Empowering Users with System Center 2012 Service Manager and Orchestrator ( Part 1 of 5 )

Are there certain IT Service Requests that you wish users could perform themselves to free up some of your time? 

This month, we’re joined by Nathan Mertz, Principal Consultant at Bennett Adelson in Cleveland OH.  In this first article in a 5-part series, Nathan will walk us through the process of leveraging System Center 2012 to automate common IT Service Requests using System Center 2012 Service Manager and Orchestrator.

Hope you enjoy!

Keith

----------

If your shop is like ours, I’m sure there’s lots of little tasks that end users request that tie up a good portion of your day, probably because many of those requests require Admin rights to complete.  What if you could automate those requests so that these tasks could be safely completed without requiring your manual intervention? 

Wow! I could get back all sorts of time to spend on other projects!

This is exactly the kind of automation that System Center 2012 can provide!  In this article series, we’ll look specifically at two components of System Center 2012:

  • System Center 2012 Service Manager
  • System Center 2012 Orchestrator

Together, these components can be used to quickly define and automate routine admin tasks to empower users with the ability to safely complete their own service requests.

Let’s start with a real-world scenario …

In my environment, we have lots of developers and frequently they need to add special service accounts to the local Administrators group on a set of pilot development PCs.  Of course, my developers don’t have local Admin rights to these PCs themselves, and I’d like to automate this process so that I don’t need to do it myself.  Once I’m done automating this process, I’d like developers to be able to submit the request via a Service Request form in System Center 2012 Service Manager and have the request performed automatically for them.

Note that this is just one example in my environment of a real-world application for Service Request automation.  I'm sure that you have lots of other common examples of IT Service Requests in your shop that you can automate using this same approach.

Here’s the tasks we’ll be performing …

To automate this process, we can use the following 5 tasks:

  1. Create a Runbook in System Center 2012 Orchestrator
  2. Define a connection between System Center 2012 Service Manager and Orchestrator
  3. Import the Runbook via the connection
  4. Add the Runbook to a Service Request
  5. Publish the Service Request

In this article, as part 1 of a 5-part article series, we’ll focus on an overview of the first task above.  Be sure to follow this series for a walk-through of all of the other tasks above to complete this scenario.

Create a Runbook in System Center 2012 Orchestrator

To begin this scenario, please make sure you have the System Center Integration Pack for Active Directory installed in the System Center 2012 Orchestrator Deployment Manager as shown below. The AD Integration Pack can be downloaded for FREE in the Microsoft Download Center.

SCORCH01

  1. Open the System Center 2012 Orchestrator Runbook Designer and Create an Initialize Data Control in a new Runbook.  Make sure to include the details shown below.
     
    SCORCH02
     
  2. Add the User Control from Active Directory with the details below.
     
    SCORCH03
     
  3. Add the Computer Control from Active Directory with the details below.
     
    SCORCH04
     
  4. Add a Run Program activity to the Runbook that will execute the following command:
     
    NET LOCALGROUP Administrators {Sam Account Name} /{Type}
     
    SCORCH05
     

Final Orchestrator Runbook Layout …

The final Runbook layout for the controls and activities we’ve added should resemble the below diagram.  We’ll be leveraging this Runbook in the future articles in this series to complete the automation of our scenario.

SCORCH06

What’s Next?

In Part 2 of this series, we’ll be continuing with the second task in our scenario to define a connection between System Center 2012 Service Manager and Orchestrator.  Be sure to follow this series on our technical blog at: https://bennettadelson.wordpress.com/.

Try it Yourself!

Do It: In the meantime, below are resources that you may leverage to complete the Runbook steps above using System Center 2012 Orchestrator in your own lab environment …

About Nathan Mertz …

Nathan Mertz is a Principal Consultant at Bennett Adelson in Cleveland OH.  Throughout his career, Nathan has focused on architecting and implementing solutions for Identity and Access Management using Active Directory, System Center and Forefront technologies.  Nathan is a regular contributor to the IT Pro community within the US Heartland and is also a Subject Matter Expert on Bennett Adelson’s technical blog at https://bennettadelson.wordpress.com/.