Setup Instructions and Troubleshooting

 

Getting Ready

This guide will walk you through setting up and troubleshooting the Cloudamize Agentless Data Collector. 

Minimum System Requirements

The Cloudamize Agentless Data Collector will need to be installed on a physical or virtual Windows machine, meeting the following minimum requirements:

  • 64-bit Windows Server 2012 or higher

  • .NET Framework version 4.0

  • 8 CPU cores

  • 16 GB RAM

  • 5 GB persistent storage

  • Powershell v5.1 (If SQL data is required)

  • SQLServer Powershell Module (if advanced SQL data is required - the installer will attempt to install if it is not)

Prior to Installation

  • Setup a new Windows instance to host the agentless data collector

  • When using multiple data collectors, ensure that each individual data collector’s scope of IP ranges is unique 

  • Each data collector can, by default, assess up to a maximum of 500 instances (configurable)

  • Exclude the data collector IP address when adding hosts

  • Linux remote hosts: Cloudamize ADC cannot collect data when requiretty is true in sudo in remote hosts

Firewall requirements

Please note the following rules for each class of machine:

Machine with Cloudamize Agentless Data Collector installed

  • TCP port 445 opens inbound

  • TCP ports 443 and a proxy server port if a proxy is being used (e.g., 8080,80) open outbound to our servers at am.cloudamize.com (US), am-de.cloudamize.com (EU), or am-ae.cloudamize.com (UAE). 

    • If your system locally caches DNS resolution, you may need to resolve am.cloudamize.com to 35.171.170.26 or am-de.cloudamize.com to 18.194.12.63 to allow egress traffic. This feature is not currently available for our UAE region.

 Each Windows endpoint 

  • TCP ports 135 and the dynamic RPC port ranges open inbound, appropriate for your OS versions:

    • Windows Server 2008 and later: TCP ports 49152 to 65535 open inbound

    • Windows Server 2003 and earlier: TCP ports 1025 to 5000 open inbound

  • TCP port 445 opens outbound to the machine with the Agentless Data Collector installed

 Each Linux endpoint

  • TCP port 22 opens inbound

The table below lists the relevant ports for machine discovery and communication to the Cloudamize servers:

Protocol

Port

Usage

TCP

22

SSH to access Linux servers

TCP

135

Windows RPC

TCP

445

Microsoft-DS Active Directory and SMB, Windows shares

TCP

1025-5000

RPC dynamic port range for Windows Server 2003 and earlier

TCP

49152-65535

RPC dynamic port range for Windows Server 2008 and later

TCP

443

SSL to communicate with the Cloudamize servers

Ports relevant to the Cloudamize Agentless Data Collector

Note: ICMP/Ping is required to discover machines

Windows Agentless Data Collector GUI Installation

The latest version of the Cloudamize Agentless Data Collector can be downloaded from your assessment in the agent setup tab.

After downloading: Run the MSI file by double-clicking it and clicking "Next"

Accept the End-User License Agreement and click “Next”

Enter the customer key that was generated for the assessment. The customer key is available under Install agent using GUI. It is located by going to the Console portal here and navigating to Settings > Setup > Agentless Setup

To use a proxy server, enable "Use proxy" and type in HTTP proxy and port. If your proxy server needs user credentials, enable "Use proxy credential" and enter the Username and Password.

Click "Next". Click Install to begin the Cloudamize Agentless Data Collector installation

Once the installation completes, click Finish to close the installer

Command Line Installation with GUI

Please select one of the following commands and run it as administrator  (i.e., run Command Prompt as administrator and type in one of the commands)

  • When a proxy server is not used,

    • msiexec /i <downloaded MSI file> CUSTOMERKEY="your key"

  • When a proxy server is used but proxy credentials are not used,

    • msiexec /i <downloaded MSI file> CUSTOMERKEY="your key" USE_PROXY=1 HTTPS_PROXY="https://www.your_own_proxy.com" PROXY_PORT="your_proxy_server_port"

  • When a proxy server is used and proxy credentials are used,

    • msiexec /i <downloaded MSI file> CUSTOMERKEY="your key" USE_PROXY=1 HTTPS_PROXY="https://www.your_own_proxy.com" PROXY_PORT="your_proxy_server_port" USE_PROXY_CREDENTIAL=1 PROXY_USER_NAME="user_name" PROXY_PASSWORD="password"

  • When a connection problem occurs, the installer will try to connect to the Cloudamize server for 24 hours. To limit the installation maximum duration due to a connection problem,

    • msiexec /i <downloaded MSI file> CUSTOMERKEY="your key" INSTALL_MAX_DURATION_IN_MIN=60

      • Unit of INSTALL_MAX_DURATION_IN_MIN is minute and 60 minutes are set in this example.

  • Additional options

    •  IS_PROXY_CERTIFICATE_SIGNED_BY_CA

      • 0: Skip the proxy certificate verification with the proxy server option. This is the default value.

      • 1: Verify the proxy certificate.

    • IS_SERVER_CERTIFICATE_SIGNED_BY_CA

      • 0: Skip the server certificate verification.

      • 1: Verify the server certificate. This is the default value.

    • INSTALL_SQL_SERVER_PS_MODULE

      • 0: Skip installation of the SQLServer Powershell Module (only required for advanced SQL data).

      • 1: Attempt installation of the SQLServer Powershell Module if necessary.

Add and Configure Hosts

Continue to our guide for the following steps on how to Add and Configure Hosts with the Cloudamize Agentless Data Collector.

Windows Troubleshooting

Account Credentials

This error occurs when a Domain name is not specified. The format for the username is DomainName\Administrator

Cloudamize Agentless Data Collector is flagged by Antivirus 

An anti-virus may flag our agentless data collector as the installation package includes obfuscated code to protect our Intellectual Property. When the Cloudamize agentless data collector is flagged by an antivirus, re-installing on the same host is sometimes not possible due to remnants left behind during the uninstallation process. Cloudamize recommends a fresh installation of the agentless data collector on a different host that meets the prerequisites. 

In the event that hosts were added to the agentless data collector, the HostInfo.xml and HostInfoBackup.xml files should be backed up in a separate folder, such as C:\Temp, before uninstalling the Cloudamize agentless data collector. These files are located in: C:\Program Files\CloudamizeAgentlessDC or C: Program File (x86)\CloudamizeAgentlessDC depending on your architecture. Please note that these files can only be accessed by accounts that belong to the Administrators group.



Folder showing the location of HostInfo.xml and HostInfoBackup.xml on (x86) architecture

When the HostInfo.xml and HostInfoBackup.xml files are backed up, the Cloudamize agentless data collector can be uninstalled. You can download the latest version of the data collector from the portal.

Follow the usual process (above) to install. Once the installation has completed, copy the HostInfo.xml and HostInfoBackup files back into C:\Program Files\CloudamizeAgentlessDC\ or C:Program Files(x86)\CloudamizeAgentlessDC and restart the Cloudamize Watchdog and Cloudamize Agent services.

Unable to resolve a node

  1. The host [IP Address] is down

  2. The account name and password are incorrect, or the account does not have sufficient privileges.

    • If the server is domain joined, the domain controller itself may not be running.

    • The Active Directory administrator group may not include the domain administrator group.

    • The user account provided may not be in the domain admin group, or it may not be the local administrator account.

  3. A local account on the server is in use, and it is a member of the administrator's group but not the administrator account itself. 

Entry Key to disable UAC:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio n\Policies\system\LocalAccountTokenFilterPolicy

Note: A new registry key will be required if the file path does not exist. Please note that this will require administrative privileges.

Open Regedit, right-click on the System folder, and select “New” and “DWORD (32-bit)”

Change the name of the new registry entry to LocalAccountTokenFilterPolicy.

Right-click on the registry entry and select “Modify”

 Change the value from 0 to 1 and select “OK”



5. WMI traffic is not enabled. Run the following command in an elevated command prompt:

  • netsh advfirewall set rule group=“windows management instrumentation (wmi) new enable=yes

  • 6, 7, 8, 9, 10. Windows Firewall issues. Refer to the Firewall requirements section Under Window Agentless Data Collector Setup.

Linux Troubleshooting

Creating a user

To create a new user:

  • sudo useradd [username]

Update the user password:

  • sudo passwd [username]

Root permissions

Navigate to the /etc directory:

  • cd /etc

Open the Sudoers file by entering the following command in the /etc directory:

  • sudo visudo

Navigate to root ALL=(ALL) ALL underneath the header User Privilege. Move the cursor to the end of the line and enter the letter “o”, this will create a new line. Enter the following text:

  • [username] ALL=(ALL) ALL

Press the Esc key, type “:wq!” and press Enter

Redhat

Create a new user:

  • sudo useradd [username]

Update the user password:

  • sudo passwd [username]

Navigate to the /etc directory:

  • cd /etc

Open the Sudoers file by entering the following command in the /etc directory: 

  • sudo visudo

Navigate to %wheel ALL=(ALL) ALL in the sudoers file

Note: If there is a # symbol in front of %wheel ALL=(ALL) ALL then it must be removed before editing the configuration. Remove the #, press the Esc key, type “:wq!” and press Enter

Add the user to the wheel group 

  • sudo usermod -aG wheel [username]

Verify that the [username] account has been added to the group.

Ubuntu

Create a new user:

  • sudo useradd [username]

Update the user password:

  • sudo passwd [username]

Add the user account to the sudo group: 

  • sudo usermod -aG sudo Username

To verify the user account has been added to the sudo group:

  • su - [username]

Enter the password for the account and type the following command:

  • sudo whoami



If you are still experiencing issues, please send log files of the affected node(s) to helpdesk@cloudamize.com. The log files are located in C:/Program Files/Cloudamize for Windows machines, /usr/local/cloudamize/logs/ for Linux.