How to determine if your agents are firewalled from specific Management Servers

  Had an interesting request – Customer is migrating agents from a complex environment into new management groups.  Before they did this – they wanted to ensure that agents were not firewalled off from the new management servers.  This can be a monumental task in large environments, especially with unique gateway and firewall deployments.  …

1

Testing to see if a port is open to a SCOM server when you don’t have Portqry or Telnet

  Something that I run across a lot in helping clients test connectivity issues in firewalled environments, is “is there a firewall blocking port 5723 traffic?” In the past we would use tools like Telnet, or Portqry to test port connectivity, but often this is not installed and not easily available.  Luckily, we always have…

2

Awesome new transform tool available for testing SCOM scripts from MP’s

  A new tool is available to quickly help you test scripts out of SCOM management packs.   https://www.scom2k7.com/quickly-fix-scom-scripts-from-exported-management-packs-with-transform-tool/   This will remove or “unescape” the special characters that are not allowed in XML, back to the original characters so the script can be run, quick and simple.      

1

Get All SCOM Rules and Monitors, with their Alert details to a CSV

  Quick Download: https://gallery.technet.microsoft.com/Get-All-SCOM-Rules-853ecfde   This is a script that will generate a list of all Rule and Monitors in a SCOM deployment. It will also gather important information, like if the workflows generates an alert or not, and the details of the alert like default priority and severity. Rules: DisplayName (of the rule) Name…

3

Assigning Gateways and Agents to Management Servers using PowerShell

  Just publishing some common PowerShell agent and Gateway assignment commands I use on a frequent basis for SCOM:   A common issue I find in customer environments, is that they do not set their agents to be able to fail over to multiple Gateways, or they do not set their Gateway servers to be…

1

MP Update: Windows Server 2016 MP version 10.0.21.0

  Quick download:  https://www.microsoft.com/en-us/download/details.aspx?id=54303 This MP contains several updates and fixes, depending on what version you are currently running.   1.  Time Sync Monitoring The MP contains a relatively new monitor for Time Accuracy: This monitor was very noisy in previous versions of this MP.  Changes made:  This now ships disabled out of the box. …

1

How to multihome a large number of agents in SCOM

  Quick download:  https://gallery.technet.microsoft.com/SCOM-MultiHome-management-557aba93   I have written solutions that include tasks to add and remove management group assignments to SCOM agents before: https://blogs.technet.microsoft.com/kevinholman/2017/05/09/agent-management-pack-making-a-scom-admins-life-a-little-easier/   But, what if you are doing a side by side SCOM migration to a new management group, and you have thousands of agents to move?  There are a lot of…

12

Implementing TLS 1.2 enforcement with SCOM

    Quicklinks:  Download Script  Download Management Pack   This is a requirement that I see is picking up steam with customers.  Customers are getting told by their security teams that they need to support their application and database servers using TLS 1.2 only, and no previous protocols enabled for SCHANNEL communications.   The good…

1

Deleting and Purging data from the SCOM Database

    First, I have to begin with a disclaimer – Microsoft does not support customers manually editing the database, unless under the guidance of a Microsoft support engineer with a support case. However, I have seen several blogs now “leaking” this guidance I send out or use from time to time…. so it is…

2

UR5 for SCOM 2016 – Step by Step

  KB Article for OpsMgr:  https://support.microsoft.com/en-us/help/4090987/update-rollup-5-for-system-center-2016-operations-manager Download catalog site:  http://www.catalog.update.microsoft.com/Search.aspx?q=4090987 Updated UNIX/Linux Management Packs:  https://www.microsoft.com/en-us/download/details.aspx?id=29696 Recommended hotfix page:  https://blogs.technet.microsoft.com/kevinholman/2009/01/27/which-hotfixes-should-i-apply/     NOTE:  I get this question every time we release an update rollup:   ALL SCOM Update Rollups are CUMULATIVE.  This means you do not need to apply them in order, you can always just apply…

10

Monitoring AD Certificate Services on Windows Server 2012 R2 and Windows Server 2016

  We have management packs for Active Directory Certificate Services on Windows 2012R2 and Windows 2016.  WS 2012 and 2012R2:  https://www.microsoft.com/en-us/download/details.aspx?id=34765 WS 2016:  https://www.microsoft.com/en-us/download/details.aspx?id=56671   However, there is an issue with the recently released ADCS MP for WS 2016.  A change was made in the library MP which modified some class property names.  This breaks…

2

What versions of SCOM can be upgraded to Operations Manager 1801?

    If you would like to move your SCOM deployment on to the Semi-Annual Channel, what versions does Microsoft support moving from? The answer is here:  https://docs.microsoft.com/en-us/system-center/scom/plan-system-requirements?view=sc-om-1801#supported-coexistence   There are two methods to get to SCOM 1801: Migration (parallel install with coexistence) In Place Upgrade Both are supported.   System Center Operations Manager 1801…

6

Operations Manager 1801 – Quickstart Deployment Guide

  There is already a very good deployment guide posted on Microsoft Docs here:   https://docs.microsoft.com/en-us/system-center/scom/deploy-overview?view=sc-om-1801   The following article will cover a basic install of System Center Operations Manager 1801.   The concept is to perform a limited deployment of OpsMgr, only utilizing as few servers as possible, but enough to demonstrate the roles and capabilities. …

10

Operations Manager 1801 is available!

    This is a major change from all previous versions of SCOM.  Operations Manager 1801 is the first release of SCOM built on the Semi-Annual Channel release cycle.  All new features and updates will now be delivered in this Semi-Annual Channel (SAC), following the same Semi-Annual release cycle that Windows Server is using.   …

0

Using Hashtables in your SCOM scripts

    When we work with getting data out of SCOM via PowerShell, or building automations, something that can really help speed things up are Hashtables.   I was recently working with a customer to build a discovery for a new class, and get properties from other existing classes.  I had to build an array…

3

VSAE now supports Visual Studio 2017

  System Center Visual Studio Authoring Extensions (VSAE) has been updated for VS2017   https://www.microsoft.com/en-us/download/details.aspx?id=30169   Read more about it here:  https://blogs.technet.microsoft.com/momteam/2017/12/01/system-center-visual-studio-authoring-extensionvsae-support-for-visual-studio-2017/   You voted.  Microsoft responded.  This had over 700 votes on Uservoice: https://systemcenterom.uservoice.com/forums/293064-general-operations-manager-feedback/suggestions/18560653-updated-vsae-to-support-visual-studio-2017   Version 1.3.0.0 is released on 11/29/2017. 

2

UR14 for SCOM 2012 R2 – Step by Step

    KB Article for OpsMgr:  https://support.microsoft.com/en-us/help/4024942/update-rollup-14-for-system-center-2012-r2-operations-manager Download catalog site:  http://www.catalog.update.microsoft.com/Search.aspx?q=4024942 UNIX/Linux Management Packs:  https://www.microsoft.com/en-us/download/details.aspx?id=29696   NOTE:  I get this question every time we release an update rollup:   ALL SCOM Update Rollups are CUMULATIVE.  This means you do not need to apply them in order, you can always just apply the latest update.  If you…

24

Alerting on SNMP traps in SCOM – Without discovering the SNMP Device

  Well, sort of, anyway.    I have written on SNMP monitoring in SCOM a few times: https://blogs.technet.microsoft.com/kevinholman/2011/07/20/opsmgr-2012-discovering-a-network-device/ https://blogs.technet.microsoft.com/kevinholman/2015/02/03/snmp-trap-monitoring-with-scom-2012-r2/ https://blogs.technet.microsoft.com/kevinholman/2015/12/16/how-to-discover-a-windows-computer-as-a-network-device-in-scom-2012/ https://blogs.technet.microsoft.com/kevinholman/2016/04/20/writing-a-custom-class-for-your-network-devices/   This one will be a little different. One of the challenges I have heard many times with SCOM – is that we must discover a network device, in order to monitor or receive…

5

UR4 for SCOM 2016 – Step by Step

    KB Article for OpsMgr:  https://support.microsoft.com/en-us/help/4024941/update-rollup-4-for-system-center-2016-operations-manager Download catalog site:  http://www.catalog.update.microsoft.com/Search.aspx?q=4024941 Updated UNIX/Linux Management Packs:  https://www.microsoft.com/en-us/download/details.aspx?id=29696 Recommended hotfix page:  https://blogs.technet.microsoft.com/kevinholman/2009/01/27/which-hotfixes-should-i-apply/     NOTE:  I get this question every time we release an update rollup:   ALL SCOM Update Rollups are CUMULATIVE.  This means you do not need to apply them in order, you can always just…

39

Using SCOM AD integration – but with a CMDB instead of LDAP wizards

    AD integration has been around since SCOM 2007 first shipped.  The concept is simple – the ability to deploy agents as part of a build process to the OS, but with the SCOM agent left un-configured.  Then the SCOM agent checks with Active Directory in its local domain, and received management group and…

1