgear to try this out.)

  • Backup/Configuration of network devices: Spiceworks been always amazing to me in terms of backup and restore, it has even options of automatic backup over scheduled times. Not a single incident happened with me, when any of the update asked me to restore back any configuration as it handles most of the thing automatically. But there are many other devices in your network that might not be that lucky and you need to backup them on regular basis like your switches, routers, audio cards .. sure this might be a huge plus on part of the upcoming release in some scenario, if implemented well. It not only allows you to configure and backup your network devices directly from within Spiceworks but also let you compare configuration changes with previous versions to help in troubleshooting network issues.

    Things to try out with this beta are:

    1. Create Telnet and Enable scan accounts for your network devices.
    2. After a network scan select a network device through the inventory and view the gathered configuration data from the device’s Configuration tab
    3. After a change has been made to the device’s configuration, run another network scan and verify the device’s Running Configuration is now different from its Startup configuration, this can be done by select the Changes option for any configuration listed.
    4. Select Restore for any configuration that has been gathered to apply that particular configuration to the network device.

  • SNMPv2c and SNMPv3 support: The beauty of the Spiceworks in best lies within its support to global technologies that doesn’t need a client to be installed on each machine to gather the info and the upcoming version going to add support for SNMPv2c and SNMPv3. You’ll now be able to see more network devices scanned into inventory.

    Things to try out with this beta are:

    1. Create an SNMPv2c or SNMPv3 account on the Network scan settings page.
    2. SNMPv2c supports a community string authentication.
    3. SNMPv3 default options ‘authPriv:md5:des:username’ or ‘authNoPriv:md5:username’. You replace the ‘username’ with the username you log into the device.
    4. Scan your device using the SNMPv2c or SNMPv3 account and confirm the device shows up in your inventory.

So, what’s you waiting for grab the beta and start with it and if you are new to Spiceworks, then could check my introduction article over it or check their official page. I repeat it, its kind of essential weapon for any person handling IT Infra at a better level.

SpiceWorks IT Desktop: IT Management for Dummies

[tweetmeme source=”mrnitishkumar” only_single=”false”]

Add to Google Buzz

While managing IT infrastructure for any organization, over the time, things grow up a lot, only to make you feel that you can’t be everywhere, can’t keep eyes over everything, specially when management seems to squeezing human resources all the time. In place of delegation of things, responsibilities seem to get centralized over few and one just find frustrated with the tiny details he needs to care about all the time. Is it time to be negative about the responsibilities or come up with a new and positive approach? Do some more hard work or keep yourself updated with cleaver work? Really being an “IT Guy” sounds tasteless … here comes SpiceWorks … spicing up IT as it says.

What is SpiceWorks?

Spiceworks provides a free systems management, inventory, and helpdesk software application, Spiceworks IT Desktop, designed for network administrators working in small- to medium-sized businesses.

Spiceworks IT Desktop is used to inventory, monitor, manage and report on software and hardware assets. It also includes an integrated help desk system. Spiceworks runs on Microsoft Windows and discovers Windows, Unix, Linux and Mac OS X machines along with other IP-addressable devices such as routers, VOIP phones, printers, etc.

An adware and is written in Ruby on Rails, Its not a complete and detailed Monitoring Solution like Zabbix (I already wrote about), but for me it covers another other aspects of your IT management that Zabbix left, in a powerful way like Inventory, events reporting like installations/ updates and complete out-of-the-box-Helpdesk segment.

Login Page

Here is feature list:

  • Scan SNMP Devices
  • Linux Scanning via an SSH login
  • Scan Windows Devices via WMI
  • Ability to manage your software licenses
  • Alerts on customizable definitions (eg machines with no anti-virus or low printer toner)
  • Software automatically categorizes machines into groups. eg Laptops, servers, routers etc
  • Ability to define custom devices
  • Ability to compare one machine with another
  • Ability to manage services on remote machines
  • Plugins
  • Reports
  • Network Map (Beta)
  • Helpdesk with user portal

Having Inventory of all your hardware’s and Software’s is something as important as having control over each aspect of your servers. An Inventory not only helps IT staff, but could be a key document for management as well. But the most tedious part is to keep it updated and you always wish that there is some solution that might be doing the job for you without any manual intervention. SpiceWorks does the same job very well, lovable because it doesn’t requires any client side installation and still keep you updated about any changes done in your infrastructure.

Customized report

The other important aspect of SpiceWorks in my scenario is Out-of-Box ready to roll Helpdesk solution. A helpdesk keeps your support efficient and ensure resolution of issues within time frame. Not only evaluate individual’s skill sets, but also provide a complete view for IT Staff and management that how well or worse they are providing support. Not only that it may also reduce common calls that requires little IT interventions and could be dealt by non-IT Staff because, it grows up with an open database of resolved calls with causes and comments about the resolution.

Enough with dry talk, now let’s engage ourselves in some real things

Installing SpiceWorks IT Desktop:

A 23.3 MB Download from the link, the web site claims the software is an IT manager’s dream – asset management and help desk, all from a simple Windows PC. As the site mentions

Spiceworks IT Desktop is designed for

  • IT Pros who have admin rights on their network.
  • Organizations with less than 1,000 devices on their network. It will work with more but it won’t be as fast.
  • Running on a PC. It discovers Windows, OS X, Linux and Unix but you need to run it from a PC on your network.

System Requirements

  • Windows XP Pro SP2, Windows Vista, Windows 7, Windows 2003 Server SP1, SP2 and R2, & Windows 2008 Server
  • 1.0 GHz Pentium III class processor
  • 1.0 GB RAM (Notice that this one is trickier as it has to cover a lot of aspects)

Browser Requirements

  • Firefox 3.0 – 3.5
  • Internet Explorer 7.0 – 8.0
  • Google Chrome 2.0

As its not always the case that you get a fresh server to install a new application, one should worry about two things with installing any of the web solution, first if its going to take the default http port 80 and if the database its going to use already exists on the same server, you are going to install SpiceWorks IT Desktop. Thankfully, SpiceWorks goes well about both the cases. It takes port 9675 (Of course, choice is yours) for HTTP and the database used is not MySQL, but is a SQLite database.

End of worries. Could go for installation now…

~24 M of installation take a little while to install and greet you with a couple of questions about your network like range of IP Addresses to scan, various Windows username/ passwords details possibly across your network, ssh credentials and you are ready to scan your network for finding devices. Yeah! As the very first step, it asks you to get registered with Spiceworks, which would be your one point help system and integration of your account with web resources.

There are also services related requirements on client side like WMI related services should be in running mode and firewall should not be blocking SpiceWorks access. I am not sure that Remote Registry Service is required or not, but possibly that is also in set of requirements on client side.

typical dashboard

Go for a complete network scan and in just few minutes, you should start getting discovery, monitoring, and alerting items from all over your connected network.


I think it would take a few days for you to manage all of the devices showing up in Inventory Dashboard of SpiceWorks. After the same, one could go for the first amazing part.

Click on reporting (http://localhost:9675/reports)

Reports page

Create a new report, name it and add columns as per your requirement or even add conditions for making inventory for some specific group of devices/ workstations like I went for all workstations, whose names might be starting with “IT-“. Columns added in my case were Name, IP Address, Operating System, Serial Number, Model, Manufacturer, Memory, Processor Type, MAC Address and Installation Product Key

Customized report

Click on Save and Run and few minutes more will present you a perfectly made, Excel/ PDF/ CSV exportable inventory of your network. More of it, this report will be saved with you to re-run later on for finding more current status of devices.


Adding a new face to your IT Support, profits of a fully equipped Helpdesk really could amaze you and your clients, if you never worked before with any kind of IT Helpdesk. Many even might be running their home made CRM to keep it flexible for meeting their needs. This might come to surprise many in the fact that its totally free of cost and still works like a charm.


Just click over Helpdesk to find the tickets (http://localhost:9675/tickets) being displayed there with filters like Open Tickets, Closed Tickets, Unassigned Ticket etc. Now you have two ways; either let IT Staff lock the complaints themselves with details or even pass the responsibility to actual users themselves via portal (http://localhost:9675/portal) that could be flexibly customized through (http://localhost:9675/user_portal) like let me show you mine one..

Helpdesk view

There are many details left to be explained in this article, much left for even me to understand and learn through, still waiting for some book (SpiceWorks community seems to be working on the same … even then like Zabbix, I find SpiceWorks IT Desktop kind of must recommend for any IT Administrator.

SpiceWorks official Twitter page has introduced me with their few free training and demonstration videos, which you can go through to know that what this could do for you.

Videos | Events

Let’s spice up IT a little (in fact a lot).

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

Digg This

Zabbix 1.8 Network Monitoring Book from Packt Publishing

[tweetmeme source=”mrnitishkumar” only_single=”false”]


Sometimes big things come in your way in unexpected manner. Happened to me when I was contacted by Sandeep Patil from Packt Publishing to take a look over their book over Zabbix. I have seen the book earlier and was already knowing that its one of the biggest book on the subject for sure. Chance of reviewing the same would be like chance of interviewing your favourite star. 🙂

This would mark my first time, when might have been requested for reviewing some book otherwise, it has happened once for movie, many times for reality shows, many times for websites or services and in recent months a few times for smart phones, but I was never on reviewing some book. I could bet you that even thinking to review a book that too a tech book was harder or may say boring for me, if it would not have been on my sweet heart Zabbix. Zabbix and Squid been my most favourite Open Source applications and these are truly a must for any IT Infrastructure. I have even wrote dummies manuals over them on my blog.

Here is the front cover of the book and if you click over the same, then it would take you to the site itself with the details/ pricing etc of the book. Just taken a sneak peak till now, but I could assure you that its definitely worth taking a look for anyone managing small or big Network Infrastructure.


I have written a couple of posts over Zabbix and deployed it in a few scenario in current job as well as test environment at my home, but definitely that doesn’t stand for a chance to get compared in anyway against the author, Rihards Olups, who had straight nine years experience with Zabbix (since first releases). Recently he joined Zabbix SIA and the gained internal knowledge reflects in the book.

This book really fills up the vacuum about Zabbix related books and will really help people, who find it hard enough to deploy confusing NagiOS and then integrating it with other reporting solutions. Even I struggled a lot with countless customizations and template tricks in last many months and always cried if there was a better manual than forums only.

Consisting of 428 pages and 15 chapters, the book not only covers the installation, frontend customizations and extensive configuration instructions, but also includes well worth mentioning chapters over upgrading, maintenance and troubleshooting instructions. The book goes through command-by-command, example-by-example and scenario-by-scenario, not only that but it also includes very useful sources for templates/ rules etc. It really makes the simple yet powerful application experience more wonderful than ever.

As about the structure of the book, then it seems to be really compact and very much to the point (that’s what matter most for any book) along with the same it also impressed me with the way of putting thoughts. Take a look over one example that I got to read, when was just taking a look over introductory lines around backing up Zabbix …

Real men make no backups
And use RAID 0, right? Still, most do make backups, and for a good reason. It is a lucky person who creates backups daily and never needs one, and it is a very unfortunate person who needs a backup when one has not been created, so we will look at the basic requirements for backing up Zabbix.

I’ll take my time to go though the whole of the book and will be back soon with some more thoughts over the book. Meanwhile I want to take this place to thank Sandeep for providing me this licensed electronic review copy to me with personalized footer as given below


Be tuned … will wait for your comments ….


Digg This

Making Zabbix Monitoring Server from Scratch: The Dummies Manual

[tweetmeme source=”mrnitishkumar” only_single=”false”]

Update: Wrote this post long back.. just was meant to show that how easy it could be…many things needs to be Add to Google Buzzupdated in reference to new features and UI.. will update soon. Recently I received a book over Zabbix from Packt Publicing. Amazing book and probably the only available for the same. Worth buying….

“ How we system administrators work in case of any trouble? If something goes down or anything wrong would have happened and we get asked about how it happened? We just run into logs or try to guess what would have been happened, was it high CPU, low disk space or tremendous network traffic? Sometimes we get our answers, sometime not and we keep on saying ourselves that we can’t be everywhere to monitor each and everything all the time. But it’s the time to update yourself and get optimized. I went through a few of monitoring solutions and with their pros and cons, finally I got settled with the Open Source Solution developed by Zabbix SIA. ”


What is Zabbix? Before the configuration and installation part, I am starting with a little history.zabbix1_thumb Zabbix is a network management system application created by Alexei Vladishev in 1998 (public release in 2001) to monitor and track the status of various network services, servers, and other network hardware. Zabbix uses MySQL, PostgreSQL, SQLite or Oracle to store data. Its backend is written in C and the web frontend is written in PHP and javascript.

Zabbix offers several monitoring options. Simple checks can verify the availability and responsiveness of standard services such as SMTP or HTTP without installing any software on the monitored host. A Zabbix agent can also be installed on UNIX and Windows hosts to monitor statistics such as CPU load, network utilization, disk space, etc. As an alternative to installing an agent on hosts, Zabbix includes support for monitoring via SNMP, TCP and ICMP checks, IPMI and custom parameters. Zabbix supports a variety of real-time notification mechanisms, including XMPP.

Installation and Configuration to monitor Windows\ Linux Servers:

Although I tried and found it extremely efficient , but even then I didn’t went along with the wonderful easy install procedure made by Brendon Baumgartner, not due to some fault in that one, but due to inherent problems with I guess not stable yet latest version of zabbix. But I sure be waiting for BB to write other magic scripts in the same way to make things one Enter only.

Here comes the way, I followed to install zabbix in manual way over the servers.

Step by Step Implementations with details:

Base machine: As for most of Linux Development I choose, even here I am choosing CentOS as the base system to build the solution upon. One should go for at least CentOS 5.x as there are a few options not available with older CentOS 4.x. As per recommendation for CentOS, machine should have at least 512 MB RAM and decent processor, LAN card etc. and although not kind of requirement but the machine should has ample space in it to store logs for as many days.

As usually I do, installation was customized with 1GB swap, 200 MB of boot partition, all PHP/ MySQL related packages checked, all libraries checked, SendMail package checked. In next, as the installation will pull updates, packages from internet directly, so Ethernet configurations should be ready and internet should be working fine over the same machine. Also note that it would be around 27-28 mb download size in total while installation.

Pre-requisites for the installation:

First of all, we need to finish installation/ update of all required packages in reference with zabbix installation.

yum install httpd php mysql mysql-server mysql-devel php-gd php-mysql php-bcmath gcc net-snmp net-snmp-libs net-snmp-utils net-snmp-devel curl-devel

Once finished with this, one need to check whether the crucial components are configured to start with the system and are working well.

# service httpd start
# chkconfig –add httpd
# chkconfig httpd on
# service mysqld start
# chkconfig –add mysqld
# chkconfig mysqld on

Possible issues and resolutions first:

Need to check whether things are working fine.

# mysql –u root

This should leave one to MySQL prompt, if not then need to check. In next, need to check whether httpd is working fine (Apache is properly installed and configured). Type the IP Address of the target Zabbix Installation Server in browser from some other computer, if you are able to see Apache page, then its fine otherwise you will be needed to check things like SELINUX.

How to check selinux status?

Execute the following command:

# sestatus

If its showing it enabled, then could disable it by

# setenforce 0

To permanently disabled the same, we need to do some editing in configuration file, otherwise it will be back with the next boot

# vi /etc/selinux/config

The file must look like (after setting SELINUX=disabled)

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing – SELinux security policy is enforced.
# permissive – SELinux prints warnings instead of enforcing.
# disabled – SELinux is fully disabled.
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted – Only targeted network daemons are protected.
# strict – Full SELinux protection.

Check if the browser started opening apache page after this, if yes, then we are done, otherwise should look down in /var/log/httpd/error.log for other possible reasons.

Installation and configuration steps:

Here I am assuming that you are using CentOS 5.x as base, otherwise the configurations might be altered.

# cd /usr/src
# tar zxf zabbix-1.4.5.tar.gz
# cd zabbix-1.4.5
# mysql -u root
# mysql> create database zabbix;
# mysql> quit
# cat create/schema/mysql.sql | mysql -u root zabbix
# cat create/data/data.sql | mysql -u root zabbix
# cat create/data/images_mysql.sql | mysql -u root zabbix
# ./configure –enable-server –enable-agent –with-mysql –with-net-snmp –with-libcurl
# make install
# mkdir /etc/zabbix
# cp misc/conf/* /etc/zabbix
# groupadd zabbix
# useradd -g zabbix zabbix
# chown zabbix:zabbix /usr/local/sbin/zabbix*
# cp misc/init.d/redhat/8.0/zabbix* /etc/init.d
# vi /etc/init.d/zabbix_agentd

change BASEDIR=/opt/zabbix to BASEDIR=/usr/local/sbin


# vi /etc/init.d/zabbix_server

Make the same changes as above.

# chkconfig –add zabbix_agentd
# chkconfig –add zabbix_server
# chkconfig –level 3 zabbix_server on
# chkconfig –level 3 zabbix_agentd on

Now, installing the web application….

# mkdir /var/www/html/zabbix
# cp -R frontends/php/* /var/www/html/zabbix
# chown apache:apache /var/www/html/zabbix/conf
# vi /etc/php.ini

Find resource limits section and change max_execution_time to 300

;;;;;;;;;;;;;;;;;;; ; Resource Limits ; ;;;;;;;;;;;;;;;;;;;

max_execution_time = 300 ; Maximum execution time of each script, in seconds

Also make changes for date.timezone entry, it should be commented, uncomment it and set it accordingly like in case of India ..


At the end, start zabbix services

# service zabbix_server start
# service zabbix_agentd start

Add zabbix ports to be listened to the configuration of services.

# vi /etc/services

And put the following two lines at the very end of the file.

zabbix_agent 10050/tcp # Zabbix ports
zabbix_trap 10051/tcp

Zabbix Server console installation is ready to and web installation is ready to go from here.

After finishing all the above steps, now go to url http://IP_ADDRESS/zabbix (Here IP_ADDRESS is what you have given to the server Ethernet port)

It should ask for installation steps, if you have followed my steps exactly, then it must go like next, next only. After finishing all the steps, you will get a login prompt, user name will be admin here and password is blank. After login, go to profile link and change the password to whatever suits to you. Logout and login again. Click monitoring and then go to screens in second row. You should get five screens on the same page for the zabbix server itself. One screen must be having map only. Check that rest all showing you graphs or not. If yes, then server side work is done and you are ready to move towards adding clients.

Zabbix Agent Installation over Linux Clients:

First part is to download the appropriate zabbix agent package from the official page. I assume, your clients (Servers to monitor) are updated and have kernel at least 2.6.x (If not then choose the suitable package).

# yum install net-snmp net-snmp-libs net-snmp-utils net-snmp-devel curl-devel (Optional)
# groupadd zabbix
# useradd -g zabbix zabbix
# cd /usr/src
# tar zxvf zabbix-1.8.tar.gz
# cd zabbix-1.8
# chmod 7555 *
# ./configure -enable-agent -with-mysql -with-net-snmp -with-libcurl
# make install
# chown zabbix:zabbix /usr/local/sbin/zabbix*
# mkdir /etc/zabbix
# cp misc/conf/* /etc/zabbix
# cp misc/init.d/redhat/8.0/* /etc/init.d
# chmod +x /etc/init.d/zabbix_*

Now, Change the binary location to /usr/local/sbin

# vi /etc/init.d/zabbix_agentd

In next, make the zabbix agent point to your Zabbix Server by putting Server’s IP Address in configuration file of agent

# vi /etc/zabbix/zabbix_agentd.conf

And as final step on client side, set up the services

# chkconfig –add zabbix_agentd
# chkconfig –level 3 zabbix_agentd on
# service zabbix_agentd start

Getting the graphs from data coming from agents:

You will see that Zabbix Server itself added in the WebUI. In place of creating a new monitoring scenario, first it’s easier to copy the same entries to the newly added Linux Servers.

Go to Hosts, create a new host with the name of your agent (whatever name you choose), select group as Linux Server, then put the right IP Address and set the tab below to it on IP Address and save.

After this, go to Items, from combo box at right top, select zabbix server, it will show up items already configured for zabbix server, you need to select all the items and press copy selected items to button at the bottom and then when it will show the list of all templates and hosts configured, choose the one, you just created.

From here, you have setup items to fetch data from agent, now how to use it. Go to graphs, from right top select zabbix server and copy all the graphs to newly created server. Graphs are ready from here.

Finally, make a screen to monitor. Make a screen of 2×2 and give it the name as per your choice. Once screen created, click edit. Then configure CPU Loads, CPU Utilization, Disk Space and Network Utilization graphs for the agent, you setup and you are ready to monitor your Linux Server.

Zabbix Agent Installation over Windows Clients:

I find Windows Installation easier in first part and little bit complicated in second part. First need to download the windows agent from here

Then install it and it will ask for server IP Address, give zabbix server’s IP Address. Now, go to WebUI of Zabbix Server, Create host/items/graphs/screens in similar ways and you are ready to go.

There are many features that are there in Linux Agent but nowhere in Windows one. One workaround is to use data fetched from Windows Performance Monitor (permon.exe).

For example: Network Utilization

Go to cmd, type typeperf –qx |find “Network” >c:\network.txt

Now, check the network.txt file created in C: drive, it would be containing the exact network resource/ variable name for bytes sent and bytes received.

Now, how to call it?

Go to C:\program files\zabbix agent\zabbix_agentd.conf

Add something like following lines at the end…

PerfCounter= Server1NetIn,"\Network Interface(Intel Pro Server Adapter)\Bytes Received/sec",60
PerfCounter= Server1NetOut,"\Network Interface(Intel Pro Server Adapter)\Bytes Sent/sec",60

Note that the value placed in inverted commas is exactly the same, which you must have obtained from that network.txt file. Restart the Zabbix Service from services.msc. Now, go to Zabbix Server WebUI, create an item in target Windows Server area with any name for Network and put Server1NetIn or Server1NetOut as key. Save item and you are ready to use it in your graphs 🙂

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine