I can't seem to find a simple, step-by-step tutorial on how to use Performance Monitor remotely. I just want to give non-admin rights to one of our DBA guys so he can get the results he needs from perfmon on our server. Remote desktop seems like overkill, and a potential security concern if his laptop is ever stolen (even though you can only RDP from our IP, but still).
Can anyone point me to a simple tutorial on getting remote Performance Monitor access? (eg. What ports need to be opened, etc.) Or perhaps just explain it yourself? I can't imagine there's that many steps involved…?
Thanks for any help, I'm surprised at how hard it is to find the answer I'm looking for!
Best Answer
Unfortunately you need RPC access over port 445 for PerfMon to work remotely. On a Windows 2003 server with the standard MS host firewall enabled you can enable the "File and Printer Sharing" selection in the Exceptions tab of the Windows Firewall applet. You can set this via the CLI with the command:
You can restrict this down to just the necessary IPs depending on your network setup.
You then need to setup the logon account of the "Performance Logs and Alerts" service on the remote users laptop. It needs to start as a domain user that has rights to access the Perfmon counter objects on the remote machine. We typically use a fairly locked down service account for this. The user must have the "Profile System Performance" right however. Local Administrators have this right by default.
In addition, if you are collecting the Perfmon data to a database this user must be setup as a login in the SQL Server where the Perfmon data is being collected to.