(imported comment written by SystemAdmin)
FWIW - we did SNMP settings this way:
Fixlet (Task):
Microsoft Windows - SNMP Configuration
waithidden net stop snmp
delete __appendfile
delete regdel.reg
appendfile REGEDIT4
appendfile
-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\PermittedManagers
appendfile
-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities
move __appendfile regdel.reg
wait regedit /s regdel.reg
regset "
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\RFC1156Agent
" “sysContact”=“Contact”
regset "
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\RFC1156Agent
" “sysLocation”=“Anywhere, USA”
regset "
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\RFC1156Agent
" “sysServices”=dword:0000004f
regset "
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\PermittedManagers
" “1”=“localhost”
regset "
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\PermittedManagers
" “2”=“networktrapdestination1”
regset "
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\PermittedManagers
" “3”=“networktrapdestination2”
regset "
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities
" “ReadString”=dword:00000004
regset "
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities
" “WriteString”=dword:00000008
waithidden net start snmp
Analysis:
SNMP Information (Windows)
Relevance 1
(version of client >= “6.0.0.0”) AND (exists true whose (if true then (member of group 161 of site “actionsite”) else false))
SNMP Status - Period 1 hour
if exists service “SNMP” then state of service “SNMP” else “Not Installed”
SNMP Agent Settings - Period 1 day
if exists service “SNMP” then concatenation “,” of (name of it & “=” & it as string) of values of key “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\RFC1156Agent” of registry else “N/A”
SNMP Security Community Names - Period 1 day
if exists service “SNMP” then concatenation “,” of (name of it & “=” & it as string) of values of key “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\ValidCommunities” of registry else “N/A”
SNMP Security Permitted Hosts - Period 1 day
if exists service “SNMP” then concatenation “,” of (name of it & “=” & it as string) of values of key “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\PermittedManagers” of registry else "N/A"Relevance
John