I’m Now a Microsoft Certified Solutions Expert (MCSE): Private Cloud
Yesterday, I completed the last exam: 70-247: Configuring and Deploying a Private Cloud with System Center 2012. With all the previous exams that I took over last few months, I’m now a MCSE: Private Cloud.
Being technical in I.T industry means I always have to keep myself up to date with the latest technologies and certifications. 2012 in particular has been very busy for me. Firstly, I became a dad in June, 2012. Secondly, we can all recall how many products that Microsoft has released in 2012! I started studying and preparing for exams around March, April 2012 during my spare time. Now, just a little bit over 1 year, I have completed the following exams during this period:
70-243: Administering and Deploying System Center 2012 Configuration Manager
70-410: Installing and Configuring Windows Server 2012
70-411: Administering Windows Server 2012
70-412: Configuring Advanced Windows Server 2012 Services
70-246: Monitoring and Operating a Private Cloud with System Center 2012
70-247: Configuring and Deploying a Private Cloud with System Center 2012
With these exams, I’ve earned 3 certification:
- Microsoft Certified Technology Specialist (MCTS): Administering and Deploying System Center 2012 Configuration manager
- Microsoft Certified Solutions Associate: Windows Server 2012
- Microsoft Certified Solutions Expert: Private Cloud
In terms of taking exams, it should be done and dusted for me for a while (unless Microsoft releases other System Center related certificates in the near future).
What’s next?
There are few books that I really want to have a good read, i.e. SCOM 2012 unleashed book and the upcoming Orchestrator Unleashed book. I’m also planning to start working on updating the OpsMgr Self Maintenance management pack very shortly. And with the System Center 2012 upgrade project at work, I will definitely still be very busy.
Unable to Launch SCVMM 2012 Console
I was planning to continue on my 70-247 exam preparation tonight, but I couldn’t launch VMM 2012 console from any computers in my lab. So things didn’t turn out as planned. Lucky I’ve figured out the issue now after 4 hours troubleshooting. It’s just passed midnight, still one hour until my bed time, so I thought I’ll quickly document the issue.
When I tried to launch VMM using an account with Full Administrator rights, the console got stuck on below screen during load and would not go any further:
I also found out if I use an account which is a member of a Delegated Admin role that I’ve created called “Cloud Admin”, although it also got stuck on this screen, but the console would eventually load after 10-15 minutes.
Long story short, after spent my entire night troubleshooting, I noticed there were few job got stuck on “Running” state by querying the database using below query:
SELECT * FROM [VirtualManagerDB].[dbo].[tbl_TR_TaskTrail] where TaskState = 'Running'
All of these running jobs were trying to run the VMM cmdlet Get-SCOpsMgrConnection. It seems each of this job is associated to a console connection attempt. I then tried to manually run this cmdlet from a PowerShell console, it also got stuck.
My OpsMgr management group consists 4 management servers and I’ve created a NLB cluster for the Data Access Service. I have configured OpsMgr integration in VMM using the NLB name a while back and the VMM console was working this morning before I went to work. I checked my OpsMgr servers, they are all healthy and I am able to connect to OpsMgr console using the NLB name from a Windows 8 machine. I’m not sure at this stage what’s causing it.
In order to get VMM consoles fixed as soon as possible, I’ve taken the following steps:
1. Kill all VMM console connections via task manager on all the machines that are trying to connect.
2. Restart System Center Virtual Machine Manager service on the VMM server in order to get rid of these running jobs
3. Use PowerShell cmdlet Remove-SCOpsMgrConnetion –force to remove the OpsMgr connection
4. Confirm the OpsMgr connection is removed from the database by running below SQL query:
SELECT * FROM tbl_MOM_OMConnection
5. I restarted VMM service again just to be safe
Now I can open VMM console from any computers on my network 
I’ll try to add OpsMgr connection back in later. It’s bed time now…
Missing Virtual Machines After An Unexpected Shutdown of Hyper-V Host
I’m not having any luck with computers lately. This is why all my recent posts are related to my troubleshooting experience.
Yesterday morning, there were some tradies working in my house fixing a leakage in my shower. I was just about to get in the car leaving home for the MS 70-246 exam, they connected some tools to a powerpoint and popped the safety switch. Therefore all my computers got shutdown unexpectly. I quickly switch the safety switch back on and left home.
After I came home few hours later, I turned all the computers back on and made sure all VM’s were up and running.
Today is a public holiday in Australia and New Zealand, and since I’ve just passed a exam yesterday after 2 months of study, I was going to spend some time with my daughter and trying to stay away from doing more work in the lab.
Unfortunately, my day didn’t turnout as what I’ve planned. This morning, I noticed there were around 15 VMs missing from one of my Windows Server 2012 Hyper-V hosts. I had 21 VMs running on that box and I could only see 6. all the rest were gone from the Hyper-V console.
On this Hyper-V server (named HYPERV01), there are 3 SATA disks and 2 SSDs hosting VMs. I found out all VMs from 2 out of 3 SATA drives went missing.
I checked C:\ProgramData\Microsoft\Windows\Hyper-V\Virtual Machines and all the symbolic links for VM’s are still there. Below errors were logged in the event log:
According to http://support.microsoft.com/kb/2249906, It could be caused by insufficient NTFS permissions. I double, triple checked NTFS permissions, and used icacls command to assign virtual machine SID permission to VHDs and XMLs (as suggested in the KB), it didn’t help.
Another KB, http://support.microsoft.com/kb/969556 suggests it’s caused by Intel IPMI driver. Although I’m running Windows Server 2012, not 2008 R2, I still downloaded Intel’s ResetAccess utility as suggested in the KB but it couldn’t run on Windows Server 2012.
KB961804(http://support.microsoft.com/kb/961804) reckons it’s caused by antivirus on access scan and exclusion list. I’m using SCEP (System Center Endpoint Protection) which comes with SCCM 2012. I previously configured exclusion using the Hyper-V antimalware policy template that comes with SCCM, and on top of what’s in the template, I’ve also added few file extensions to the policy (.VHD; .VHDX; .AVHD). However, I didn’t add .XML file type and the path to where VM’s are stored. I couldn’t go to SCCM and fix up the policy – because the Central and the primary site server where my Hyper-V is reporting to are among those 15 missing VM’s.
I didn’t configure to allow users to override SCEP on-access scan settings and exclusion list. So there is no way I could configure SCEP. I’ve then uninstalled SCCM client using “ccmsetup /uninstall” and and uninstalled SCEP agent from Programs and Features in Control panel. I rebooted HYPERV01 after the uninstallation.
After reboot, nothing’s changed. Still not fixed. I then spent next 5-6 hours tried many things including copying all VM’s out of a problematic drive and the reformatted the drive…
I also found in VMM console, the 2 problematic disks (D:\ and E:\) did not show up in the Hyper-V server properties:
Under the Storage tab, it showed these 2 drives have 0 GB available but in fact, both of them only have around 200 GB data on the 1 TB drives.
I tried to re-import the missing VM’s back, but I got this error:
Finally, at 11:00pm, I managed to fix the issue. I uninstalled “Windows Firewall Configuration Provider” from Programs and Features
According to some Google search results, it is a part of SCEP client. After uninstallation and a reboot, all my VM’s appeared in the Hyper-V console:
For those VMs that were copied back to the formatted drive, I had to configure NTFS permission as per KB2249906 before they could be started (because during the copying processes, the VM SID has lost access). (Tip: use /T switch in icacls command to apply the permission to all files and folders below).
Now I’ll have to put SCCM client back on and re-configure Hyper-V antimalware policy. I’ll leave it to tomorrow…
Anyways, this is how I spent my ANZAC day holiday. Maybe it’s time to get few UPS’s for the lab…
Unable to Select VMM Server in Assign Cloud Resources Wizard in Service Manager
In the last few days, I’ve been going through the labs from Microsoft’s course 10750A: Monitoring and Operating a Private Cloud with System Center 2012. As part of the lab, I installed the System Center 2012 SP1 version of the Cloud Service Process Pack (CSPP).
Last night, I created a Cloud Resources Subscription Request, and then tried to assign the cloud resources to this request. While I was going through the “Assign Cloud Resources” wizard, I got stuck because my VMM server does not show up in the drop down list:
This has really annoyed me as it’s hard for me to find time to study and prepare for the exam with all the stuff going on at work. The only time I can study is from 9:30pm to 1:00am – after my daughter went to bed… the last thing I want to see at 12:00 mid night is an error stop me from going through the lab.
Anyways, after spending some time on google, I found people are having same issues as me and posted the question on the TechNet forum. As suggested in the forum thread, the issue is the VMM 2012 Discovery management pack.
In my case, this MP was not selected in the SCOM CI connector in Service Manager. I couldn’t select it because it was greyed out in the connector. It was greyed out because the version of the MP loaded in Service Manager was 3.0.6005.0 and the version loaded in OpsMgr is 3.1.6011.0.
According to this article, 3.0.6005.0 is the build number for VMM 2012 RTM and 3.1.6011.0 is the build number for VMM 2012 SP1 RTM. Looks like the VMM MP author is trying to match the VMM build version and MP version.
Version 3.0.6005.0 comes with the SP1 version of the Cloud Service Process Pack. Thus this was the one I imported in to Service Manager.
Version 3.1.6011.0 comes with VMM 2012 SP1 installation (located on the VMM server, under <VMM Installation directory>\ManagementPacks directory), and it has been previously imported into my OpsMgr management group.
I also found out the VMM 2012 management pack on Microsoft’s management pack catalog (http://systemcenter.pinpoint.microsoft.com) is version 3.0.6019.0, which is different again…
After I imported version 3.1.6011.0 to Service Manager (because it’s the latest version and it’s the version in OpsMgr), I was able to select VMM 2012 Discovery MP in the OpsMgr CI connector:
I went to bed after I manually kicked off the connector synchronisation, this morning, the VMM server address appeared in the wizard:
Well, I guess it’s all part of the learning. Since I’m still pretty new to Service Manager, I’m not sure how many people in System Center community already know this issue. This post is more like a note to myself. I’m not sure why Microsoft included a very old version of the VMM MP in the most recent release of the Cloud Service Process Pack (which was only released last month).
Failed to Connect to VMM 2012 via Service Manager Connector and Orchestrator VMM Integration Pack
I was thinking about how I can make my study room quieter and cooler as I had 4 desktop machines under my desks. The VMM server in my lab was running on a very old PC. Couple of weeks ago I bought a HP Proliant N54L Microserver and rebuilt the VMM server on it. I put a 128GB SSD (For OS and all the apps), a 1TB SATA (For VMM Library) and 2x4GB DDR3 memory sticks on it, it runs so quiet, I can hardly hear it.
HP Proliant N54L:
Yesterday, I was going through the labs for Microsoft exam 70-246: Minotoring and Operating a Private Cloud with System Center 2012 and I ran into issues that I could not create a VMM connector to connect to my new VMM server from Service Manager. I got a very simple error message: “Cannot connect to VMM server <vmm server name>”
While I was troubleshooting it, I realised 2 other issues:
1. I couldn’t create a PowerShell remote session to my VMM server using PowerShell command like:
New-PSSession –ComputerName <VMM server FQDN> –Credential <Service Manager VMM Connector Account>
2. After I have created a connection to the new VMM server in the Orchestrator VMM integration pack, I modified an existing test runbook called “Get Cloud” to use the new connection, and it also failed.
All of these worked fine on the old VMM server, WinRM is configured exactly the same between old and new VMM severs because it configured in a domain GPO.
Both these errors were related to some kind of Kerberos authentication errors. (It was very late at night, I forgot to take screenshots while I was troubleshooting it).
After few hours troubleshooting, I have found the problems:
1. During VMM install, I installed SQL server on the VMM server. I somehow installed SSRS (SQL Server Reporting Services) as well although it’s not required for VMM. I had SSRS running on a service account and I have registered the SPN’s for SSRS (i.e. setspn.exe –A http/<VMM server Name> <Service Account>). I realised SSRS was installed by mistake, so I uninstalled it. As soon as I removed the SPN’s for the http service (for SSRS), PowerShell remote sessions started to work. – because PS Remoting also uses http.
2. I then tried to run the VMM PowerShell cmdlet Get-SCVMMServer in the remote shell against the VMM server and I got an error:
The type or name syntax of the registry key value IndigoTcpPort under Software\Microsoft\Microsoft System Center Virtual Machine Manager Administrator Console\Settings is incorrect.
Luckily I found this blog article. In my VMM server’s registry, the value IndigoTcpPort under HKLM\SOFTWARE\Microsoft\Microsoft System Center Virtual Machine Manager Administrator Console\Settings is a REG_SZ (string) with no value configured. After I deleted it and recreated a REG_DWORD with value 1fa4 (which is hexadecimal for 8100), everything started working. The Get-SCVMMServer cmdlet worked fine. Service Manager VMM Connector was successfully created and Orchestrator runbooks were able to run.
So to summarise what I’ve done. I’ve reviewed and removed the SPN’s for http service which were originally created for SSRS, and corrected the “IndigoTcpPort” registry value.
It was not how I would like to spend my Saturday night, but I’m glad I’ve got it fixed so I can continue with my study.
OpsMgr Alerts Push Notification to iOS (And Android, And Windows Phone) Devices
Last week, I’ve posted a solution for OpsMgr alerts push notification to Android devices, which was inspired by Stefan Stranger’s post for push notification for Windows Phone devices. Few iPhone lovers at work asked me, “what about iphones?” My response was, “Do I really care?? Why would I spend my time polishing a turd?”
But then I thought, I might as well do it, just to close the circle. Al though I hate any Apple products (except the old 160GB iPod Classic, which I still use), I’ve spent some time to work out how to do the same for iOS devices – Because iOS is still the most popular mobile devices out there…
An iPhone user at work told me he uses an iOS app called Prowl for his NZB or Sick Beard notifications (I wasn’t really sure exactly, don’t really spend too much time watching TV)…
So I’ve modified the PowerShell script to utilize Prowl API as well.
Luckily my partner has a spare first generation iPad doing nothing because she’s now using an iPad 3, I’m able to use this old iPad for testing.
I’ll now go through the steps to setup Prowl first, the command notification channel is pretty much the same with my previous post (I’ll go through what’s changed).
1. Firstly, buy and download Prowl from Apple App Store for $2.99: https://itunes.apple.com/us/app/prowl-growl-client/id320876271?mt=8&ign-mpt=uo%3D4
2. Go to Prowl’s website and register an account: https://www.prowlapp.com/register.php
3. Logon with the account and generate an API Key:
4. Logon to Prowl on your iOS device.
Now the the iOS device is configured.
Below is the updated PowerShell script used for command notification channel:
Param($os,$apikey,$alertname,$alertsource,$alertseverity,$alertTimeRaised,$alertdescription)
# Enter the name of the application the notification originates from.
$application = "OM2012"
# Enter The event that occured. Depending on your application, this might be a summary, subject or a brief explanation.
$event = "OM2012 Alert"
Switch ($alertseverity)
{
"2" {$strSeverity = "Critical"}
"1" {$strSeverity = "Warning"}
"0" {$strSeverity = "Information"}
}
# The full body of the notification.
$description = @"
AlertName: $alertname
Source: $alertsource
Severity: $strSeverity
TimeRaised: $alertTimeRaised
Description: $alertDescription
"@
#description maximum length is 10000, truncate it if it's over
If ($description.length -gt 10000)
{
$description = $description.substring(0,10000)
}
#You can enable the write-eventlog for logging purposes.
#write-eventlog -LogName Application -source MSIInstaller -EventId 999 -entrytype Information -Message $description
# An optional value representing the priority of the notification.
$priority = "-2"
# Specifies the responsetype you want. You can currently choose between JSON or XML (default)
$type = "json"
$os = $os.tolower()
Switch ($os)
{
"android" {$uri = "http://notifymyandroid.com/publicapi/notify?event=$event&priority=$priority&application=$application&description=$description&apikey=$apikey&type=$type"}
"windows" {$uri = "http://notifymywindowsphone.com/publicapi/notify?event=$event&priority=$priority&application=$application&description=$description&apikey=$apikey&type=$type"}
"ios" {$uri = "http://api.prowlapp.com/publicapi/add?event=$event&priority=$priority&application=$application&description=$description&apikey=$apikey&type=$type"}
}
#Invoke-WebRequest -Uri $uri
$response = [System.Net.WebRequest]::Create($uri)
$response.GetResponse()
The script can also be downloaded here.
I have made the following changes to the script:
1. Windows PowerShell version 3 is no longer a requirement.
As we all know, Microsoft has removed Windows Management Framework 3.0 update for operating systems earlier than Windows 8 & Server 2012 from WSUS couple of months ago because it breaks many applications including SCCM, SharePoint, etc.. More Info can be found here. I saw someone posted a question in System Center Central’s forum wanting to install WMF 3.0 on OpsMgr management servers just to run this script. So I replaced the PowerShell 3.0 cmdlet Invoke-WebRequest (which was inherited from Stefan’s original script) with a .NET method in System.Net.WebRequest.
2. The original script was displaying alert severity as number (0 = information, 1 = warning, 2 = critical), I’ve updated it to display the actual severity in English rather than number.
3. the $os parameter supports additional value of “ios”.
The command notification setup is exactly the same as the previous version (except OS parameter now supports “ios”):
In my lab, the script is located on D:\Scripts\MobileDevices-Notification on all my management servers, so the setup looks like:
Full path of the command line:
C:\WINDOWS\system32\windowspowershell\v1.0\powershell.exe
Command line parameters:
D:\Scripts\MobileDevices-Notification\MobileDevicesPushNotifications.ps1 ‘<mobile device type>’ ‘<API Key>’ ‘$Data/Context/DataItem/AlertName$’ ‘$Data[Default='Not Present']/Context/DataItem/ManagedEntityPath$\$Data[Default='Not Present']/Context/DataItem/ManagedEntityDisplayName$’ ‘$Data/Context/DataItem/Severity$’ ‘$Data/Context/DataItem/TimeRaisedLocal$’ ‘$Data[Default='Not Present']/Context/DataItem/AlertDescription$’
Startup Folder:
D:\Scripts\MobileDevices-Notification
Note:
The script takes the following parameters (in the correct order):
1. OS: support either “ios”, “android” or “windows”
2. API key: generated from either Notify My Windows Phone or Notify My Android website
3. AlertName
4. AlertSource: Addition to Stefan’s script.
5. AlertSeverity
6. AlertTimeRaised
7. Alert Description: Addition to Stefan’s script.
Command line samples (assuming the API key is 1111111111111111):
For iOS devices:
D:\Scripts\MobileDevices-Notification\MobileDevicesPushNotifications.ps1 ‘ios’ ‘1111111111111111’ ‘$Data/Context/DataItem/AlertName$’ ‘$Data[Default='Not Present']/Context/DataItem/ManagedEntityPath$\$Data[Default='Not Present']/Context/DataItem/ManagedEntityDisplayName$’ ‘$Data/Context/DataItem/Severity$’ ‘$Data/Context/DataItem/TimeRaisedLocal$’ ‘$Data[Default='Not Present']/Context/DataItem/AlertDescription$’
For Android devices:
D:\Scripts\MobileDevices-Notification\MobileDevicesPushNotifications.ps1 ‘android’ ‘1111111111111111’ ‘$Data/Context/DataItem/AlertName$’ ‘$Data[Default='Not Present']/Context/DataItem/ManagedEntityPath$\$Data[Default='Not Present']/Context/DataItem/ManagedEntityDisplayName$’ ‘$Data/Context/DataItem/Severity$’ ‘$Data/Context/DataItem/TimeRaisedLocal$’ ‘$Data[Default='Not Present']/Context/DataItem/AlertDescription$’
For Windows phone devices:
D:\Scripts\MobileDevices-Notification\MobileDevicesPushNotifications.ps1 ‘windows’ ‘1111111111111111’ ‘$Data/Context/DataItem/AlertName$’ ‘$Data[Default='Not Present']/Context/DataItem/ManagedEntityPath$\$Data[Default='Not Present']/Context/DataItem/ManagedEntityDisplayName$’ ‘$Data/Context/DataItem/Severity$’ ‘$Data/Context/DataItem/TimeRaisedLocal$’ ‘$Data[Default='Not Present']/Context/DataItem/AlertDescription$’
On my iPad, when an alert has arrived:
And I can also see the details once I opened Prowl:
Similar to the Android and Windows phone APIs, Prowl has a limitation of 1000 notifications per hour from an IP address. I wouldn’t think any healthy OpsMgr environments would hit that limit.
If you’ve already got the notification channel setup for Android device (from my previous post), you can simply replace the script with the new one. and the same script can be used for iOS and Windows phone devices too.
Summary
At this stage, this script would work on all 3 major mobile device types: iOS, Android and Windows Phone by using 3 different push notification API’s:
Windows Phone: Notify My Windows Phone
Android: Notify My Android
iOS: Prowl
Again, thanks Stefan for his original posts and script. Hopefully this script will be adopted by more people as most of the population is still using iOS and Android devices.
Duplicate OpsMgr Alert Notifications Caused by Service Manager’s OpsMgr Alert Connector And Ways Around It.
Background
Few days ago, I posted an article: OpsMgr Alerts Push Notification to Android Devices. In my lab, I have created a subscription to notify me all new critical alerts using this channel:
In the first few days, I wasn’t paying too much attention when every time I get spammed by these push notifications on my phone, 2 days ago, I realised every new critical alerts gets pushed to my phone twice and two notifications are 1-2 minutes apart:
Cause
After some troubleshooting, I found the Service Manager’s OpsMgr Alert Connector is causing this issue. Well, I wouldn’t say it’s a fault or bug, it’s just the way that OpsMgr alert notifications handles alert.
In my lab, I have configured an OpsMgr Alert Connector in Service Manager. As a result, Service Manager updates the OpsMgr alert with a Ticket ID after the alert is generated:
And in alert history tab, you can see Service Manager updated the alert soon after it was initially raised:
Looks like this issue has been identified for a long time. some one has already posted a thread in TechNet forum back in 2009: http://social.technet.microsoft.com/Forums/en-US/operationsmanagergeneral/thread/4d2f7f8f-c616-483e-a5af-8c77f5d20953/
OpsMgr alerts get processed by notification subscriptions every time they are updated. i.e. If I take a critical alert with resolution state of “New” and set the resolution state to “New” again in the OpsMgr console, it will get processed again by subscriptions:
Therefore I wouldn’t blame service manager for this issue.
Possible Solutions
I can think of 3 possible solutions:
1. Put a 3 minutes delay in the OpsMgr alert subscription since Service Manager alert connector is configured to check OpsMgr every 60 seconds.
2. add another criteria to the alert subscription: with a “%” ticket ID – which means ticket ID must match a wildcard (%).
3. Modify the criteria to notify any new critical alert WITHOUT a ticket ID.
Each option has it’s pros an cons.
Option 1 would wait Service Manager 3 minutes so it can process the alert first. However, if the alert is generated by a monitor and the monitor has a recovery task, the alert is probably already closed after 3 minutes and you will not get notified. this may not be the desired result.
Option 2 would only pick up alerts that have already been processed by Service Manager. This adds a unnecessary dependency. If for some reasons Service Manager is down, Ticket ID field in the OpsMgr alert will not get updated, therefore alert subscription will not pick up the alert.
To me, Option 3 makes most of the sense. The subscription should only pick up the “brand new” new critical alerts, before Service Manager updates the Ticket ID. – But, it’s not that easy to configure. Why? because I cannot specify conditions like “and with a NULL ticket ID” via the OpsMgr Console. As you can see below, I can only specify a wildcard match to ticket ID:
Luckily I can do this outside of the console, by directly modifying the OpsMgr “Notification Internal Library” MP. Kevin Holman has an excellent blog post on this topic: Creating granular alert notifications – rule by rule, monitor by monitor.
So I’ve decided that I’m going to go for option 3. I’ll now go through the steps I took to modify the existing alert subscription.
1. Export AND BACKUP the “Notification Internal Library” MP from the OpsMgr console (Microsoft.SystemCenter.Notifications.Internal.xml)
2. Open Microsoft.SystemCenter.Notifications.Internal.xml with a text editor (i.e. Notepad++).
3. Towards the end of the file, in the <LanguagePack> section, find the <DisplayString> associated to the subscription. Make sure the Name in <Name> tag matches the subscription name in the OpsMgr console, and ElementID starts with “subscription”
4. Change the name in <Name> tag, add “-Do Not Change In UI” at the end (As shown above). this is to remind anyone not to change this subscription in the Operations console after it’s imported back.
5. Find the Rule with the same ID as the ElementID for the <DisplayString> taken from step 3. The rule should be under <Monitoring><Rules> tags.
6. Modify the DataSource module of this rule, Add below expression in <Expressions><And> tag:
<Expression>
<UnaryExpression>
<ValueExpression>
<Property>TicketId</Property>
</ValueExpression>
<Operator>IsNull</Operator>
</UnaryExpression>
</Expression>
Before:
After:
7. Save the changes and import the MP back to OpsMgr management group.
8. Wait few minutes for the new configuration to become active. Once it’s active, you will no longer see the criteria in operations console:
Now, when I test this notification by creating a critical alert (using a test alert generating rule I’ve configured previously), I only get 1 notification pushed out to my phone (and it was pushed out before Service Manager updated it):
More Information
MP Schema Reference:
ExpressionType: http://msdn.microsoft.com/en-us/library/ee692979.aspx
ExpressionType (GroupPopulationSchema): http://msdn.microsoft.com/en-us/library/ff472337.aspx
Note: I used UnaryExpression, which is only listed in GroupPopulation Schema ExpressionType. but it worked in this scenario.
Related Blog Articles:
Using Expressions and Wildcards to create groups, author rules and monitors, create console views and notification subscriptions, and in the Command Shell: http://blogs.technet.com/b/jonathanalmquist/archive/2010/10/13/regular-expression-syntax-in-scom-for-filtering-groups-monitor-elements-operational-views-notification-subscriptions-etc.aspx
Creating granular alert notifications – rule by rule, monitor by monitor: http://blogs.technet.com/b/kevinholman/archive/2008/10/12/creating-granular-alert-notifications-rule-by-rule-monitor-by-monitor.aspx
OpsMgr Alerts Push Notification to Android Devices
Update 07 April 2013: I’ve updated this script again to support iOS devices and removed the requirements for PowerShell version 3. The updated script can be found here here.
Background
Stefan Stranger has written a 2-part blog post on how to use Windows Phone push notification for OpsMgr alerts. Stefan’s posts can be found here:
I got so excited about this idea, but I’m a big fan for Android when comes to mobile devices. I am currently using a Samsung Galaxy Nexus phone and a Samsung Galaxy Tab 2 10.1 tablet – both of them are Android devices. So I’ve spent some time to see if I can do the same for Android devices.
It turned out, there is also an app for Android devices, called “Notify My Android” 
. And the API’s for both apps are the same.
Setup Instructions
It’s pretty much the same way to get this setup for Android devices. I’ll now go through the steps to configure push notification for Android devices (and also for Windows Phones):
1. Install “Notify My Android” on Android devices via Google Play
2. Sign up – either from android device or from https://notifiymyandroid.com
3. Generate an API key from https://notifymyandroid.com, under “My Account”
Note:
Stefan mentioned the “Notify My Windows Phone” app costs $1.99. “Notify My Android” app is actually free from Google Play, HOWEVER, after you’ve signed up, your account is only a trail account. the limitation for the trail accounts is that you only get 5 push notifications per day. Premium account has removed this limit It costs one-off payment of $4.99 to upgrade to premium account. the upgrade payment can either be made via Google Play on your android devices or using PayPal via the website. I upgraded my account via Google Play (as I thought it’s easier than using PayPal).
As I have 2 Android devices, I don’t need to create multiple accounts or generate multiple API keys. Once I’ve logged in on both devices using my premium account, the push notifications get delivered to both devices at the same time.
4. copy this script to a unique location on all OpsMgr management servers in the Notifications Resource Pool (by default, this resource pool contains all management servers). In my lab, I have copied the script to D:\Scripts\MobileDevices-Notification on all my management servers. Below is what my updated script look like:
#Requires -Version 3
Param($os,$apikey,$alertname,$alertsource,$alertseverity,$alertTimeRaised,$alertdescription)
# Enter the name of the application the notification originates from.
$application = "OM2012"
# Enter The event that occured. Depending on your application, this might be a summary, subject or a brief explanation.
$event = "OM2012 Alert"
# The full body of the notification.
$description = @"
AlertName: $alertname
Source: $alertsource
Severity: $alertseverity
TimeRaised: $alertTimeRaised
Description: $alertDescription
"@
#description maximum length is 10000, truncate it if it's over
If ($description.length -gt 10000)
{
$description = $description.substring(0,10000)
}
#You can enable the write-eventlog for logging purposes.
#write-eventlog -LogName Application -source MSIInstaller -EventId 999 -entrytype Information -Message $description
# An optional value representing the priority of the notification.
$priority = "-2"
# Specifies the responsetype you want. You can currently choose between JSON or XML (default)
$type = "json"
$os = $os.tolower()
Switch ($os)
{
"android" {$uri = "http://notifymyandroid.com/publicapi/notify?event=$event&priority=$priority&application=$application&description=$description&apikey=$apikey&type=$type"}
"windows" {$uri = "http://notifymywindowsphone.com/publicapi/notify?event=$event&priority=$priority&application=$application&description=$description&apikey=$apikey&type=$type"}
}
Invoke-WebRequest -Uri $uri
I’ve modified Stefan’s script (used in OpsMgr command notification channel) a little bit. Below is a list of what’s changed in my version of the script:
- supports both Windows Phone’s “Notify My Windows Phone” app and Android’s “Notify My Android” app.
- Script is more generic as the API key is not hardcoded in the script, instead, it’s passed into the the script as a parameter.
- Push notification messages contain additional alert information – alert source, alert description. – As both app’s API’s supports maximum 10,000 characters in notification description, the script will truncate the message to 10,000 characters if it’s over the limit.
- Additional parameters are required to be passed into the script. – therefore the OpsMgr command channel is different than Stefan’s version.
5. Setup command notification channel:
Full path of the command line:
C:\WINDOWS\system32\windowspowershell\v1.0\powershell.exe
Command line parameters:
D:\Scripts\MobileDevices-Notification\MobileDevicesPushNotifications.ps1 ‘<mobile device type>’ ‘<API Key>’ ‘$Data/Context/DataItem/AlertName$’ ‘$Data[Default='Not Present']/Context/DataItem/ManagedEntityPath$\$Data[Default='Not Present']/Context/DataItem/ManagedEntityDisplayName$’ ‘$Data/Context/DataItem/Severity$’ ‘$Data/Context/DataItem/TimeRaisedLocal$’ ‘$Data[Default='Not Present']/Context/DataItem/AlertDescription$’
Startup Folder:
D:\Scripts\MobileDevices-Notification
Note:
The script takes the following parameters (in the correct order):
1. OS: support either “android” or “windows”
2. API key: generated from either Notify My Windows Phone or Notify My Android website
3. AlertName
4. AlertSource: Addition to Stefan’s script.
5. AlertSeverity
6. AlertTimeRaised
7. Alert Description: Addition to Stefan’s script.
The command line parameter can be populated by using pre-defined OpsMgr variables:
6. Follow Part 2 of Stefan’s original post to setup Subscriber and Subscriptions.
I cannot test my version of the script against Windows phones because I don’t have one. But I’m fairly confident it should work. From what I can see, the API’s for both apps are exactly the same. Well, the only difference is the URL’s for API calls:
I think in real world, this is a very cost effective solution for alerts notification to mobile devices. According to the API documentations, multiple API keys can be used in a single API call. When using multiple API keys, the API keys needs to be separated by comma. Again, I have not tested this scenario against my script because I don’t really want to spend another $4.99 for another premium account.
If it’s required to setup push notification to multiple people (different mobile devices types, different notify app accounts and different Microsoft / Google accounts, thus different API keys), separate command notification channels need to be created (one per API key or group of API keys).
Below are what I get on my Android devices:
On the phone:
On the tablet:
Limitations
According the the FAQ pages on both websites, there are some limitations that are worth mentioning:
Notify My Windows Phone:
Are there any limitations to the amount of messages I can send?
Yes – The Microsoft Push Notification Service throttles notifications at 500 per 24 hours per device. The messages will however be stored temporarily at NotifyMyWindowsPhone, so they can be retrieved manually by hitting refresh from within the Windows Phone App.
Notify My Android:
Is there a rate limit for using the public API?
Yes. Right now the limit is set to 800 API calls per hour from a given IP. Remember that you can notify multiple API keys on a single API call. Please check the API documentation for more details. Very few applications managed to reach that limit so far, but if you hit the cap too often, feel free to contact us and ask for a developer key.
In my opinion, if you get over 500 messages a day on your Windows phone or 800 in one hour on android devices, there are something seriously wrong with your infrastructure 
or you might want to re-configure alert subscriptions to only notify really critical alerts.
Credit
Big thanks to Stefan for providing such an wonderful solution in the first place. 
OpsMgr Weather Monitoring MP Updated
I got an email from someone up in Sweden the other day in regards to the Weather Monitoring MP that I released few months ago. I’ve been made aware that a negative temperature reading is being recorded as a positive value (i.e. –8 degrees is being collected as 8 degrees).
First of all, apologies for this mistake. I wrote the PowerShell script for the probe action module back in July last year, when most of world was in summer. I didn’t even think about negative values and I couldn’t test it anyway…
Last night, I spent some time fixing the management pack. As I was fixing the code, I also found few other issues due to in consistencies in www.webservicex.net (where the MP is getting the data from). for example, some locations have decimal points in temperature value (i.e. Vancouver, Canada), some locations have multiple <Wind> tags in the return data, etc. oh well, webservicex is a free service so there’s no point bagging them for inconsistencies.
Below is a list of bugs that are fixed in this release (1.0.1.0):
- Incorrect temperature collected when the reading is below zero
- Incorrect temperature collected when the reading contains decimal points
- script error when pressure reading is not within <pressure> tag (i.e. Vancouver, Canada uses <PressureTendency> tag). in this situation, pressure reading is not probed.
- fixed wind direction and speed probe when there are multiple <Wind> tags in the result.
- Agent task not displaying wind speed in KM/H
- Updated temperature related performance views to display negative temperature readings.
Note:
I’ve updated below 4 temperature related performance views so they can display negative values:
The Y-Axis range is set to –130 to 134 (degrees) for Imperial Unit (Fahrenheit) and –90 to 57 (degrees) for Metric Unit (Celsius). According to Wikipedia, these figures are the highest and lowest temperature ever recorded on this plant. They can be customised by right clicking the view and choose “Personalize view…”:
the updated MP can be downloaded HERE. The download link from the original post is also updated.
“Data Aggregation” field became empty in OpsMgr 2007 linked Performance Report
Today I needed to change some parameters in a linked performance report in one of the OpsMgr 2007 R2 management groups at work. When I opened the report property, the Data Aggregation field somehow became blank and greyed out:
As the result, when I tried to run the report, I get this error:
I found a blog article from Dieter Wijckmans “SCOM 2007: Scheduled reports failing”, it indicates it’s because there are duplicate management group ID specified in the report parameters. Dieter’s fix doesn’t really apply to me as the my report is not a scheduled report, however, my approach is much easier.
below is what I’ve done:
1. log on to the RMS box, and run below PowerShell script to get the management group ID:
$RMS = $env:computername
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.OperationsManager.Common") | Out-Null
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.OperationsManager") | Out-Null
$MGConnSetting = New-Object Microsoft.EnterpriseManagement.ManagementGroupConnectionSettings($RMS)
$MG = New-Object Microsoft.EnterpriseManagement.ManagementGroup($MGConnSetting)
$MG.Id
Note:
If RMS is clustered, replace “$env:computername” to the RMS cluster name in the first line.
2. export the management pack (assuming the linked report is stored in a unsealed MP), open the unsealed MP in a text editor
3. Go to
<Reporting>
<LinkedReports>
<LinkedReport ID= (where ID is the Id of the problematic report)
<Parameters>
Find the ManagementGroupId parameter and delete the incorrect value
4. Save the XML and import the unsealed MP back to the management group.
After importing the MP back, the “Data Aggregation” field is populated:
Note:
I can also change the report parameter in SSRS web site:
However, by directly modifying report in SSRS, the fix is only temporary. the original MP is not fixed and it will over write the report definition in SSRS. I’ve tried to update SSRS directly, the report got changed back shortly after.