Hi,
is it true that the account the syslog and trap service are running under (SYSTEM) needs to have read/write permissions on the NCM database in order for RTCD to work?!?
Can't we specify a SQL-login or service account?
@Marie:
the ticket has been opened a long time ago and the answer in the end was that the credentials were corrupted after an upgrade or the credentials were incorrect, it did not say that in the logs though, it just showed a connection error!
@terepp: try adding a % at the end
anyone?
Hey Questionario--
I'll research this and get back to you.
M
I checked with development and here's what they said:
"The account the syslog and trap service are running under does not have any relation to NCM database. Connection to NCM database is always performed using db credentials specified in NCM Config Wizard. This apply to all NCM functionality."
HTH,
Hey Marie,
thank you.
unfortunately, just "executing an external program" and then running path\configautodownloader.exe {IP} (or similar) does not download the configs for me...
I was asking this question because in the NCM Admin Guide I found the following:
RequirementsTo utilize realtime configuration change detection you will need the following items.• A Windows user accounts with administrative rights.• Network devices configured to send Syslog or SNMP Trap messages when configurations change.• The SolarWinds Syslog Service account must have read-write access to the Orion NCM database. For example, if your SQL Server resides on the same server as Orion NCM, consider using a local administrator account for the SolarWinds Orion NCM Syslog Service.• The SolarWinds Trap Service account must have read-write access to the Orion NCM database. For example, if your SQL Server resides on the same server as Orion NCM, consider using a local administrator account for the SolarWinds Trap Service.• Both the SolarWinds Syslog and Trap Services must be configured to run as administrator so that their scheduled jobs are processed correctly. For detailed steps, see Running Syslog and Trap Services as Administrator.• Ensure the SNMP Trap Service is running. If the SNMP Trap Service is not listed as a running service in the service control manager (services.msc), you can enable Simple Network Management Protocol in the Management and Monitoring Tools through Add/Remove Windows Components in the Add/Remove Programs application.
I dont quite understand the highlighted part...
The NCM Admin Guide writer is aware of your comment and will address it.
Thanks again for the thorough feedback.
no problem
I guess he will also answer my question(s) then?
Hi Questionario,
I'm meeting tomorrow morning with relevant dev and QA people; I'll get the best information from them regarding database touches and their requirements during the RTCD workflow. I'll have an answer to your question then. Stay tuned.
Thanks.
Doug
Hi Doug, any results?
The document is correct in that the Syslog Service and Trap Service need database read/write access to perform their RTCD work. Regardless of how you setup database account access in the NCM Configuration Wizard, using either Windows or SQL Server account credentials. the specific account must have write permission to the NCM database; and this usually means an 'Administrator' level account.
Essentially, in specifying an account for database access in the Configuration Wizard, you are enabling all relevant NCM services read/write access to the NCM database. That the Syslog Service and Trap Service are called out in the RTCD requirements list is a choice to err on the side of being thorough. I will probably remove the point from the bullet list since it misleads even advanced users such as yourself.
Hi Doug,
so it does not mean that the Windows account the service is running under needs to have permissions to read/write to the actual database (as all the other "accounts" the services are running under do not have these permissions either) but only that the account needs to have enough rights to be able to access the database and the credentials to log into the database are the ones that have been configured in NCM? is this correct?
if that is the case, I have RTCD already set up and it just does not download the configurations... it does execute the actions though (do the commands have to be in quotation marks maybe?)
Questionario,
If you go to File > Settings > Real-Time Change Detection > Download Options, you should see the type of config that RTCD is monitoring. As the setting indicates, whichever config type NCM is monitoring for syslog/trap data sent from the device, the first step upon receiving such data is to download the relevant config. With that downloaded config, NCM then runs a comparison with the last config of that type or the baseline config, depending on which you selected in your download options.
When you say that NCM is executing RCTD actions I assume you mean that email notifications are generated that inform you of the relevant changes in config. And if so, I find it very odd that you are getting email notifications without seeing any download of the relevant config type. What does the email contain?
Should I open a support case for this?
I would recommend it, yes
