This article explains reasons why, some Customer's get an error "Unable to deploy Win UTIL" when attempting to perform SYNC of a WINDOWS ORIGIN, even when the SSH is configured as SYSTEM User and Customer is able to successfully SSH to the same WINDOWS ORIGIN from RMM.
Background:
<>
Symptom:
1) When Customer SSH's to the ORIGIN SERVER and executes the basic commands like 'diskpart' or 'vssadmin', etc., there would be error shown as "un recognized commands"
However, when the Customer takes an RDP Session to the ORIGIN, and executes the same, the commands work fine.
2) The error from SYNC operation would be something like this:
From RMM GUI:
RSP_SYNC_CHECKPOINT SYNC_CHECKPOINT_DEPLOYING_WINUTIL STATUS_INFO
Syncing R3-41-<Origin>-Src: Deploying management framework to R3-41-<Origin>-Src
RSP_SYNC_ERROR SYNC_ERROR_DEPLOY_WINUTIL STATUS_ERROR
Details: The target [SYSTEM@10.10.10.65] is not reachable over SSH. Please fix the SSH connection and verify that the correct SSH username and port 22 is being used for connectivity. Also please make sure that OS firewall on host is configured with port 22 for ssh.
From the RMM by-jobid log:
560:Script stderr: /opt/rackware/utils/windows/deploy-winutil:662 (main): ERROR: The target [SYSTEM@10.10.10.65] is not reachable over SSH. Please fix the SSH connection and verify that the correct SSH username and port 22 is being used for connectivity. Also please make sure that OS firewall on host is configured with port 22 for ssh.
The target [SYSTEM@10.1.105.65] is not reachable over SSH. Please fix the SSH connection and verify that the correct SSH username and port 22 is being used for connectivity. Also please make sure that OS firewall on host is configured with port 22 for ssh.
The RMM cannot connect to the target [SYSTEM@10.10.10.65] over SSH on port 22.
/opt/rackware/utils/windows/deploy-winutil:289 (on_exit): deploy-winutil failed: <ORIGIN> Network unreachable
Script '/opt/rackware/utils/windows/deploy-winutil' exited with status 3
/opt/rackware/utils/windows/deploy-winutil exited with non-zero exit status (3)
Before you Begin:
You must have:
- 'root' access to RMM CLI
- 'Administrator' level access to Windows ORIGIN Server and/or have a Customer Windows Administrator with you, who may have access to the WINDOWS ORIGIN and who may have authority to modify the Windows Environmental parameters
Use case:
Migrating any RMM Supported version of Windows server.
Applicable To:
- ANY RMM version on installed in ANY environment.
- Applies when migrating a WINDOWS ORIGIN Server as supported per latest RMM Pre-Reqs
Preparation/Pre-Req:
- Customer must have met all the PreReqs for ORIGIN/RMM/TARGET for Automatically provisioning a Target.
- Administrator privileges are required to modify the path and environment variables on the WINDOWS ORIGIN See <Before you Begin section>
RMM Perspective:
This is NOT an RMM Functional issue. RMM is simply unable to execute basic commands it needs on this WINDOWS ORIGIN due to the way it may be setup.
In this Customer case, it turned out that the PATH variable did not have a few basic settings and hence the SYNC were failing.
C:\Windows
C:\Windows\system32
C:\Windows\System32\Wbem
C:\Windows\System32\WindowsPowerShell\v1.0\
Steps/Workaround:
Customers can refer to this - https://www.computerhope.com/issues/ch000549.htm and set the path and environment variables in Windows, to include the following (if not present):
C:\Windows
C:\Windows\system32
C:\Windows\System32\Wbem
C:\Windows\System32\WindowsPowerShell\v1.0\
Post Changes:
A Reboot of the ORIGIN Server MAY BE needed to ensure the new PATH VARIABLE set becomes active. Please consult your WINDOWS OS Manual, or the WIN Administrator, who may be well versed in this area.
If it is determined an RMM reboot is NOT needed due to the changes, please at least restart the Rackware SSHD Service that is running on the WIN ORIGIN so the new changes take effect.
Important Note(s):
If the RMM is placed on OCI, you can additionally check and reduce the MTU of the RMM server to 1200
ifconfig | grep mtu
If the value is something like 9000, change it to 1200 as below
# Changing MTU on RMM
ifconfig ens3 mtu 1200 up
(where ens3 is the Primary NIC)