Open Management Infrastructure (OMI) is an open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards. The OMI CIMOM is also designed to be portable and highly modular. In order to attain its small footprint, it is coded in C, which also makes it a much more viable CIM Object Manager for embedded systems and other infrastructure components that have memory constraints for their management processor. OMI is also designed to be inherently portable. It builds and runs today on most UNIX® systems and Linux. In addition to OMI's small footprint, it also demonstrates very high performance.
RPM and DEB packages are provided for the installation of OMI on most enterprise Linux distributions. To install OMI, download the correct package for your Linux computer. Choose from:
- 32-bit (x86) or 64-bit (x64) architecture
- OpenSSL version 0.9.8 or 1.0.x (to determine your OpenSSL version, run:
openssl version) - RPM or Debian package format
You can download and install OMI from the Releases page. While version numbers change from release to release, the following downloads illustrates the package types for OMI:
| Platform | Release | Architecture | SSL | Filename |
|---|---|---|---|---|
| Linux | Debian | x64 | 1.0.0 | omi-1.2.0-35.ssl_100.x64.deb |
| Linux | Debian | x64 | 0.9.8 | omi-1.2.0-35.ssl_098.x64.deb |
| Linux | RPM | x64 | 1.0.0 | omi-1.2.0-35.ssl_100.x64.rpm |
| Linux | RPM | x64 | 0.9.8 | omi-1.2.0-35.ssl_098.x64.rpm |
| Linux | Debian | x86 | 1.0.0 | omi-1.2.0-35.ssl_100.x86.deb |
| Linux | Debian | x86 | 0.9.8 | omi-1.2.0-35.ssl_098.x86.deb |
| Linux | RPM | x86 | 1.0.0 | omi-1.2.0-35.ssl_100.x86.rpm |
| Linux | RPM | x86 | 0.9.8 | omi-1.2.0-35.ssl_098.x86.rpm |
Alternatively, you can now also download from Microsoft Repo. Instructions on setting this up can be found here. Follow the instructions for your platform. You can then use your platform's package tool to install OMI (i.e. "sudo apt-get install omi", or "sudo yum install omi").
The latest version of all supported platform packages can also be found here, but where possible we recommend downloading from the Microsoft Repo.
We support most modern Linux platforms (and some that aren't so modern). That said, our formal tested matrix of Linux platforms includes the following:
- CentOS 5, 6, and 7 (x86 and x64)
- Debian 6, 7, and 8 (x86 and x64)
- Oracle Linux 5, 6, and 7 (x86 and x64)
- Red Hat Enterprise Linux Server 5 and 6, and 7 (x86 and x64)
- Note: Red Hat 7.1 or later also runs on the PPC platform
- SUSE Linux Enteprise Server 10, 11, and 12 (x86 and x64)
- Ubuntu 12.04 LTS, 14.04 LTS, and 16.04 LTS (x86 and x64)
As well as the Linux platforms supported, OMI is also tested to work on the following platforms:
- AIX 6.1 and 7.1
- HPUX 11.31 (ia64 only)
- Solaris 10 and 11 (Sparc and x86)
- For RPM based systems (RedHat, Oracle, CentOS, SuSE):
sudo rpm -Uvh ./omi-1.2.0-35.ssl_100.x64.rpm
- For DPKG based systems (Debian, Ubuntu, etc):
sudo dpkg -i ./omi-1.2.0-35.ssl_100.x64.deb
To download the source code to OMI for build purposes or to further develop OMI, please see repository Build-omi.
- Setup of credentials for NTLM authentication is covered in setup-ntlm-omi
- Setup of credentials for Kerberos authentication is covered in setup-kerberos-omi
Installing OMI configures a daemon named "omid" which can be
controlled with standard service controllers: service or
systemctl. Additionally, a service_control script can be found at:
/opt/omi/bin/service_control
Restarting OMI: sudo /opt/omi/bin/service_control restart
To test that OMI is functional locally, the omicli command be used:
sudo /opt/omi/bin/omicli ei root/omi OMI_Identify
This command enumerates all instances of the OMI_Identify class in the root/omi namespace.
OMI's server configuration is set in the file:
/etc/opt/omi/conf/omiserver.conf. Important configuration
properties include:
| Property | Purpose |
|---|---|
| httpsport | The HTTPs port(s) to listen on. The default is 5986. Multiple ports can be defined as a comma-separated list |
| httpport | The HTTP port to listen on. It is recommended that HTTP remain disabled (httpport=0) to prevent unencrypted communication |
| pemfile | The certificate to use for TLS/SSL communication |
| keyfile | The private key that corresponds to the TLS/SSL certificate |
| NoSSLv2 | When true, the SSLv2 protocol is disabled |
| NoSSLv3 | When true, the SSLv3 protocol is disabled. If NoSSLv2 and NoSSLv3 are both set to true, only TLS encryption will be negotiated |
| NoTLSv1_0 | When true, the TLSv1.0 protocol is disabled |
| NoTLSv1_1 | When true, and if available on the platform, the TLSv1.1 protocol is disabled |
| NoTLSv1_2 | When true, and if available on the platform, the TLSv1.2 protocol is disabled |
| sslCipherSuite | The prioritized list of allowed SSL/TLS ciphers. For more information, see OpenSSL's documentation |
Similar to configuring the server, the client configuration file is located at /etc/opt/omi/conf/omicli.conf.
/opt/omi/bin/omicli ei root/omi OMI_Identify --auth Basic --hostname yourlinuxhostname -u root -p rootpwd --port 5985
/opt/omi/bin/omicli ei root/cimv2 Win32_Environment --auth Basic --hostname yourwinmachine -u administrator -p adminpassword --port 5985
winrm enumerate http://schemas.microsoft.com/wbem/wscim/1/cim-schema/2/OMI_Identify?__cimnamespace=root/omi -r:http://yourlinuxhostname:5985 -auth:Basic -u:root -p:"rootpassword" -skipcncheck -skipcacheck -encoding:utf-8 -unencrypted
Note: If your root password contains escaped char like 'rootpa^ssword', you need to use double quotes like -p:"rootpa^ssword" for winrm on Windows. These escaped chars need to use double quotes after '-p:' :
%^&<>|'`,;=()!"\[].*?
This project has adopted the [Microsoft Open Source Code of Conduct] (https://opensource.microsoft.com/codeofconduct/). For more information see the [Code of Conduct FAQ] (https://opensource.microsoft.com/codeofconduct/faq/) or contact opencode@microsoft.com with any additional questions or comments.