- Posted by Gavin Soorma
- On July 4, 2013
- 0 Comments
- 12c, agent, agentless, discovery, nmap, oem12c
Unlike previous releases OEM 12c can now detect and discover targets even before the management agents are deployed on managed hosts.
This agentless technology is based on using nmap which is an IP scanning utility.
Once targets are discovered, we can use the promotion process to convert these unmanaged hosts into managed hosts by deploying the management agents on these hosts.
We can schedule regular jobs using an existing management agent to continually perform scans so that when new Oracle components are added to our infrastructure they are automatically discovered and brought under OEM12c management.
Since the entire network will be scanned, the Sudo Privilege Delegation must be set on the Management Agent host that will perform the scan.
To set up Privilege Delegation, we need to add the following lines to the /etc/sudoers file as shown below.
oracle ALL=(root) /u01/app/oracle/agent12c/sbin/nmosudo *
Note – in versions prior to Enterprise Manager Cloud Control 12c Release 2 (22.214.171.124), nmosudo was located in the agent instance directory and not in the sbin directory. For example, /u01/oracle/agent/agent_inst/bin/nmosudo
Fron the Setup – Security – Privilege Delegation menu
Add the line in the Sudo Command field (location of sudo executable)(
/usr/bin/sudo -u %RUNAS% %COMMAND%
Click on Update
Click on preferred credentials
Select the host and then click on Set icon
Click on the Test icon.
Select Custom in the Test Type list of values
In the Command enter ‘id’
We can see that the id command has been executed not by the oracle user but by the root user – so our Privelege Delegation setting is configured now in OEM 12c
From the Setup – Add Target – Configure Auto Discovery menu
Click on Host and Oracle VM Manager using IP Scan
Click on Create and the click on Add
Here we will add the host and management agent which is going to perform the nmap scan for us – note that this is the target where we have configured Privilege Delegation in a previous step
We can provide a name for the IP scan job and enter either the IP address or range of IP addresses to scan and we can also enter just a hostname or group of hostnames to scan.
For the given host or IP address or range of IP addresses we can specify which ports we want to scan.
In this case for example we have added the listener port 1523 to the list of default ports for scanning which are supplied out of the box.
Once the IP scanning job has been completed, we can check the status from the Setup – Add Target – Auto Discovery Results
We can see that on the provided IP address to scan a host running on the Linux platform has been discovered. We can then click on the Promote button which will bring us to the Add Host Targets wizard from where we can automatically deploy the 12c management agent.