Automate Sealing SCOM Management Packs

  • Article

Sealing Management Packs in SCOM requires that you manually type in several paths into the commands you run. If you want to save previous versions this would cause additional changes to command line or manually copying prior versions before sealing again.

Here is a technet article on sealing Management Packs. https://technet.microsoft.com/en-us/library/bb309498.aspx

This is a sample of how one may automate the sealing process to reduce errors and retain version folders for history.

Lets get started.

Create a folder named MPStore and copy MPSeal.exe and sn.exe to that folder.

Create a folder named MP in the MPStore folder and copy all referenced Management packs to this directory.

Create a file names sealMP.cmd in the MPStore folder and copy the contents below into the file and save. Change /Company "Your Company" with your company name in quotes.

set var=0

set var1=1

 

:versioncheck

set /a var =%var%+%var1%

if EXIST %1\V%var% goto versioncheck

 

if %var% GTR %var1% goto sealmp

 

REM Make new directories

md c:\MPStore\%1\V1

md c:\MPStore\%1\V1\key

 

sn -k c:\MPStore\%1\V1\key\PairKey.snk

sn -p c:\MPStore\%1\V1\key\PairKey.snk c:\MPStore\%1\V1\key\PubKey

sn -tp c:\MPStore\%1\V1\key\PubKey

 

:sealmp

REM V1 Existed so do not run sn.exe

REM make new directories

md c:\MPStore\%1\V%var%

md c:\MPStore\%1\V%var%\input

md c:\MPStore\%1\V%var%\output

 

REM gets first xml file in app folder root.

for /F "delims=" %%a in ('dir /b "c:\MPStore\%1\*.xml"') do set varfile=%%a

 

move c:\MPStore\%1\%varfile% c:\MPStore\%1\V%var%\input

mpseal c:\MPStore\%1\V%var%\input\%varfile% /I "c:\MPStore\MP" /Keyfile "c:\MPStore\%1\V1\key\PairKey.snk" /Company "Your Company" /Outdir "c:\MPStore\%1\V%var%\output"

 

:ending

 

REM verify output MP file was created in output directory for new version.

 

You should have folders that resemble this:

 

Now you are ready to seal your Management Packs.

Create a folder with your application name (Example: MyWebApp) and copy your unsealed Management pack to this new folder.

Open a command prompt (run as administrator – elevated).

Change to the MPStore directory and run sealmp.cmd MyWebApp.

This will create your key by running sn.exe and will seal the FIRST xml file if finds in the MyWebApp folder.

  • ·         Unsealed MP will be moved to the V1\input folder.
  • ·         Key will be stored in V1\key folder.
  • ·         Sealed MP will be created in V1\output folder.

When you need to modify that MP simply copy your unsealed MP from the V1\input folder to a working folder where you can modify and then increment the MP version. Copy the updated unsealed MP to the MPStore\MyWebApp folder and run sealmp.cmd MyWebApp.

Note the following:

  • ·         Unsealed MP will be moved to the V2\input folder.
  • ·         Key will be used from the V1\key folder. Uses original key from first run for each subsequent seal.
  • ·         Sealed MP will be created in V2\output folder.

 

Now you have one location that will contain all of your custom Management packs along with version folders for history of each management pack sealed.

I would recommend backing up your MPStore folder to ensure you can recover your custom Management packs should the need arise.