Delete Inactive Agents from Operations Manager
Many times, we would like to clean inactive agents from Operations Manager automatically. But Operations Manager has no option to clean or display inactive agents on console. I will explain how can you analyze Operations Manager agent healthy and accessible. You can use this script in Orchestrator to clean inactive agents automatically.
We will write custom PowerShell script to analyze inactive agents. I will explain every script part.
High steps;
- Prerequisites
- Writing Custom PowerShell script
Detailed steps;
Prerequisites,
In this script, we will test connectivity of an agent. If we couldn't connect to agent, then we will test DNS Name resolution of this agent. So, we need DNS aging and scavenging options have to be active. When this option active, DNS records (dynamically registered records) removed from DNS database automatically. By default, aging and scavenging of resource records is disabled. These options must be enabled, both at the DNS Server and on the zone. You can read details about aging and scavenging here. If you enable these options, removed servers resource records deleted automatically by DNS Server.
If you have any agents that can't be resolve hostname – IP address information, you may add hostname – IP address information on hosts file located in management server. Because our script test DNS name resolution and connectivity with ping command. If you don't add address information to DNS Server or hosts file, you can delete active agents that running on workgroup or another domain.
Writing Custom PowerShell script,
First we need to add some assemblies to our script to connect and manage operations manager.
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.OperationsManager.Common") [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.OperationsManager") |
With the following code block we will connect to the one of the management server with current credentials.
$MGConnSetting = New-Object Microsoft.EnterpriseManagement.ManagementGroupConnectionSettings("scomserver.fqdn.name") $MG = New-Object Microsoft.EnterpriseManagement.ManagementGroup($MGConnSetting) $admin = $MG.Administration |
At this part, we collect all of agents managed by Operations Manager.
$agentManagedComputerType = [Microsoft.EnterpriseManagement.Administration.AgentManagedComputer]; $genericListType = [System.Collections.Generic.List``1] $genericList = $genericListType.MakeGenericType($agentManagedComputerType) $agents = Get-SCOMAgent $Inacti = new-object $genericList.FullName $Inacti.Clear() $Unreach = new-object $genericList.FullName $Unreach.Clear() |
Now, time to test computer-agent connectivity. We will use test-connection PowerShell cmdlet to test computer connectivity. We add every agent object to the "$Inacti" array that can't be connect. At the end of foreach cycle, we will have a list that cannot connect to the agents.
foreach ($agent in $agents) { if (Test-Connection -ComputerName $agent.DisplayName -Quiet -Count 1) { ## Server is Accessible } else { $Inacti.Add($agent); } } |
In this ForEach loop we test name resolution of every inactive agents. If no ip address return of server then we add this agent $Unreach array.
foreach ($InActiveAgent in $Inacti) { $ip = (Resolve-DnsName -Name $InActiveAgent.DisplayName -ErrorAction SilentlyContinue).IPAddress if ($ip.Length -le 0) { $Unreach.Add($InActiveAgent) } } |
If $Unreach list has more than 0 agent information, these agent removed with the following part of script.
if ($Unreach.Count -gt 0) { $genericReadOnlyCollectionType = [System.Collections.ObjectModel.ReadOnlyCollection``1] $genericReadOnlyCollection = $genericReadOnlyCollectionType.MakeGenericType($agentManagedComputerType) $agentReadOnlyCollection = new-object $genericReadOnlyCollection.FullName @(,$Unreach); $admin.DeleteAgentManagedComputers($Unreach) } |
You should be careful when you running this script. If you have any problem with name resolution on your network, you can delete active agents accidentally.
Complete script:
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.OperationsManager.Common") [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.OperationsManager") $MGConnSetting = New-Object Microsoft.EnterpriseManagement.ManagementGroupConnectionSettings("scomserver.fqdn.name") $MG = New-Object Microsoft.EnterpriseManagement.ManagementGroup($MGConnSetting) $admin = $MG.Administration $agentManagedComputerType = [Microsoft.EnterpriseManagement.Administration.AgentManagedComputer]; $genericListType = [System.Collections.Generic.List``1] $genericList = $genericListType.MakeGenericType($agentManagedComputerType) $agents = Get-SCOMAgent $Inacti = new-object $genericList.FullName $Inacti.Clear() $Unreach = new-object $genericList.FullName $Unreach.Clear() foreach ($agent in $agents) { if (Test-Connection -ComputerName $agent.DisplayName -Quiet -Count 1) { ## Server is Accessible } else { $Inacti.Add($agent); } } foreach ($InActiveAgent in $Inacti) { $ip = (Resolve-DnsName -Name $InActiveAgent.DisplayName -ErrorAction SilentlyContinue).IPAddress if ($ip.Length -le 0) { $Unreach.Add($InActiveAgent) } } if ($Unreach.Count -gt 0) { $genericReadOnlyCollectionType = [System.Collections.ObjectModel.ReadOnlyCollection``1] $genericReadOnlyCollection = $genericReadOnlyCollectionType.MakeGenericType($agentManagedComputerType) $agentReadOnlyCollection = new-object $genericReadOnlyCollection.FullName @(,$Unreach); $admin.DeleteAgentManagedComputers($Unreach) } |