HI Team,
We are trying to monitor AD Group Changes , and we got the Powershell Script to capture changes as i didnt find any nagios plugins. However looks like we need to run this as AD User . Any settings or cli options to run the custom scripts/plugins as AD User on target servers ( we are using NCPA ).
Thank you !
--Vamsi
Nagios xi - Run Script as AD User
-
ssax
- Dreams In Code
- Posts: 7682
- Joined: Wed Feb 11, 2015 12:54 pm
Re: Nagios xi - Run Script as AD User
While pretty insecure (use at your own risk) because the password is stored in cleartext on the system (and will need to be modified if you change that user's password), I was able to create a wrapper powershell script that does it like this:
C:\Program Files (x86)\Nagios\NCPA\plugins\runas.ps1
- Change username@domain.com, yourPassw0rd, and yourpowershellscript.ps1
Another alternative you can try would be if you edited the ncpa services in services.msc, click the Log On tab, and set the domain account credentials in there. Then restart the services and try it again.
C:\Program Files (x86)\Nagios\NCPA\plugins\runas.ps1
- Change username@domain.com, yourPassw0rd, and yourpowershellscript.ps1
Code: Select all
$username = 'username@domain.com'
$password = 'yourPassw0rd'
$securePassword = ConvertTo-SecureString $password -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential $username, $securePassword
Invoke-Command "C:\Program Files (x86)\Nagios\NCPA\plugins\yourpowershellscript.ps1" -Credential $credential -Computer localhost-
ssax
- Dreams In Code
- Posts: 7682
- Joined: Wed Feb 11, 2015 12:54 pm
Re: Nagios xi - Run Script as AD User
A more secure method (see previous reply):
Run this command in a powershell prompt:
Type in the credentials of the domain user (username@yourdomain.com and their password in the box that pops up).
Then run this command:
Which stores the encrypted password in "C:\Program Files (x86)\Nagios\NCPA\plugins\encrypted.pass".
Which can then be used like this:
Run this command in a powershell prompt:
Code: Select all
$credential = Get-CredentialThen run this command:
Code: Select all
$credential.Password | ConvertFrom-SecureString -Key (1..16) | Set-Content "C:\Program Files (x86)\Nagios\NCPA\plugins\encrypted.pass"Which can then be used like this:
Code: Select all
$username = 'username@domain.com'
$secureString = Get-Content -Path "C:\Program Files (x86)\Nagios\NCPA\plugins\encrypted.pass" | ConvertTo-SecureString -Key (1..16)
$credential = New-Object System.Management.Automation.PsCredential($username, $secureString)
Invoke-Command "C:\Program Files (x86)\Nagios\NCPA\plugins\yourpowershellscript.ps1" -Credential $credential -Computer localhost-
veeravamsi
- Posts: 136
- Joined: Wed Jan 23, 2019 3:35 am
Re: Nagios xi - Run Script as AD User
Perfect. Thank you !!
Im able to run this script locally ( on target server ) and see expected WARNING/CRITICAL response . However when i run this from nagios CLI/UI i dont see right response ? Am i missing something ?
Im able to run this script locally ( on target server ) and see expected WARNING/CRITICAL response . However when i run this from nagios CLI/UI i dont see right response ? Am i missing something ?
-
ssax
- Dreams In Code
- Posts: 7682
- Joined: Wed Feb 11, 2015 12:54 pm
Re: Nagios xi - Run Script as AD User
What is the response from xi showing exactly?
-
veeravamsi
- Posts: 136
- Joined: Wed Jan 23, 2019 3:35 am
Re: Nagios xi - Run Script as AD User
Default response as script completed . I have made it to break the scripts purposely to return WARNING which is not captured by nagios.
-
ssax
- Dreams In Code
- Posts: 7682
- Joined: Wed Feb 11, 2015 12:54 pm
Re: Nagios xi - Run Script as AD User
Please attach the powershell plugin that you're running so I can lab it up completely.
-
veeravamsi
- Posts: 136
- Joined: Wed Jan 23, 2019 3:35 am
Re: Nagios xi - Run Script as AD User
while i verify with my Team about whether i can share our script here. Wondering if there is any Powershell script to capture the AD group membership changes ? Or any other nagios solutions to handle AD Group Changes
-
ssax
- Dreams In Code
- Posts: 7682
- Joined: Wed Feb 11, 2015 12:54 pm
Re: Nagios xi - Run Script as AD User
I think you'd likely need to use event log monitoring and make sure that auditing is enabled in AD settings and then they would be in the security event log.
I found this:
https://exchange.nagios.org/directory/P ... up/details
And this:
https://support.nagios.com/forum/viewto ... 16&t=41862
I found this:
https://exchange.nagios.org/directory/P ... up/details
And this:
https://support.nagios.com/forum/viewto ... 16&t=41862
-
veeravamsi
- Posts: 136
- Joined: Wed Jan 23, 2019 3:35 am
Re: Nagios xi - Run Script as AD User
Thank you .. i will explore these options 
. May can go ahead and close this thread.
. May can go ahead and close this thread.