Remote Symantec Management Agent Diagnostics
The Remote Symantec Management Agent Diagnostics utility was written to give the Symantec administrator the ability to view managed endpoint diagnostic data from the comfort of their computer. Please review the program features listed below. Finally take time to review the utilities prerequisites. These prerequisites are only necessary on the administrator's computer, and not the endpoint you intend to retrieve information from. You can download the utility using the following link. Documentation is also attached to the Connect page.
Program Prerequisites to run:
Extract the ZIP file and run the MSI to install the utility.
Launch the utility from Start > All Programs > Remote Symantec Agent Diagnostics Utility folder.
Enter computer name or IP address and click on the Add button.
Right click on the computer or IP address to bring up the actionable items list.
Important Things To Know:
When you first launch the Remote Symantec Agent Diagnostics utility, it will create a text file called computers.txt. This text file is used to store recently used computers.
The following features require that the remote computer be configured for PowerShell remoting.http://technet.microsoft.com/en-us/library/hh849694.aspx
- Retrieve Agent Details
- Update Configuration
- Send Basic Inventory
- Execute SWD
- Enable Verbose Logging
- Disable Verbose Logging
- Set NSE Capture Folder
- Disable NSE Capture Folder
When you click on any of the above listed features, the program will check that remoting is enabled on the selected computer. If not, it will make two attempts to enable PSRemoting. The following is what will be attempted:
Enable-PSRemoting First Attempt:
Create a scheduled task on the remote computer called EnablePSRemote. This scheduled tasks runs powershell.exe, passing the command “enable-psremoting –force”.
- Execute scheduled task
- Delete scheduled task.
- Pause for 20 seconds.
- Verify first attempt was successful
Enable-PSRemoting Second Attempt:
If verification for the first attempt fails, the following five steps will be done:
- Configure remote computer’s WinRM service to listen for WinRM requests by creating one registry key on the remote computer.
- Create registry key: "SOFTWARE\Policies\Microsoft\Windows\WinRM\Service"
- Create two DWORD values and two String values as follows:
- DWORD Name = "AllowAutoConfig"
- DWORD Value = "0x1"
- String Name = "IPv4Filter"
- String Value = “*”
- String Name = “IPv6Filter”
- String Value = "*"
- Change the startup type of the WinRM service to automatic.
- Restarts the WinRM service.
- Configure remote computer's firewall by setting one registry key.
- Create registry key: "SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules"
- Restarts Windows Firewall