Automate SNMP configuration in Windows domain networks

Language 2023-06-05 03:05:38 views: null

From time to time I get a question from IT guys about automating SNMP configuration on Windows client and Windows server machines. Imagine you changed the SNMP community string and/or IP address of your network monitoring product, or even you switched or wanted to switch from one solution to the other. The same changes you make on your network monitoring product should also be made on hundreds or thousands of Windows computers. It sounds like a huge project. isn't it?

Things get easier when there is an opportunity to automate them. By using GPO (Group Policy), I will show you how to apply SNMP configuration on thousands of Windows computers in less than 10 minutes.

GPOs (Group Policy Objects) are used to define or change specific Windows settings. It is applied centrally from an ADDS (Active Directory Domain Services) server to other Windows domain-joined computers.

The complete process was done using Windows Server 2022 and Windows 11, but it works equally well for previous Windows operating systems. Let's do some real work.

<span style="color:#2f2f2f"><span style="background-color:#f6f6f6"><code>For writing this article, I run my workloads on powerful mini PC - Intel NUC powered with the CPU i7 the latest generation, 64 GB RAM DDR4, 256 M.2 SSD. Intel® NUC Mini PCs are fully complete and ready to work out of the box. You can learn more here <a data-cke-saved-href="https://www.intel.com/content/www/us/en/products/details/nuc.html" href="https://www.intel.com/content/www/us/en/products/details/nuc.html">Intel® NUC Products</a>.</code></span></span>

what to do?

You need domain administrator rights to create new Group Policy Objects and apply them to other Windows computers.

  1. Connect to your Active Directory Domain Services (ADDS)  server.
  2. Open Server Manager > Tools > Group Policy Management .
  3. Expand your forest (in my case it was techwithjasmin.com). Best practice is to create an OU (Organizational Unit) and populate it with the appropriate computers or users (e.g. Presales, Finance, Windows 10 computers, etc.). In my case, there was an OU called Windows 11. It includes all Windows 11 computers used in my network. If you don't have an OU and want to test what we've done here, you can create a GPO directly at the domain level.
  4. Right-click the OU, and then click Create a GPO in this domain and link it here .

Create GPOs in OUs

  1. Define a name for the GPO, and click OK .
  2. Right-click GPO, and then click Edit .
  3. Expand Computer Configuration > Policies > Administrative Templates > Network > SNMP .

Navigate to SNMP GPOs

  1. Double-click the specified community . This policy setting configures the list of communities defined by the Simple Network Management Protocol (SNMP) service.
  2. Click Enabled , then Show... and add the community string , then OK . In my case the community string was prtgnetworkmonitor.

Create SNMP community string

  1. Click Apply , then OK .
  2. Double-click Specify Allowed Managers . This policy setting determines the list of allowed hosts that can submit queries to Simple Network Management (SNMP) agents running on client computers.
  3. Click Enabled , then Show... , add the IP of the network monitor solution, and click OK . In my case the IP is 192.168.88.100 (PRTG Network Monitor).

Specify permitted managers

  1. Click Apply and then OK.
  2. Double-click on Specify traps for public community. This policy setting allows trap configuration for the Simple Network Management Protocol (SNMP) agent.
  3. Click Enabled , then Show... , add the IP of the network monitor solution, and click OK . In my case the IP is 192.168.88.100 (PRTG Network Monitor).

Designate Traps for Public Communities

  1. Click Apply , then OK .
  2. Close the Group Policy Management Editor.
  3. Open  PowerShell  or Command Prompt as an administrator and force update Group Policy by executing the following command:
<span style="color:#2f2f2f"><span style="background-color:#f6f6f6"><code>gpupdate /force</code></span></span>

Force update of Group Policy from ADD server

  1. After the next logon, the policy will be applied to the Windows client or Windows server computer. You can force this by logging out and logging in again, or you can log in to the target Windows machine and execute the same command in PowerShell or Command Prompt.
<span style="color:#2f2f2f"><span style="background-color:#f6f6f6"><code> gpupdate /force</code></span></span>

Force update of Group Policy on target Windows 11 computers

  1. Open the services tool and navigate to the SNMP service and verify that the community string and IP have changed. In my case everything works as expected.

Verify that SNMP changes were applied

If you want to automatically enable the SNMP service, you can use a PowerShell script to do so. Scripts can also be deployed to computers or users using GPOs, or as scheduled tasks. Here's one of those scripts I found for this purpose, but haven't tested it yet.

I hope you find this article as helpful as I did. If so, and you think your network likes this too, I hope you share it by clicking the social media buttons below. Thanks.

Guess you like

Origin blog.csdn.net/allway2/article/details/130711167
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com