Offline – Disconnected Environment

Data Collection has no Internet access and not possible to use OMS Gateway

This scenario can be used to assess a completely disconnected environment. Disconnected means there is zero network connectivity from the assessed environment to the Internet or to any other machine that has Internet access. This scenario requires additional configuration and steps that are outlined below.

Requirements: In this scenario we require two machines

• One is the data collection machine and needs to fulfill prerequisites from the assessment.
• The other is the machine that has Internet access and can upload data to Azure Log Analytics.
  • This machine can be running any supported version of Windows Server or Windows Client that support the Microsoft Monitoring Agent.

Important

This connectivity scenario cannot be used for any of the below On-Demand assessments. These include:

• Office 365 Exchange Online
• Office 365 Skype and Teams
• Office 365 SharePoint Online
• Microsoft Azure
• SharePoint Assessment

To successfully execute On-Demand assessments via this method, an offline secure file copy process is necessary to transfer files to and from the Internet connected machine and the environment being assessed.

Internet Access Machine

After the Agent Installation and setup of the assessment are completed, follow the next steps on the machine that has Internet access.

• Open Task Manager
• Open scheduled tasks and drill down to the assessment task
• Set the scheduled task to start manually, removing the weekly schedule.
• Start the scheduled task, this will download the assessment executable and the assessment package.
  • Go to the Working Directory that was entered in the assessment setup. <Working Directory>\XXAssessment Where XX is different for each assessment.
  • A numbered folder will appear. As soon as you see this folder, stop the OMSAssessment.exe process in Task Manager.
• Copy the folder "OMSAssessment" folder that is created in “<working directory>\XXAssessment" to a USB drive or other method of your choice to copy content to the data collection machine
• Go to: C:\Program Files\Microsoft Monitoring Agent\Agent\Health Service State\Resources
  • Search for execpkg
  • Find the assessment package

for the technology you need, open the file location and copy that Execpkg file to the same location as where you stored the “OMSAssessment” folder.

This concludes the actions on the machine with Internet access until we want to upload data.

Data Collection Machine

Create a folder on the local drive that has enough free disk space to store all collected data, up to 10GB.

For instance: C:\MicrosoftAssessment

Create a directory for collection of data.

For instance:

• C:\MicrosoftAssessment\Collect

Copy the Execpkg file and OMSAssessment folder to the C:\MicrosoftAssessment folder.

• Open an elevated CMD Prompt, go to C:\MicrosoftAssessment\OMSAssessment and run the following command:
• List of all the commands for assessments using the disconnected environment
• OmsAssessment.exe -execPackage C:\MicrosoftAssessment\ADAssessmentPlus.execpkg" -w " C:\MicrosoftAssessment\Collect" -trace Off -headers False -assessmentname "ADAssessment" -discoverysettings "AD" -computername "<DataCollectionMachine>" -target ToolsMachine -op "<Location for the Recommendation files>"

Data collection starts and generate few files named:

new.prerequisite<"assessmentguid">.assessmentrecs

new.recommendations.<"assessment guid">.assessmentrecs

When the assessment is finished, the command prompt is back at the input prompt and you should not see anything running.

Copy the files that are named new.* over to the machine with Internet access

Copy the new.* files in the “<"working directory">\XXAssessment

To immediately upload the files: restart the “Microsoft Monitoring Agent” service

If not, the files will be found during the next cycle, within an hour. When they are processed and uploaded to Azure Log Analytics, the name changes from new to processed.

Review data afterwards on the portal, it may take up to one hour after the data is submitted to show up.

After setting up the data collection machine, continue getting started with On-demand Assessments by selecting the Configure Microsoft On-demand Assessments article in the Table of Contents.