NTCMD Protocol

Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Parameter	Description
Connection Timeout	Time-out in milliseconds after which the Probe stops trying to connect to the NTCMD server.
Username	The name of the user needed to connect to the host as an administrator.
Password	The password of the user needed to connect to the host as an administrator. Note The password cannot contain the following special characters: ^&
Windows Domain	The Windows domain in which the credentials are defined. If this field is left empty or is not a valid domain, the NTCMD protocol assumes the user is defined locally on the host.
Run remote commands impersonated	If selected, the discovery commands are executed remotely under the User Name of this credential. If not selected, the discovery commands are, instead, executed remotely under the LocalService account.
Remote Share Path	Used where Admin$ does not exist on the Windows machine being connected to. Type here the name of the SHARE concatenated with full path to the Windows directory of the machine being connected to. For example: Share$\Windows
Share Local Path	The full path to the Windows directory of the machine being connected to. For example: C:\Windows

Parameter

Description

Connection Timeout

Time-out in milliseconds after which the Probe stops trying to connect to the NTCMD server.

Username

The name of the user needed to connect to the host as an administrator.

Password

The password of the user needed to connect to the host as an administrator.

Note The password cannot contain the following special characters: ^&

Windows Domain

The Windows domain in which the credentials are defined. If this field is left empty or is not a valid domain, the NTCMD protocol assumes the user is defined locally on the host.

Run remote commands impersonated

If selected, the discovery commands are executed remotely under the User Name of this credential.

If not selected, the discovery commands are, instead, executed remotely under the LocalService account.

Remote Share Path

Used where Admin$ does not exist on the Windows machine being connected to. Type here the name of the SHARE concatenated with full path to the Windows directory of the machine being connected to. For example: Share$\Windows

Share Local Path

The full path to the Windows directory of the machine being connected to. For example: C:\Windows

Note

This protocol supports IPv6, with the following limitations:
- Windows XP: Does not work over IPv6
- Windows Server 2003/2003 R2: Registry on the target system being discovered needs to be modified as described in this Microsoft support article: http://support.microsoft.com/kb/281308
You can use the HPCmd Utility to establish shell connection to remote Windows machines in order to execute commands for extracting important configuration information for population in the UCMDB. For details about this utility, see HPCmd - Security Analysis.
This protocol uses the DCOM protocol for connecting to remote machines. The DCOM protocol requires that the following ports are open: 135, 137, 138, and 139. In addition the DCOM protocol uses arbitrary ports between 1024 and 65535, but there are ways to restrict the port range used by WMI/DCOM/RPC. In addition, for information about for configuring DCOM to work with firewalls, see http://support.microsoft.com/kb/154596/en-us. For all versions of Windows after NT, port 445 (name: microsoft-ds) is the preferred port for resource sharing, including Windows file sharing and other services. It uses the TCP Protocol and replaces ports 137-139.

Note When the CyberArk integration is enabled, two radio buttons (Regular Credential and External Vault) are enabled. The existing Username and Password parameters are grouped under the Regular Credential radio button, and CyberArk integration specific parameters Type and Reference are enabled and grouped under the External Vault radio button, as described in the table below.

CyberArk-related Parameters
Parameter	Description
Regular Credential	Enabled when CyberArk integration is enabled. Select this radio button to use regular credential as before. Username. See description above. Password. See description above.
External Vault	Enabled when CyberArk integration is enabled. Select this radio button to use an external credential vault. Type. The external vault type. Currently only CyberArk is supported. Reference. Click to open the Configure dialog box. Reference. Select this option to configure the Reference ID that will be used by UCMDB/UD to retrieve the passwords from the CyberArk Enterprise Password Vault when they are needed. Set the reference ID in the CyberArk Enterprise Password Vault in the following format: <Safe Name>\<Folder Path>\<Reference ID>. Where <Safe Name> is the Safe value in CyberArk, <Folder Path> is the folder where the Safe belongs to, and <Reference ID> is the name of the CyberArk account you specified or auto-generated in CyberArk. For example, NancySafe\Root\nancy-cyberark-testing-refid. Parameter. Select this option to enable configuring a list of editable CyberArk properties as a query string for UCMDB/UD to retrieve passwords from the CyberArk Enterprise Password Vault. To configure a CyberArk property value, click in the Value column for the property, and specify the value in string. The CyberArk properties values must not contain any of the following characters: *\/:?"<>\|'.; The out-of-the-box list of CyberArk properties displayed in the Configure dialog box is editable. You can set selected CyberArk properties as the default list using JMX method setGlobalSettingVaule. For instructions, see "How to Set a Default List of CyberArk Properties Using JMX" in the HPE Universal CMDB Data Flow Management Guide. Regex. Enables configuring CyberArk properties values in regular expressions. For examples of how to use regular expression syntax, see "Regular Expression Examples" in the HPE Universal CMDB Modeling Guide. The CyberArk properties values in regular expression must not contain any of the following characters: : ;**

CyberArk-related Parameters

Parameter

Description

Regular Credential

Enabled when CyberArk integration is enabled. Select this radio button to use regular credential as before.

Username. See description above.
Password. See description above.

External Vault

Enabled when CyberArk integration is enabled. Select this radio button to use an external credential vault.

Type. The external vault type. Currently only CyberArk is supported.
Reference. Click to open the Configure dialog box.
- Reference. Select this option to configure the Reference ID that will be used by UCMDB/UD to retrieve the passwords from the CyberArk Enterprise Password Vault when they are needed.
  
  Set the reference ID in the CyberArk Enterprise Password Vault in the following format: <Safe Name>\<Folder Path>\<Reference ID>.
  
  Where <Safe Name> is the Safe value in CyberArk, <Folder Path> is the folder where the Safe belongs to, and <Reference ID> is the name of the CyberArk account you specified or auto-generated in CyberArk.
  
  For example, NancySafe\Root\nancy-cyberark-testing-refid.
- Parameter. Select this option to enable configuring a list of editable CyberArk properties as a query string for UCMDB/UD to retrieve passwords from the CyberArk Enterprise Password Vault.
  
  To configure a CyberArk property value, click in the Value column for the property, and specify the value in string.
  
  The CyberArk properties values must not contain any of the following characters: \/:*?"<>|'.;
  
  The out-of-the-box list of CyberArk properties displayed in the Configure dialog box is editable. You can set selected CyberArk properties as the default list using JMX method setGlobalSettingVaule. For instructions, see "How to Set a Default List of CyberArk Properties Using JMX" in the HPE Universal CMDB Data Flow Management Guide.
  - Regex. Enables configuring CyberArk properties values in regular expressions.
    
    For examples of how to use regular expression syntax, see "Regular Expression Examples" in the HPE Universal CMDB Modeling Guide.
    
    The CyberArk properties values in regular expression must not contain any of the following characters: : ;