Remote Symantec Management Agent Diagnostics

book

Article ID: 181450

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

 

Resolution

Remote Symantec Management Agent Diagnostics
 
The Remote Symantec Management Agent Diagnostics utility was written to give the Symantec administrator the ability to view managed endpoint diagnostic data from the comfort of their computer.  Please review the program features listed below.  Finally take time to review the utilities prerequisites.  These prerequisites are only necessary on the administrator's computer, and not the endpoint you intend to retrieve information from.  You can download the utility using the following link.  Documentation is also attached to the Connect page.
 
Program Prerequisites to run:
 
 
Features:
 
 
 
Directions:
 
Download the ZIP file to a location on your computer.  You can download the utility from Symantec Connect here:  www.symantec.com/connect/downloads/remote-symantec-management-agent-diagnostics
 
Extract the ZIP file and run the MSI to install the utility.
 
Launch the utility from Start > All Programs > Remote Symantec Agent Diagnostics Utility folder.
 
Enter computer name or IP address and click on the Add button.
 
Right click on the computer or IP address to bring up the actionable items list.
 
Important Things To Know:
 

When you first launch the Remote Symantec Agent Diagnostics utility, it will create a text file called computers.txt.  This text file is used to store recently used computers.

The following features require that the remote computer be configured for PowerShell remoting.http://technet.microsoft.com/en-us/library/hh849694.aspx

  • Retrieve Agent Details
  • Update Configuration
  • Send Basic Inventory
  • Execute SWD
  • Enable Verbose Logging
  • Disable Verbose Logging
  • Set NSE Capture Folder
  • Disable NSE Capture Folder

When you click on any of the above listed features, the program will check that remoting is enabled on the selected computer.  If not, it will make two attempts to enable PSRemoting.  The following is what will be attempted:

Enable-PSRemoting First Attempt:

Create a scheduled task on the remote computer called EnablePSRemote.  This scheduled tasks runs powershell.exe, passing the command “enable-psremoting –force”.

  • Execute scheduled task
  • Delete scheduled task.
  • Pause for 20 seconds.
  • Verify first attempt was successful

Enable-PSRemoting Second Attempt:

If verification for the first attempt fails, the following five steps will be done:

  1. Configure remote computer’s WinRM service to listen for WinRM requests by creating one registry key on the remote computer.
    • Create registry key:  "SOFTWARE\Policies\Microsoft\Windows\WinRM\Service"
    • Create two DWORD values and two String values as follows:
      • DWORD Name = "AllowAutoConfig"
      • DWORD Value = "0x1"
      • String Name = "IPv4Filter"
      • String Value = “*”
      • String Name = “IPv6Filter”
      • String Value = "*"
  2. Change the startup type of the WinRM service to automatic.
  3. Restarts the WinRM service.
  4. Configure remote computer's firewall by setting one registry key.
    • Create registry key:  "SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules"
  5. Restarts Windows Firewall

Attachments