Solved

Configuring Read/Write Community String through Group Policy

Posted on 2008-06-24
8
5,309 Views
Last Modified: 2009-01-21
Is there any way of configuring the Read/Write community strings trhough Group Policy?  We have Windows 2003 and what to configure all servers with the same SNMP community settings.  Some of our monitoring tools require Read/Write such as HP System Management.
0
Comment
Question by:madhour
8 Comments
 
LVL 26

Expert Comment

by:MidnightOne
ID: 21856022
For HP Systems management, we've discovered it requires at least two community strings with read-only access: public and private, with the loopback address being a trap destination. Without it, HP Insight Manager tends to fail rather badly - the front page will not load properly.

THAT said, you can configure SNMP via group policy. Try this:

In the left pane, go to:
Computer Configuration
      Administrative Templates
            Network
                  SNMP
                  
In the right pane, right click Communities and choose Properties
Click the radiobutton Enabled
Click the button Show
Click the button Add...
add the SNMP community strings

In the right pane, right click Permitted Managers and choose Properties
Click the radiobutton Enabled
Click the button Show
Click the button Add...
add the Ip addresses or hostnames for the managers of this device

In the right pane, right click Traps for public community and choose Properties
Click the radiobutton Enabled
Click the button Show
Click the button Add...
Add the trap destinations
0
 

Author Comment

by:madhour
ID: 21856844
This does not seem to be working.  I thought a Public community string is not great for Server Security.

This is my settings:

Traps tab
Community Name:  public
Trap destinations:  blah

Security tab
Accepted community names:  
blah        READ ONLY
myCmtName    READ ONLY

Accept SNMP packet
localhost
myserver
                                                 
0
 
LVL 26

Expert Comment

by:MidnightOne
ID: 21857082
Using public and private for community strings isn't good, but unfortunately they're a requirement for HSIM to function properly.
0
 

Author Comment

by:madhour
ID: 21857214
I don't think I will use HP System Management then.  Is there anyway to add read/write community string via Group Policy?
0
Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

 
LVL 26

Expert Comment

by:MidnightOne
ID: 21858104
As far as I've been able to determine, the default SNMP GPO only adds READ-ONLY community strings.
0
 

Author Comment

by:madhour
ID: 21858264
Yes.  That is correct.  I was hoping someone can post if there is an alternative way to put the read/write entry
0
 

Accepted Solution

by:
WTDC earned 250 total points
ID: 22615196
0
 

Expert Comment

by:Felicity_Harte
ID: 23428289
Comment:

With HP Sim although it is a requirement to use snmp community names they can be either read or write, but you can choose anynames you want and not just have to use the default Public and Private.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip is around source server preparation. No migration is an easy migration, there is a…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now