SCOM Maintenance Mode Scheduler

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=61365290-3c38-4004-b717-e90bb0f6c148&displaylang=en

Changes in This Update

Version 6.1.7695.0 of the Operations Manager Management Pack for Operations Manager 2007 R2 includes the following changes:

• Added the “Agents by Health State” report which will list all agents, management servers, gateway servers and the root management server grouped by their current health state (i.e. unavailable, error, warning or success)
• Added the “An alert subscription has been automatically disabled due to invalid configuration” rule to generate an alert when an alert subscription is disabled due to invalid configuration, such as when the account that created the subscription being deleted.
• Added the “WMI Service Availability” aggregate monitor and the “Windows Management Instrumentation Service” unit monitor to monitor the state of the Windows Management Instrumentation (WMI) service (winmgmt) on agents. By default, the unit monitor samples the WMI service every 125 seconds and generates an alert when the WMI service is not running for 3 consecutive samples. These settings can be changed by using overrides.
• Added rules to that can be enabled in place of monitors that require manual reset of the health state.
• Updated product knowledge for some workflows.
• Changed the "Computer Verification: Verification Error" event collection rule to be disabled by default. The alert from this rule would only be generated when running the discovery wizard, when the user would directly observe that one or more computer verifications failed. The alert is an unnecessary duplication.
• Change the “Collect Configuration Parse Error Events” rule to be disabled by default.
• Changed the parameter used for alert suppression for the following rules:
• Alert generation was temporarily suspended due to too many alerts
• Workflow Runtime: Failed to access a Windows event log
• Workflow Initialization: Failed to initialize access to an event log
• An error occurred during computer verification from the discovery wizard
• A generic error occurred during computer verification from the discovery wizard
• Removed alerting from the “Data Integrity” aggregate monitor and added alerting to its unit monitors:
• Repeated Event Raised
• Spoofed Data Check
• Root Connector Data Validity Check

Kevin Holman has a nice write-up explaining the changes here.

 http://blogs.technet.com/b/kevinholman/archive/2010/11/24/opsmgr-2007-r2-core-mp-s-updated-6-1-7695-0.aspx

For SCOM 2012 please see my maintenance mode scheduling tool.  https://www.scom2k7.com/scom-2012-maintenance-mode-scheduler/

I have updated the scripts for SCOM Remote Maintenance Mode Scheduler 2.0 to properly support SCOM R2.

Download: MaintenanceModeV4_R2.zip

The old scripts worked ok but if you had a large group of servers it would take a long time with R2. The old scripts would try to put the HealthService and the HealthServiceWatcher in maintenance mode which is no longer necessary with R2.

Another thing I added to the scripts was to not re-set the maintenance mode of a server if it is already in maintenance mode.  I have seen instances where a particular server is put into maintenance mode for a long period of time and then a scheduled maintenance mode job will re-set the maintenance mode causing noise and skewed reports.

To install the scripts just rename the old scripts and then copy the new scripts into the same “C:\MaintenanceModeV4” directory.

**You will also might need to Remove the Security from the Downloaded PowerShell Scripts

Please let me know if you come across any issues.

You might have noticed that the SCCM Reporting Dashboard was released.  But what most of you don’t know is that you can use the dashboard for SCOM data.  The cool thing with the SCCM dashboard is that it’s and OPEN platform.  You can feed it a SQL query and it will display a live gauge or a graph.  This can be used query data from  the SCOM Operations DB, the Data Warehouse DB or any DB you want.

So how do we do it?

First we need to download and install the SCCM dashboard. You can download it at http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=27fe0d80-38c6-464a-953a-1c2edcf35c2d

Install the dashboard using the guide that comes with the download.

** If you don’t have SCCM that’s ok.  The install is just asking for a database.  So just type in the name of the Operations Manager Database.  Make sure the username and password has permissions or the install will fail.

Input the information from the SharePoint installation.

After it’s installed your dashboard will look blank like this.  That OK it’s just because it doesn’t have any data to pull from.  So lets give it some data.

Go to Site Actions Edit Page

You should now see this configuration editor

Enter in a Name for the data and then enter in SQL Server and Database Name

Then input a SQL query that you want to graph.

Here is the query I used to return back # of Agents Responding and # of Agents not responding.

SELECT ‘Responding’ as Status,  COUNT(*) as TotalMachines FROM ManagedEntityGenericView INNER JOIN ManagedTypeView
ON ManagedEntityGenericView.MonitoringClassId = ManagedTypeView.Id
WHERE (ManagedEntityGenericView.IsAvailable = ‘True’) AND (ManagedTypeView.Name = ‘Microsoft.SystemCenter.Agent’)
Union
SELECT ‘NotResponding’ as Status,  COUNT(*) as TotalMachines FROM ManagedEntityGenericView INNER JOIN ManagedTypeView
ON ManagedEntityGenericView.MonitoringClassId = ManagedTypeView.Id
WHERE (ManagedEntityGenericView.IsAvailable = ‘false’) AND (ManagedTypeView.Name = ‘Microsoft.SystemCenter.Agent’)

Now choose the type of graph you want.  I choose PieChart

Give it a Title

Then Choose Save and Close

Now go to one of the Web Parts and Select edit Modify Shared Web Part

In the top corner under “Select data set configuration”,  select the data set we just created. Then click OK

The Agent Status should now show up in the web part.

Click Exit Edit Mode in the top right corner

Repeat the process with any other data set you want to display in a graph or gauge.

Are you getting this error when trying to install reporting? 

Here are the steps to resolve it.

1.  Check to User Permissions.

-  Verify the user you are running the installer as is a member of the Operations Manager Administrators.
-  Verify the user has sysadmin access to the database in SQL.

2.  Check the SPN of the SDK Service.

– http://wchomak.spaces.live.com/blog/cns!F56EFE25599555EC!824.entry?sa=646856610
– http://blogs.technet.com/jonathanalmquist/archive/2008/08/14/operations-manager-2007-spn-s.aspx
– http://blogs.technet.com/kevinholman/archive/2007/12/13/system-center-operations-manager-sdk-service-failed-to-register-an-spn.aspx

3.  Check the Operations Manager database.

– Go into SQL Enterprise Management Studio 
– Expand Databases, OperationsManager, and Tables
– Right click on MT_ManagementGroup
– Click Open Table if you are using SQL Server 2005 or click Edit Top 200 Rows if you are using SQL Server 2008.
– Look at the Value in column SQLServerName_6B1D1BE8_EBB4_B425_08DC_2385C5930B04
– This should be the name of your operations manager database server.  (If you ever moved your operations manager database to a new SQL server there is a chance that this step got missed.)

With the arrival of Windows Server 2008 R2 it seems that more administrators are keeping UAC enabled.  I ran into an issue where I installed the certs for a gateway server and ran the cert import tool but kept getting this error

Event: 21016

OpsMgr was unable to set up a communications channel to scomrms1.scom.com and there are no failover hosts.  Communication will resume when scomrms1.scom.com is available and communication from this computer is allowed.

and

Event: 21007

 The OpsMgr Connector cannot create a mutually authenticated connection to scomrms.scom.com because it is not in a trusted domain.

I ran MOMCertImport and everything seemed to be fine.  After taking a look into HKLM\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Machine Settings\ I realized that there was no reg key for ChannelCertificateSerialNumber.

This told me there was a problem with running the MOMCertImport tool as nothing was being written to the registry.

It turns out that running MOMCertImport doesn’t call the UAC dialog box the application runs and lets you select you cert and exits normally.  So what you must do is right click on MOMCertImport.exe and click on Run as administrator.

Then click Continue in the UAC dialog box.

After installing the scom agent on a Red Hat 5.3  server and importing the management packs I started getting a bunch of  Secure Reference Override Alerts in my ops manager console.

The Health Service on computer SCOMMS.mydomain.com failed to resolve Secure Reference override. This issue may affect multiple instances. Additional details: Account for RunAs profile in workflow “Microsoft.Linux.RHEL.5.Process.Klog.Restart”, running for instance “Red Hat Enterprise Linux Server release 5.3 (Tikanga)” with id:”{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}” is not defined. Workflow will not be loaded. Please associate an account with the profile. Management group “MG”

So how do we fix these problems?  After searching for a solution I came across Marius Sutara’s Secure Reference Helper tool.   http://blogs.msdn.com/mariussutara/archive/2009/04/09/tool-opsmgr-2007-r2-what-to-do-with-secure-reference-override-alert.aspx

I downloaded the 64-bit version of the program but when I tried to install it, the installation failed.

I tried it on another RMS server and it failed there too.  So we can’t even use the tool because the installer doesn’t work.  Not so fast.

Lets extract the files from the MSI and see what it does.

msiexec /a “c:\temp\SecureReferenceSetup.x64.msi” /qb TARGETDIR=”c:\securefiles”

Here are the files from the MSI.

Microsoft.SystemCenter.Community.SecureReferenceHelper.xml – This file just creates the task in the actions pane.  (Not all that useful to me)
SecureReference.exe – This is the meat of the application.  You can run this program standalone as long as you have the .net 3.5 framework installed.
SecureReference.SetupAction.exe –  This is the installer that was failing.
So lets see what this puppy does.

I launch the SecureReference.exe app and get a login screen.  If you have admin access to the RMS you can just type in the RMS server name in the box.

I uncheck perform removal of duplicate alerts automatically.

Using the tool and I can plainly see that the problem is with the Unix Privileged Account.  I set the Unix Privileged Account to my Unix Action Account and my problem is solved.

**Update** some people were still having problems extracting the files so I posted the executable for the application on my blog.

https://www.scom2k7.com/downloads/SecureReference.zip

If you try to delete a distributed application you may get an error like this.

Application: System Center Operations Manager 2007 R2
Application Version: 6.1.7221.0
Severity: Error
Message:

: Verification failed with [1] errors:
——————————————————-
Error 1:
: Failed to verify View with ID: View_1f1998325fe94ccb97855d7154bfa30c
Target property :ManagementPackElement=Service_ceecc43c88ee428197f7eafbf91236e2 in ManagementPack:[Name=my.managementpack, KeyToken=, Version=1.0.0.0] for this View is incorrect.Cannot find ManagementPackElement [Type=ManagementPackClass, ID=Service_ceecc43c88ee428197f7eafbf91236e2] in ManagementPack [ManagementPack:[Name=my.managmentpack, KeyToken=, Version=1.0.0.0]]
——————————————————-

The reason for this error is that there is a view that you created in the Monitoring Console to display the distributed application.  You have to delete this view first.  Then you can delete the distributed Application.

Our SQL Team doesn’t want to manage SQL Express installations. Typically SQL Express is used for Dev/Test and they don’t want to be alerted on these databases.

Turns out there is a nice override to disable discovery of these in the “SQL 200x Database Engines (Windows Server)” discovery.

All you need to do is find the SQL 200x Database Engines (Windows Server) discovery.  Create an override “For all objects of type: Windows Server”

Then choose the Parameter Name “Exclude List” and type in “SQLEXPRESS”.

I ran into an issue where I needed to count the number of xml files in a directory.  The problem was there are 10,000 other files in the directory.  The application team didn’t care about the extra files and didn’t want to clean them out.  All they wanted to know was when the number of XML files was over 15.

First I tried a basic vb script, like this.

This works fine in a directory with only a few files but my directory has 10,000 other files in it.  I ran this script waited 10 minutes and then canceled it.  Obviously this was not going to work as the script has to touch every file in the directory.  Operations Manager would time out way before the script finishes.

So after many Google and Bing searches looking for a different vb scripts to count only the xml files, I decided to see how easy it would be in C#.

In C# it was a piece of cake.  You can download the C# project file with source here.
https://www.scom2k7.com/downloads/filecount.zip 

using System;

using System.Collections.Generic;

using System.Linq;

using System.Text;

using System.IO;

namespace filecount

{

    class Program

    {

        static void Main(string[] args)

        {

            string directoryPath = args[0];

            string eXtension = “*.” + args[1];

            int fileCount = System.IO.Directory.GetFiles(directoryPath,

            eXtension).Length;

            Console.WriteLine(fileCount);

        }

    }

}

I ran the executable that visual studio created with two parameters “directory” and “extension” and it took one second to count the number of xml files in the directory.  This is what I was looking for, way faster and more efficient. 

So now I have a working executable the takes two parameters.  How do I get it to work with SCOM? 

The easiest way was to remove the Console.WriteLine(fileCount) and set the count to the exit code. 

Environment.Exit(fileCount);

Now all I need to do is wrap this executable with a vbscipt and have SCOM call it. You can download the vb script here. https://www.scom2k7.com/downloads/advanced.zip

Dim oAPI, oBag, objShell, objFSO, objFile, myCMD, bWaitOnReturn, returnCmd, oArgs

Set oAPI = CreateObject(“MOM.ScriptAPI”)

Set oBag = oAPI.CreateTypedPropertyBag(StateDataType)

Set oArgs = WScript.Arguments

If oArgs.Count < 3 Then

Call oAPI.LogScriptEvent(“FileCountCSharp.vbs”, 500, 0, “Script aborted. Not enough parameters provided.”)

WScript.Quit -1

End If

folder = oArgs(0)

extension = oArgs(1)

userCount = cint(oArgs(2))

bWaitOnReturn= True

Set objShell=CreateObject(“WScript.Shell”)

Set objFSO=CreateObject(“Scripting.FileSystemObject”)

strPath=“C:\ScomTools\filecount.exe”

If objFSO.FileExists(strPath) Then

set objFile=objFSO.GetFile(strPath)

myCMD = strPath & ” “ & folder & ” “ & extension

returnCmd = objShell.Run (myCMD,0,bWaitOnReturn)

Else

Call oAPI.LogScriptEvent(“filecount.exe”, 510, 0, “Can’t find EXE to run Script”)

WScript.Quit

End If

If returnCmd > userCount Then

            strReturn = userCount

            Call oBag.AddValue(“State”,“BAD”)

            Call oBag.AddValue(“ret”,strReturn)

      Else

            Call oBag.AddValue(“State”,“GOOD”)

End If

Call oAPI.Return(oBag)

To test it I ran this command cscript c:\temp\newtest.vbs “c:\temp” “xml” 4 saying if there are more than 4 files in the directory and should return BAD state and how many files actual files are in the directory.  This is what I got back.

<DataItem type=”System.PropertyBagData” time=”2009-06-17T10:58:59.3066298-04:00″
sourceHealthServiceId=”B3B5A38D-0DBE-5CA9-592D-B76333A989D8″>
<Property Name=”State”VariantType=”8″>BAD</Property>
<Property Name=”ret” VariantType=”3″>5</Property></DataItem>

Looks good now to test a good condition.  cscript c:\temp\newtest.vbs “c:\temp” “xml” 25 saying if there is more than 25 xml files create an alert.  There is not  more than 25 files so the scom script should return good.

<DataItem type=”System.PropertyBagData” time=”2009-06-17T10:59:34.5256052-04:00″
sourceHealthServiceId=”B3B5A38D-0DBE-5CA9-592D-B76333A989D8″>
<Property Name=”State” VariantType=”8″>GOOD</Property></DataItem>

Ok now we have a good working script and c# executable.  Now we just need to put the script into a monitor and copy the file to the server we want to monitor and we are done.  You can follow these directions if you don’t know how to put the script into a monitor.  https://www.scom2k7.com/create-a-script-based-unit-monitor-in-opsmgr2007-via-the-gui/

So now think of the possibilities.  Anything that can be called from C# can now be monitored in SCOM.  SDKs, APIs, Web Services, are all easily leveraged in C#.    The only downside is you need the executable on the server the monitor is running on, but that could be fixed by having the script to check for the executable and if it wasn’t there you could copy it from a centralized network location.

From http://www.expta.com/2009/06/windows-server-2008-r2-service-pack.html

You may have known that Windows Server 2008 RTM shipped as Service Pack 1. This is because the Windows Server 2008 code base is shared by Windows Vista, and Windows Vista was at SP1 when 2008 shipped. Windows Server 2008 SP2 was released on May 26, 2009 and was the first service pack you can actually apply to Windows Server 2008.

Unlike Windows Server 2003 R2, which was based on the same code base as Windows Server 2003 SP1, Windows Server 2008 R2 is based on an entirely different code base (Windows 7). The Windows 7 code base is derived from Vista, but is actually a seperate kernel. This change in strategy was required to address challenges that 2008 R2 faced, such as hardware platforms with many processor cores and new power saving features that couldn’t be addressed by keeping the same kernel as Server 2008.

For this reason, Windows Server 2008 R2 RTM will ship as service pack level SP0, not SP1.

Good to know as I plan on upgrading all of my SCOM R2 Servers to Windows 2008 R2.