×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Unsupported content

 

This version of the product is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.
BMC Discovery 11.3 ... Using Configuring credentials Adding Windows proxies

Additional Windows proxy configuration

The following sections provide additional ways you might configure the Windows proxy outside of the user interface.

To stop a Windows proxy from the appliance command line

The tw_terminate_winproxy utility, located in the $TIDEWAY/bin/ directory, sends a terminate request to the Windows proxy. To use the utility, you must have the discovery/slave/write permission. When the utility successfully sends a terminate request to a Windows proxy, an audit event is logged. The audit event is called windows_proxy_process_terminate and contains the name of the Windows proxy that the terminate request was sent to.

When using the utility, you must always specify a Windows proxy and a user name. If you do not specify a password, you are prompted for one.

Note

Running proxy as unpriviliged user

If a Windows proxy is not running as either the Local System account or as a member of the Administrators group, tw_terminate_winproxy does not stop the Windows proxy. The following error is logged in the Windows proxy log file:
ERROR: Failed to terminate slave service: [(5, 'OpenSCManager', 'Access is denied.')]

Workaround: Allow the user that the Windows proxy is running to stop the service. For more information, see the Microsoft Support Site.

For more information about the utility and the command line options, see tw_terminate_winproxy.

Windows proxy platform minimum specification

The following specification provides a guide to the minimum recommended specification for the Windows proxy hardware. This specification has been verified on Microsoft Windows 2003 Service Pack 2:

Component

Specification

CPU

3 GHz Intel Pentium® 4 CPU 512k Cache

Memory

2 GB

Hard disk

60 GB

SMBv1 client not installed by default on later versions of Windows

On Windows Server 1709 and Window 10 version 1709 and later, the SMBv1 client is not installed by default. This prevents the proxy from being able to fully discover old versions of Windows that only support SMBv1 (Windows 2003 and earlier). The following error is logged in the proxy worker log file:

RemQueryException: You can't connect to the file share because it's not secure. This share requires the obsolete SMB1 protocol, which is unsafe and could expose your system to attack.
Your system requires SMB2 or higher. For more info on resolving this issue, see: https://go.microsoft.com/fwlink/?linkid=852747 (0x00000180)

The SMBv1 client can be installed on the proxy host by following the Microsoft link above.

Related topics

Was this page helpful? Yes No Submitting... Thank you
Last modified by Vinay Bellare on Mar 30, 2020
bmc_contributor configuration windows_proxy_configuration

Comments

Log in or register to comment.

Adding Windows proxies
Windows proxy permissions
© Copyright 2004 - 2022 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.