monitor windows remote desktop from linux
Kevin Keane
subscription at kkeane.com
Wed Jul 8 05:12:21 CEST 2009
Yeah, I understand what you mean. The problem is that before you can
monitor, you have to identify what exactly needs to be monitored. And
that's where the troubleshooting comes in. From then on, it could be
anything from an authentication issue to a protocol issue to an
encryption issue, clock skew (I'm not sure if the encryption in RDP is
time-sensitive. I don't think it is, but wanted to mention it), and the
monitoring needs to reflect the specific problem you are monitoring for.
If you don't know what exactly is going wrong, there is a high
likelihood that you are monitoring the wrong thing and don't actually
detect when the users are experiencing a problem - just as you saw with
the sockets.
Massimo Balestra wrote:
> Hi Kevin,
>
> I am trying to monitor, not to troubleshoot.
>
> We bought a new server to replace the one we have and we will reinstall
> everything. This is the solution.
>
> What I want to do is monitor the current server to avoid the users to call
> us. If we see it frozen we reboot it.
>
> Thank you for your suggestion.
> I will use what you wrote to try to understand what happened but I really
> think that the best solution is format the server.
>
> Massimo
>
>
>
> -----Original Message-----
> From: Kevin Keane [mailto:subscription at kkeane.com]
> Sent: Tuesday, July 07, 2009 11:43 AM
> Cc: nagios-users at lists.sourceforge.net
> Subject: Re: [Nagios-users] monitor windows remote desktop from linux
>
> In my mind, Nagios really isn't a good tool for troubleshooting - it's a
> good tool for monitoring. In this case, it seems you aren't really
> entirely certain what to monitor?
>
> That said, I have seen this behavior in Windows 2008 64-bit in some
> cases (Vista is supposed to also be affected. Not sure if 32-bit
> versions are). What makes this problem even more insidious is that the
> symptoms are all over the place. Sometimes, RDP isn't responsive. Other
> times, it could be completely different services that are affected. If
> yours is the same problem that I'm thinking of, it's actually caused by
> a resource leak deep in Windows that is triggered by the TDI interface
> (which is what many antivirus applications are using). Microsoft fixed
> this bug in the latest service pack.
>
> It isn't actually the remote desktop protocol at all that crashes.
> Rather, many services will stall in more-or-less unpredictable ways. The
> most obvious sign is often that logging in no longer works (locally as
> well as remotely). Also, if you are logged in, it is entirely possible
> that the keyboard and mouse no longer work (although you can usually
> still move the mouse pointer).
>
> There are other problems that can cause the same symptoms, too.
> Unplugging a USB drive without "safely remove hardware" will also
> sometimes do it (again, it might be caused by the antivirus software;
> I've been working with Microsoft support on this problem but so far
> haven't figured it out).
>
> Massimo Balestra wrote:
>
>> Thank you Mark.
>>
>> Unfortunately nothing is written in the event log that can help. The only
>> error I see is about printer drivers but there are a lot of them and they
>> normally does not affect the server behavior.
>>
>> I was hoping somebody would know better than me the RD protocol in order
>>
> to
>
>> send some commands to the port (I have no problem to make my own nagios
>> plugin) to monitor if it is working or not.
>>
>> Thank you again.
>> Massimo
>>
>> -----Original Message-----
>> From: Frost, Mark {PBG} [mailto:mark.frost1 at pepsi.com]
>> Sent: Tuesday, July 07, 2009 10:05 AM
>> To: Massimo Balestra; Natxo Asenjo; nagios-users at lists.sourceforge.net
>> Subject: RE: [Nagios-users] monitor windows remote desktop from linux
>>
>>
>>
>>
>>
>>> -----Original Message-----
>>> From: Massimo Balestra [mailto:massimobalestra at hotmail.com]
>>> Sent: Tuesday, July 07, 2009 12:52 PM
>>> To: 'Natxo Asenjo'; nagios-users at lists.sourceforge.net
>>> Subject: [Nagios-users] monitor windows remote desktop from linux
>>>
>>> Hi,
>>>
>>> I did some googleing for this problem but with no success. Maybe
>>> somebody in
>>> this list can help me to figure how to do this check.
>>>
>>> My nagios is running on linux and I have two windows servers used for
>>> remote
>>> desktop (terminal service).
>>>
>>> One of this servers has some problems (we will reinstall it) and
>>> sometimes
>>> the remote desktop stops answering and the nobody can login. To tell
>>>
>>>
>> the
>>
>>
>>> truth the whole server hangs but in this moment my concern is the
>>>
>>>
>> remote
>>
>>
>>> desktop.
>>>
>>> I already setup a check on the remote desktop port (using check_tcp)
>>>
>>>
>> but
>>
>>
>>> it
>>> is not enough. The RD port answers to the socket connection but when I
>>> try
>>> to connect with the client it hangs. So the port is open but the
>>>
>>>
>> service
>>
>>
>>> is
>>> frozen.
>>>
>>> Is there anybody who knows what to do to monitor the Windows Remote
>>> Desktop?
>>>
>>>
>>> Thank you in advance
>>> Massimo
>>>
>>>
>> Massimo,
>>
>> I guess if the port is still listening it wouldn't solve the issue to
>> monitor the Windows service the provides Remote Desktop (although that
>> seems like it would be a good idea anyway).
>>
>> Any chance there's a corresponding message in the Windows Event log
>> indicating something bad happening with Remote Desktop? If so, you
>> could use one of several utilities (of which NSClient++ is one) to
>> trigger an alert when it sees that event in the Event Log.
>>
>> Mark
>>
>>
>
>
--
Kevin Keane
Owner
The NetTech
Find the Uncommon: Expert Solutions for a Network You Never Have to Think About
Office: 866-642-7116
http://www.4nettech.com
This e-mail and attachments, if any, may contain confidential and/or proprietary information. Please be advised that the unauthorized use or disclosure of the information is strictly prohibited. The information herein is intended only for use by the intended recipient(s) named above. If you have received this transmission in error, please notify the sender immediately and permanently delete the e-mail and any copies, printouts or attachments thereof.
------------------------------------------------------------------------------
Enter the BlackBerry Developer Challenge
This is your chance to win up to $100,000 in prizes! For a limited time,
vendors submitting new applications to BlackBerry App World(TM) will have
the opportunity to enter the BlackBerry Developer Challenge. See full prize
details at: http://p.sf.net/sfu/Challenge
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list