remote smp agent diagnostic (raad) tool user guide (2011...
TRANSCRIPT
RAAD User Guide Page 1
Remote SMP agent Diagnostic (RAAD) Tool User Guide (2011-08-02)
Introduction The Remote SMP agent Diagnostic (RAAD) tool is a Microsoft Windows application that can connect to remote Microsoft Windows computers which have the Symantec Management Platform (SMP) Agent installed, without disrupting the currently logged in user, in order to:
to query the SMP agent (and its sub-agents) and display the results; and
to instruct the SMP agent to perform some actions.
You may want use the RAAD utility if:
you know or suspect that one or more managed computers have not accomplished a desired
end result (such as submitting hardware inventory in the last 7 days), and you want information
from the managed computers to determine whether the managed computers are currently
functioning properly; and/or to help identify where the process failed (such as the agent doesn't
have the corresponding policy); and/or
you want to perform some actions to address identified issues (such as, forcing an agent request
updated policies); and/or
you recently made some configuration changes and you want to monitor their progress, or wish
to move them along more quickly.
The RAAD tool’s functionality can be divided into two areas:
those that focus on individual computer; and
those that work with groups of computers.
The RAAD tool is a good tool for initial diagnosis, or problem isolation, of agent related issues. However, in order to take good advantage of this tool one should have:
a general understanding of how the SMP product functions, for example: the process from the
Administrator enabling a policy, to the managed computers executing that policy and returning
their results; and
a general understanding about how to troubleshoot the SMP product, to identify root causes
and how to address them.
The RAAD tool:
can display information gathered from individual computers, or groups of computers
can do some Basic Remediation, actions that the SMP agent performs under normal conditions;
such as checking for updated policies
can do some Intermediate Remediation, actions which occur occasionally in the normal course
of operations; such as restarting the SMP agent service
can do some more advanced specialized and custom tasks
RAAD User Guide Page 2
can be run from a computer other than the SMP server (see KB HOWTO21449 for additional
details)
can query remote computers with the SMP agent installed, regardless of their SMP server
will not return information from computers it cannot access (see KB for additional details)
does not query any SMP server, with a few exceptions, as noted later
can accurately show how things are, such as which policies an agent currently has
cannot show how things should be, such as which policies an agent should have
In this document we will focus on how to use the RAAD tool, focusing on the more commonly useful
functions, and glossing over the more specialized functions. Questions about how the SMP product
functions and how to troubleshoot the SMP product are beyond the scope of this document.
The remainder of this document is divided in two chapters; the first chapter will cover functions that can
be used with individual computers; and the second chapter will cover functions that can be used with
groups of computers.
This document covers RAAD version 2.1.24.0.
RAAD User Guide Page 3
Chapter 1: Working with Individual Computers
Preliminaries:
Be prepared to enter credentials to an account with enough permissions to remotely access the remote
computer(s).
Identify a computer about which you want to get additional information.
Launch the RAAD tool.
Using RAAD
When you run the RAAD tool the first time on a particular computer (and
at some other times as well), you will be prompted for account
credentials which the RAAD tool will use to access the remote
computer(s).
These credentials can be changed later by selecting:
Settings > Change Client Authentication
Notes:
The RAAD tool does not verify the credentials when they are
entered, so you may only know there is an issue when you try to
access a remote computer.
These credentials and other program settings are stored in a file, where the password is
encrypted; below one of the following, depending on the version Windows:
%userprofile%\Local Settings\Application Data\Symantec
%userprofile%\AppData\Local\Symantec
RAAD User Guide Page 4
To specify a new computer: 1. In the text box, enter the name, or IP of a computer of interest
2. Press Enter, or Click Add
The name of the computer should now appear in the Computer List.
To remove computers from the computer list:
Select the computers
Press Ctrl-X
To import a list of computers
Create a text file with names of computers, one per line.
From the menu: Clients > Load Computers from File
To save the list of computers to a text file:
Select the computers
Clients > Save Computer list to File
Notes:
The RAAD tool does not check computer names when they are entered, so you may only know
whether there is an issue when you try to access the remote computer.
If a computer is referenced by a name, then the RAAD tool will attempt to resolve the name to
an IP address using the Windows OS on the computer on which RAAD is running. If the RAAD
tool cannot resolve the name to an IP address, it will display an error. The RAAD tool does NOT
query any SMP server to resolve a name.
If a computer is referenced by an IP address, the RAAD tool will use that IP address directly.
To get information about a computer: 1. Double click on the computer name in
the Computer List
2. The Health Check Options dialog box will
appear
3. Select the desired options
4. Click OK
Any check boxes you select, except for ping, will cause RAAD to query the remote agent for that type of
information, before any information is displayed on the screen. Most this information can be obtained
from the agent later, by clicking Refresh tab.
RAAD User Guide Page 5
If you selected any options, other than ping, then 1. The Confirmation message box will be appear.
2. Showing what information RAAD will attempt to gather
3. Review this window, Click OK
Otherwise, this confirmation will not appear.
Note: The RAAD tool will attempt to connect directly to the remote computer, and access the computer
with the supplied credentials.
At this point the RAAD tool should look similar to the following:
With Diagnostics tab selected in the column to the left and Details tab selected towards the top of the
window.
If the screen was not pre-populated, click Refresh Tab to get the information to populate the screen.
Note: the RAAD tool does NOT automatically update any the screens. So, in order to see updated
information you need click the Refresh Tab button. If in doubt, click Refresh tab.
Note: the Action pane on the right can be collapsed by clicking on its “>>” icon button. To get it to
reappear, click the “<<” icon button. Also the Action pane can be resized by dragging the splitter control
immediately to the left of the Action pane.
Note: The Computer List pane can also be collapsed and expanded as desired, but cannot be resized.
RAAD User Guide Page 6
Details Tab
The Details tab shows general information about the SMP agent.
The tab details is divided into two columns
In the larger left column:
The Connection section shows which SMP Server that manages this agent, and this Agents GUID.
The Configuration Requests section shows when the agent last requested policies, and when
they were last changed;
The Basic Inventory section shows when the agent last sent Basic Inventory, and how frequently
they submitted.
The Installed Agents section shows the agents and the version that is installed on this computer.
In the smaller right column:
The IP section shows the current IP address of this computer
If “ping” was not selected on the Health Check Options dialog box, the IP address will be shown
as “not checked”.
The Altiris Service section shows whether the agent service is running
The Tools section includes several buttons to do some more advanced actions
RAAD User Guide Page 7
Possible actions:
Click Configuration Request for the agent to request policy updates from their SMP server
Click Send Basic Inventory for the agent to send Basic Inventory to their SMP server
Click Stop to stop the SMP agent service
Click Start to start the SMP agent service
Click Open File System to launch Windows Explorer and display files on the remote computer
Click Task Manager to display processes running on the remote computer, in a new window
Click Registry Browser to display the remote computer’s Windows Registry, in a new window
Other possible actions will be covered later in Actions on Individual machines
Note: Each time you click one of these buttons another entry should appear on the Actions pane on the
right.
Note: after clicking Configuration Request, the last requested time-stamp does not automatically
update. If you want to see the new time-stamp you must click Refresh Tab. Remember click Refresh Tab
early and often.
RAAD User Guide Page 8
Policies Tab
The Policies tab lists the agent’s current policies.
The tab details has one column
The upper List of client policies section, lists each of the agent’s policies.
The lower Policy XML Output sections shows the XML of the selected policy.
Notes about grids (e.g. tables):
Click on a column header to sort the table by that field
Use single click to select a single line
Use shift-click and ctrl-click to select multiple lines
Use Ctrl-A to select all lines
Use Ctrl-C to copy selected rows in tab delimited format to the clipboard; the contents of the
clipboard copied to another program, such Notepad, or Microsoft Excel, for further processing.
Notes about text windows:
Use click and drag to select portions of the text
Use right-click and select “Select All” will select all of the text
Press Ctrl-C, or right-click and select Copy to copy the selected text to the clipboard; the
contents of the clipboard copied to another program
RAAD User Guide Page 9
SWD tab The SWD (Software Delivery) tab shows the packages which the agent knows about, and whether they
have been downloaded or have been run.
The tab details is divided into two columns:
The left column is divided into two main sections:
o The upper Software Delivery Advertisements section lists packages
o The lower Software Delivery Tasks section lists the software tasks for the selected
package
The right column is divided into sections, depending on what is selected in the left column
The columns can be resized by dragging the splitter control between them
The sections in the left column can be resized by dragging the splitter control between them
RAAD User Guide Page 10
Software Delivery Package details
When a Software Delivery Package item is selected:
The upper left Software Delivery
Advertisements section lists packages
The lower left Software Delivery Tasks section
lists the software tasks for the selected
package
The upper right Package Source Location
section, with hyper-links to locations
The lower right Package Download History
section
Possible actions:
In the Filter by section
o Use Filter by field, to limit which packages are displayed
o Click Hide Disabled, to hide packages which are disabled
in the Package Source Locations section:
o Click on a Package Location, to see the package source, in a separate window
In the Software Delivery Packages section:
o Click on a package, to see more details about when that task was run
Click Show SWD Executions to see list of recent software execution, in separate window
RAAD User Guide Page 11
Software Delivery Task details
When a Software Delivery Task item is selected:
The upper left Software Delivery
Advertisements section lists packages
The lower left Software Delivery Tasks
section lists the software tasks for the
selected package
The upper right Program Details section
The lower right Program Run History
section
Possible actions:
Click Show SWD Executions to see list of recent software execution, in separate window
Click Run Program to run the command pushed with the Package, or to run a different
command
RAAD User Guide Page 12
Patch tab
The Patch tab displays the Patch Management Solution’s Software Updates that the computer knows
about (where it has received a Patch policy for it); and the status and execution results of the Software
Updates.
The tab details is divided into several sections:
The Schedule Details section shows the Reboot and Update Schedules, the Patch Cycle.
Whether there is a Reboot Pending before the machine is will be fully patched.
The Advertisements sections shows Software Updates that the computer knows about
Possible actions:
In the Filter rows by Bulletin or Update section:
o Use the Filter value to limit which software updates are displayed
o Check Hide Superseded to limit which software updates that are displayed
Click Start Patch Inventory to instruct the remote agent to check and report to the SMP server
its results of vulnerable and compliance state.
Click Start Patch Cycle to install any pending Software Updates.
Click Run Update to run the selected software update(s)
RAAD User Guide Page 13
Logs tab
The Logs tab displays the SMP agent logs on the remote computer.
The tab details are divided into three sections:
Several collapsible sections at the top
The larger middle Logs section lists the log messages
The smaller lower Full Log Text section lists the text details of the selected log message.
The Logging Level section can be used to specify which log message severity levels to record, and the
number and quantity of log files. These controls do not directly affect the log messages that are
currently displayed; though they can effect what information is selected going forward.
Click Set apply these settings to the remote computer.
When these settings are not specified on the agent, then the default settings here (which are slightly different from the agent defaults) are:
Errors, Warning and Informational are selected
Trace and Verbose are NOT selected
log size = 100 (KB)
max # of files = 10
RAAD User Guide Page 14
The Log File section controls which log file(s) the RAAD tool will retrieve from the remote computer and display.
Click Clear Logs to clear the log messages
click Refresh Tab, at the top of the window to reload log messages
Modify Show next # logs to get more than the most recent log messages.
To check for newer log messages:
Click Clear Logs
Click Refresh Tab
To retrieve all log messages:
Click Clear Logs
set Show next # logs to 99 (or another large number)
click Refresh Tab
The Filter by section can be used to limit which messages are displayed on the screen. By default all
retrieved log messages are displayed.
To limit the messages that are displayed;
specify the Include or Exclude filter criteria fields
click Refresh tab
When the Include field is set then all displayed messages must contain that text; comparison is case
insensitive; Similarly, when the Exclude field is set, then all displayed messages must not contain that
text; comparison is case insensitive. The list of displayed log messages is updated after clicking Refresh
tab.
RAAD User Guide Page 15
Task tab
The Task tab shows information about tasks which the agent has run.
The tab details is divided into three sections:
The upper left Status section, shows the current status of agent’s task handler
the upper right Register section, show the agent’s task server
the lower Task History section, shows tasks which have run previously
Possible actions:
Click Check for Tasks for the agent to check for any pending tasks
Click Reset Agent for the agent to check with the SMP server on which Task Server the agent
should use.
Click Clear History to clear the history of task events
RAAD User Guide Page 16
Inventory tab
The Inventory tab shows information specific to the Inventory Solution; including a list the NSI
(Notification Server Inventory) files on the agent.
This tab contains information relevant to the Inventory Solution, and will be glossed over here.
The tab details has one column
The upper Inventory Rule section,
The lower Inventory Files section, list the agent’s NSI files.
Possible actions:
Double-click on an NSI, to see its contents, in Notepad
Click Delete Cached Rules
Click Delete Randomization Registry key
Click Delete Inventory
RAAD User Guide Page 17
PS (Package Server) tab
The PS (Package Server) tab can populate if the agent is a Package Servers
The tab details has four sections
The upper Package Server Details section shows summary details about the PS
The larger middle Packages section lists the packages which the Package Server knows about
The lower left Package Source Location section shows the location of the selected (typically on
the SMP server)
The lower right Package Download History section list the download history for the selected
package
Possible actions:
Click Refresh Packages to have the agent review current list of packages and attempt to
download any that are missing.
Click Resend Package Status to have the agent send a list of packages that are available from
the PS.
Click a link in the Package Source Location section to see the contents of the file(s) at that
location.
RAAD User Guide Page 18
Actions on Individual Machines
The RAAD tool can perform various actions on individual machines. We have
already discussed some of them. Many of these are also available from the
Actions menu.
Here are the more easily explained items on the Action menu, which have not
been covered previously.
Launch Resource Manager,
o To launch default web browser, with a URL to access Resource
Manager information on the remote agent’s NS. This may
require entering credentials to see the information
Launch Carbon Copy
o To launch the Carbon Copy application
Launch pcAnywhere
o To launch the pcAnywhere application
Disable Bandwidth Control
o To disable/enable bandwidth throttling on the agent
o the RAAD tool does not display directly the current state of
bandwidth controls (though they can be seen in the XML of
one of the policies).
Wake On LAN
Stop and Start Services…
o Start and stop various services, from drop-down menu
Click Reset GUID,
o To reset the Agent’s GUID (this may be disruptive)
RAAD User Guide Page 19
Install SMP agent
The RAAD tool can install the SMP agent on a remote computer.
The basic process is :
Specify the SMP server, using Change Application Settings
Specify Agent Install Setting in Change Application Settings, if necessary
Identify a computer to install the agent
Initiate the agent install process
To specify a new SMP server, go to:
Settings > Change Application Settings
And in the Notification Server(s) Settings section, add the new SMP server.
Note: the RAAD tool does not check these settings, you may not see an issue until you use the
information.
The RAAD tool comes with two Agent Install Settings, which may be fine. But if you are copying the
agent installer from an alternate location, then you will need to specify that location. go to:
Settings > Change Application Settings
And in the Agent Install Settings section, add the new install source location(s).
RAAD User Guide Page 20
Next identify the remote computer where the agent is to be installed.
Then initiate the install process:
Actions > Install Altiris Agent
In the Remote Agent Install dialog box
Select the NS Server Name
Specify from where to copy the agent installer, if necessary
Modify the install command line, if necessary, see:
Install the Altiris Agent using the Installation Program
http://www.symantec.com/docs/HOWTO5235
Click Install
In the Change Application Settings dialog box you can:
Add a new value, by filling in the appropriate fields, and clicking add.
Delete of existing values by selecting the values in the “Current Options” field, and
Modify an existing entry deleting it and adding a new value.
Notes:
The RAAD tool supports the recording of multiple values for certain settings (such as Notification
Server(s) settings), and the selecting of one of those values when performing certain actions
(such as Remote Agent Install).
The RAAD tool does not verify the values when they are entered. So you may not know that they
are incorrect until you attempt to use them.
RAAD User Guide Page 21
Redirect Agent
The RAAD tool can instruct SMP agents to switch to a different SMP server.
The basic process is :
Specify the different SMP server, using Change Application Settings
Identify a computer to be redirected
Redirect that computer
To specify a new SMP server, go to:
Settings > Change Application Settings
And in the Notification Server(s) Settings section, add the new SMP server.
Then identify the computer of interest, display it in diagnostics, confirm that you have the correct
computer. Then from the menu:
Actions > Redirect Agent
Or from the Diagnostics > Details screen, select Redirect Agent
Copy a File …
To copy one file to the remote computer.
Actions > File Copy …
complete the File Copy dialog box.
Click OK
On confirmation dialog box
Click OK
RAAD User Guide Page 22
Remote Execute
The RAAD tool can execute pre-defined commands on the remote computer. The RAAD tool comes with three rules by default:
Add Altiris Agent to Firewall exception
Install Diagnostics
Remove Altiris Agent(s)
Additional commands can be added using the Change Application Settings dialog box, go to:
Settings > Change Application Settings
To execute a remote command:
Actions > Remote Execute …
In the Remote Execute dialog box.
Select the command to run
Click Execute
RAAD User Guide Page 23
Chapter 2: Working with Multiple Computers
In this chapter we will discuss how the RAAD tool can query and act on groups of computers.
We will discuss how the RAAD tool
Can target groups of computers based on resource filter in an SMP server's database (e.g.
Symantec_CMDB)
Can query multiple computers using Health Checks
Can perform some actions on multiple computers
Populating the Computer List There are three ways to add computers to the Computer List
add individual computers
add multiple computers from a text file
filling computers list from SMP filter list.
We covered and adding computers individually and from text files in the previous chapter
If you have sufficient access to the SMP server's database, the RAAD tool can populate its Computer List
from Filters (e.g. Collections) in the database.
In order for the RAAD tool to retrieve information from an SMP server's database, you must enter the
necessary details in the RAAD tool. The RAAD Tool will access the database directly, and will not go
through the SMP. The RAAD tool can cache multiple sets of database access credentials.
In order to properly configure the RAAD tool to access a database, you will need to know the name of the SQL server, the SQL server instance (if there is one), and the name of the SQL Server database. You can find this information is available in the SMP console. See:
Settings > All Settings
Settings > Notification Server > Database Settings
Additionally, the RAAD tool will need to authenticate with the SQL server. The RAAD tool can do this in two ways:
Trusted connection
using SQL server authentication (e.g. not an AD Account)
The better (and more secure) method of connecting to the SQL database is to use a "Trusted
Connection". You can use a Trusted Connection if the account which was used to logged into Microsoft
Windows on the computer that is running the RAAD tool is registered (or known) on the SQL server, and
has at least read-only access to the SMP database (e.g. Symantec_CMDB).
If this account has not been registered on the SQL server, then you will need to know the username and
password for an SQL server account, with access to the database.
RAAD User Guide Page 24
Set Database Settings
To set these credentials go to the Change Application Settings dialog box:
Settings > Change Application Settings
In the Change Application Settings dialog box we are interested in the Database Settings section.
To a new set of credentials enter:
SQL Server (include server name and instance name, if necessary)
Database
check: Trusted Connection (if possible)
or:
SQL Server (include server name and instance name, if necessary)
Database
User (this must be an SQL server account, and not AD account)
Password (for the account
click Add
RAAD User Guide Page 25
Select an SMP server filter On the main RAAD Tool screen,
In the left-hand Computer List pane:
In the collapsible Add using collection picker section
In the upper drop down field, initially labeled "--- Databases"
select the database of interest.
in the lower drop down menu, initially labeled "--- Collections",
and select the Filter (or Collection) of interest.
If there is trouble accessing the database, then a message box will
appear, after selecting the database, and before selecting the Filter
When a new filter is selected, the Computer List is cleared and
replaced with the computers in the specified filter.
Performance Considerations for Health Checks In the RAAD tool, a Health Check is a process to query multiple computers for particular details.
Depending on the number of remote computers involved, running a Health Check can put a significant
load on the computer running the RAAD tool, as well as on your network; and/or can take a significant
amount of time to complete. The RAAD tool includes two settings to control how aggressively the RAAD
tool will gather this information. These are specified in the Change Application Settings dialog box. See:
Settings > Change Application Settings
At the bottom of the window are two sections each with one setting:
Thread Count / Maximum Threads the total computers to be queried simultaneously
Thread Crawl / Pause (ms) the time after querying one computer before attempting the next
The defaults (10 threads; and 3000 ms delay) are fine to start with. If the Health Checks are taking time
than desired, you may want to modify these settings conservatively.
Increasing Max Threads, and/or decreasing the Pause will increase the load on the computer running
the RAAD tool and its computers network connection. And if the computer and the network can handle
the extra load then adjusting these values will allow the Health Check to complete faster.
RAAD User Guide Page 26
Health Checks The RAAD Tool supports running Health Checks against multiple remote computers. Each Health Check attempts to determine whether the SMP agent and a specific sub-agent are present and functioning properly on multiple remote computers. It does this by showing particular key factors, such as:
Does the computer respond to ping (e.g. is currently on the wire)
Is particular sub-agent is installed, and if so, which version.
To run a Health check, first select the computers in Computer List which should be included. Computers
can be selected using: single click, shift-click, ctrl-click, and/or pressing ctrl-A.
Second, select the Health Check of interest from the Health Checks drop down menu.
Run Basic Health Check
Run Patch Health Check
Run SWD Health Check
Run Task Heal Check
Run Recovery Health Check
Run Package Server Health Check
Third in the Health Check Options dialog box specify what information to gather. Generally select all the
boxes, then click OK.
Fourth the Confirmation message box will appear, review and click OK
If you need to stop the Health Check before it completes you can stop the check by going to: Health Checks > Stop
RAAD User Guide Page 27
Now the screen will update showing the selected Health Check, and, if all goes well, the results from various computer will start appearing. The Health Check results contains one row for each computer:
If a computer passes the Health Check, then there will be a green check mark in the left-hand
column.
If the computer failed to respond, then there will be a yellow exclamation in the left column,
and the entire row is highlighted in red.
If one or more issues were detected, then there will be a yellow exclamation in the left column
and the cells related to the issue are highlighted in red, suggesting possible actions to bring the
agent into a good state.
Additionally, the Patch Health Check and SWD Health Check include a second set of data to showing
Failed SWD Job and Vulnerable Software Updates respectively. Further actions can be taken to correct
issues shown in these rows.
RAAD User Guide Page 28
Possible actions:
Double click on a result row, to access diagnostics for the related computer; When you are done
looking at a particular computer you can return to the Health Check results by clicking on
appropriate tab in the column over on the left.
Select one or more result rows, right click to access the context menu
o Show Diagnostics - get information about the selected computer. To return the query
results click the appropriate health check tab.
o Remove Unpingable from Results/Computer List - will remove the computers which did
not respond to ping from both health check results list, in the middle section, and also
remove the computers from the computer list on the left-hand side.
o Remove Selected from Results/Computer List - from both the health check list and from
the computer list.
Select one or more result rows, from Action menu select a particular, as described above in
Actions on Individual Machines; which will apply to all selected computers.
Actions on Multiple machines You can also perform some actions on groups of computers.
Possible actions:
Select one or more computers in the Computer List, right-click to access the context menu
o Actions > Configuration Request
o Actions > Send Basic Inventory
o Actions > Stop Altiris Service
o Actions > Start Altiris Service
o Actions > Start Patch Inventory
o Actions > Start Patch Cycle
o Actions > Copy a File
o Actions > Wake On LAN
o Actions > Run SWD Task
o Actions > Install Agent
Conclusion In this User guide we have discussed the Remote Altiris Agent Diagnostic (RAAD) tool.
We have seen how the RAAD tool can report on individual machines as well as perform some actions on
individual machines.
We have also seen how the RAAD tool can access an SMP server’s database in order to obtain lists of
computers, how it can report on groups of computers; and can perform some actions on each computer
in a specified group.