Fixes are available
APAR status
Closed as program error.
Error description
Problem: Monitoring Agent for Windows OS does not show the Binary Path in Processes Attribute Group when running asnon-administrator. Introducing the new environment variable KNT_USE_DEBUG_PRIVILEGE the agent can acquire the privilege to retrieve this value. Affected Platforms / Versions: All the releases of the Windows OS Agent Diagnostics: (56A09FC7.00F0-8CC:knt75agt.cpp,435,"getBinaryPath") Entry (56A09FC7.00F1-8CC:knt75agt.cpp,445,"getBinaryPath") Warning: OpenProcess error 5 for PID: <pid> (56A09FC7.00F3-8CC:knt75agt.cpp,525,"getBinaryPath") Exit: 0x0 Initial Impact: Low - the binary path is not collected Additional Keywords: Process.Binary_Path NTPROCESS.BINPATH
Local fix
If you need Binary Path attribute, with current level of code you need to run Windows OS agent using Administrator account
Problem summary
Problem Summary: The Monitoring Agent for Windows OS does not show the Binary Path in Processes Attribute Group when running as non-administrator. In order for this APAR to be properly implemented in your environment, a new environment variable has been added. See the "Install Actions" section of the APAR conclusion for more details. Problem Conclusion: A new environment variable, KNT_USE_DEBUG_PRIVILEGE, has been introduced. Install Actions: The APAR introduces the environment variable KNT_USE_DEBUG_PRIVILEGE to enable the Debug Privileges allowing a non-administrator user to query a process for the binary path. Possible values are 0 or 1, the default value is 0 (disabled). In adding to the use of this variable it is necessary enable the SeDebugPrivilege for the user: 1) Open the Local Security Policy panel (running secpol.msc) 2) Expand "Local Policies" and click on "User Right Assignment". 3) In the right panel, look for an entry called "Debug Programs" 4) Double click and then Add the account you use to start the agent to the list of already granted users/groups. 5) Click "OK" to confirm NOTE: The OS Agent uses the Microsoft Windows openProcess API to query the data. There is a note in the documentation for this API that some processes are reserved and code is not allowed to retrieve the information (when run as Administrator and also when run as non-Administrator with KNT_USE_DEBUG_PRIVILEGE set as mentioned above: If the specified process is the Idle process or one of the CSRSS processes, this function fails and the last error code is ERROR_ACCESS_DENIED because their access restrictions prevent user-level code from opening them. https://msdn.microsoft.com/en-us/library/windows/desktop/ms68432 0(v=vs.85).aspx
Problem conclusion
The fix for this APAR is included in the following maintenance vehicle: | fix pack | 6.3.0-TIV-ITM-FP0007 | | interim fix | 6.3.0.6-TIV-ITM_WIN-IF0002 | Note: Search the IBM technical support web site for maintenance package availability.
Temporary fix
n/a
Comments
APAR Information
APAR number
IV82178
Reported component name
ITM AGENT WINDO
Reported component ID
5724C040W
Reported release
630
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2016-03-07
Closed date
2016-07-20
Last modified date
2018-06-11
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
ITM AGENT WINDO
Fixed component ID
5724C040W
Applicable component levels
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSRM2J","label":"Tivoli OMEGAMON XE for Distributed Systems"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"630","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
Document Information
Modified date:
11 June 2018