Application Discovery Setup for Windows

Document created by steve.gibbons Expert on Jun 29, 2015Last modified by anson.mccook on Dec 21, 2016
Version 16Show Document
  • View in full screen mode

This document is intended to help users setup Application Discovery for Windows VMs on a Turbonomic appliance.

For setting up Application Discovery using SNMP (useful for Linux application monitoring) please see: Turbo Tip: Enable SNMP Application Discovery on Turbonomic

 

Please note that this is not our Application Control Module.

For setting up Application Control Please see: Target Configuration: Application Control Module (ACM) - Setup Glossary

 

What this document covers:

There are a few key changes you need to make sure are in place when setting up the Application Discovery functionality in Turbonomic through WMI.

  • Credentials

User account that will have local admin on the servers

  • Registry Keys

Ensure that the specified Registry Keys have the proper permissions

  • Firewall

Make sure that if there is a Firewall between your appliance and the servers that this is configured correctly, including Windows Firewall

  • Remote Registry Service

Ensure “RemoteRegistry” service is running

  • UAC

UAC is turned off on the Windows machines

  • Turbonomic Rediscovery

Perform a "Rediscover" to start data collection from configured guests.

 

____________________________________

 

 

Credentials

 

1) Add the processes you would like Turbonomic to monitor.

 

     Go to the Policy Tab > Expand “Discovery” > Select “Application Discovery

 

2) You will notice some default signatures have already been added. To add your own, click the green plus button.

 

     For example:

            VpxClient.exe   OR    VpxClient.*

 

3) Click “Apply Settings Change” once you’ve added your signatures.

 


4) Navigate to the Policy Tab > Expand “Discovery” > Expand “Application Discovery” > Select “Application Credentials

 

5) Select the group of VMs you would like to activate Application Monitoring on. It may be helpful to create a custom group in Group Management. Check out this post to learn how to create custom Groups: How to Create a Custom Group (v5.4+)

 

6) The credentials you set here need to have local admin rights for the guests they are monitoring. Please use Domain\Username for the Username field. Click “Apply Settings Change”

 

 

____________________________________

 

 

Registry Keys

 

***For Windows 2003 guests, you may skip this section since registry keys do not need to be changed.

***For Windows 2008, only one registry key needs to be changed.

***For Windows 2012, Win 7, and Win 8, two registry keys need to be changed. Scroll down to the "Windows 2012, Windows 7, Windows 8" section.

 

To perform registry key changes via GPO, please reference this document:

Application Discovery: GPO for necessary Registry Changes

 

Windows 2008 - NOT 2008R2 - see later instructions for 2008R2

To add an owner to the registry key:

 

1) Launch regedit on that machine as Administrator

 

2) Locate the following key:

 

HKEY_CLASSES_ROOT\CLSID\{76A64158-CB41-11D1-8B02-00600806D9B6}

 

- Go to Edit and select “Find…”

- Type in “76a64” and select “Find Next”

 

- Confirm you have located the correct key by checking the directory location at the bottom. Otherwise, select Find Next from the Edit menu to continue the search.

 

3) Right click on the key, and select “Permissions…”

 

4) Select “Advanced”

 

5) Go to the Owner Tab and select “Other users or groups…” to change the owner of the key.

 

6) The owner should be the same user that you have entered into Application Credentials section in Turbonomic.

 

7) Select Apply

 

8) Now add that same User in the Security section

9) Select the User and grand "Full Control"

 

10) Select Apply and OK

 

 

 

Windows 2008R2, Windows 2012, Windows 7, Windows 8

To add an owner to the registry key:

1) Launch regedit on that machine as Administrator

 

2) Locate the following key:

 

HKEY_CLASSES_ROOT\CLSID\{76A64158-CB41-11D1-8B02-00600806D9B6}

 

- Go to Edit and select “Find…”

- Type in “76a64” and select “Find Next”

 

- Confirm you have located the correct key by checking the directory location at the bottom. Otherwise, select Find Next from the Edit menu to continue the search.

 

3) Right click on the key, and select “Permissions…”

 

4) Select “Advanced”

 

5) Change the Owner of the key by selecting “Change” towards the top of the window.

 

6) The owner should be the same user that you have entered into Application Credentials section in Turbonomic.

 

7) Select Apply

 

8) Now add that same User in the Security section

 

9) Select the User and grant “Full Control”

 

10) Select Apply and OK

11) Steps 2-10 must be repeated for the following registry key:

 

HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76A64158-CB41-11D1-8B02-00600806D9B6}

 

 

 

____________________________________

 

 

Configure Windows Firewall

 

 

The easiest way to do this is to just disable Windows Firewall.  If that is not the case then follow these directions.

  • The WMI protocol, communicates initially on port 135 (from Turbonomic to the Hyper-V server or Windows guest)
  • Next, a random non-privileged port is chosen, to continue the conversation on (for example, 9942)
  • Most firewalls are aware of this and 'follow' the conversation, which allows communications
  • Microsoft's own default firewall setup does NOT allow this 'port change'

 

So, you have two choices - either, lock down the WMI configuration on each target HyperV server so that a static port is chosen (see the following link for advice):

MSDN - Configure WMI for a fixed port (opens in a new window)

The firewall would then need to be opened for the Turbonomic appliance to talk on the port you chose.

 

Alternatively, you may wish to instead configure the firewall to track WMI's 'port changing'. Most commercial firewalls already support this, but for Microsoft, the following command can be used to set enable this 'tracking':

 

netsh advfirewall firewall add rule name = Turbonomic dir = in protocol = tcp action = allow localport = rpc remoteip = <IP address of appliance> profile = DOMAIN

 

A graphical way to achieve the same result as the above command is shown in the following KB article:

https://support.vmturbo.com/hc/en-us/articles/200681536

 

If you still encounter trouble, WMI diagnostics can be tried, first on the local HyperV machine (can it talk WMI to itself?) and then to a 'remote' machine from a test machine (can one machine talk to another via WMI?).

 

Some guidance and tools for this can be found at the following link:

Microsoft - WMI testing tools (opens in a new window)

 

 

____________________________________

 

 

Disable UAC

 

1. Open User Account Control Settings by going to the Control Panel. In the search box, type “UAC”.

2. Select “Change User Account Control settings.”

3. Turn off UAC by moving the slider to the “Never notify” position, and then click OK.

 

 

___________________________________

 

 

 

Remote Registry

 

Is "RemoteRegistry" service running?

1) To check services, run 'services.msc' from a command prompt on the host.

2) Find “Remote Registry” and confirm it’s set to Automatic.

3) If not, right click on it and select “Properties”

4) Change Startup Type to "Automatic"

 

 

____________________________________

 

 

 

 

Turbonomic Rediscovery

 

1) After these changes have been made, return to Turbonomic and go to the Admin Tab > Workflows > Target Configuration.

 

2) Click “Rediscover”

 

3) Over the next 20 minutes you will see Turbonomic pick up the processes and their utilization within in the guest.

 

4) You can review the applications that are discovered by going to the Inventory Tab > Expanding the purple “Inventory” button > Expanding “Applications”

 

2 people found this helpful

Attachments

    Outcomes