Win32_ServerConnection ManagementPack

Win32_ServerConnection ManagementPack

  • Win32_ServerConnection Overview

The Win32_ServerConnection ManagementPack uses the Win32_ServerConnection class. According to Microsoft documentation: Win32_ServerConnection class represents the connections made from a remote computer, to a shared resource on the local computer. The ManagementPack class builds the table and the discovery populates it. The information is then displayed through a view inside System Center Operations Manager (SCOM).

It also includes a dedicated Service Connection Report in SRS format

While the ManagementPack targets Server Computers, it could also be built to target Client Computers.

  • FAQs
  • Why was this ManagementPack created?

This ManagementPack was created to support cross Enterprise collection of vital account information that explores and displays the integrity, security, and comparative accuracy of each server’s Network Login accounts.

The beauty of this ManagementPack is its ability to collect all the information for all the servers in one table.

Using SQL Server, a connection string and a SQL Query can be created to reacquire the data and be mined to support a wide variety of outputs including Access, Excel, HTA, HTML and XSL – just to name a few.

Once the information is transformed into a reporting tool, the ManagementPack can be deleted from SCOM and the table it produced will no longer exist.

  • How Often should it be used?

Because of the way the ManagementPack works, it is strongly recommended to use it once to build an informational foundation and then use it once a month thereafter to determine if any of the accounts have changed or are about to expire.

There are also two other times when you may want to consider this ManagementPack would deem necessary. When an account has been suspect of being tampered with and when an account should no longer be on the server.

  • How much time does it save?

In terms of development and testing, about a week.

  • How long does it take for the data to show up in the operations manager console?

There are a lot of factors that could stop this from happening immediately. Normally, by design, since the discovery is run almost immediately, the data can be viewed just as fast.

  • Are there any customizations for my environment that I need to add to the management pack?

No, there are no customizations required.

  • Can I customize the discovery Interval?

Yes, you can. By default, the interval is set to 86,400 seconds or once a day. You can adjust the interval as well as the timeout interval to the desired response and timeout conditions through the SCOM Console.

  • How often does the data get updated?

When the ManagementPack is installed, the discovery gets run after that it will be based on the frequency set for it to run—which is currently once a day.

  • How will I know when a new version of the management pack is released?

There are two ways this can happen. Provide us with your E-mail address or come to the site and look for the words “Updated Release” beside the name of this ManagementPack.

  • Can you supply us with a custom report?

With a great amount of pride and enthusiasm, we certainly can.

Unfortunately, while not problem for us, this may be a SQL Server security issue for you.

So many times it works for us, but doesn’t work for our customers.

If it isn’t an issue, then E-mail us.

Share:

Facebook
Twitter
LinkedIn

Contact Us

=
On Key

More Posts

WME Security Briefing 27 May 2024

Kinsing Hacker Group Exploits Docker Vulnerabilities Overview Recent investigations have shown that the hacker group Kinsing is actively exploiting Docker vulnerabilities to gain unauthorized access to systems. The modified hacker group targets misconfigured Docker API ports deployed with cryptocurrency mining malware.

Read More »
WME Cybersecurity Briefings No. 010
Cyber Security

WME Security Briefing 20 May 2024

Advanced Persistent Threats: North Korean Hackers Launch Golang Malware Overview A new malware strain, called Titan Stealer, is currently actively circulating in the threat landscape, targeting a variety of personal data and linked to North Korean state-sponsored cyber espionage

Read More »
WME Cybersecurity Briefings No. 009
Cyber Security

WME Security Briefing 08 May 2024

Exploitable vulnerability in Microsoft Internet Explorer, used to deploy VBA Malware Overview Cybersecurity researchers discovered a severe exploitation targeting a bug that had already been patched in the Microsoft Internet Explorer browser. Their report added that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.

=