OpsMgr Performance Collection Rules for OMS Near Real-Time Performance Data Collection

Written by Tao Yang

Introduction

Yesterday, the OMS product team has announced the availability of the Near-Real Time (NRT) Performance Data Collection in OMS. My buddy and fellow SCCDM MVP Stanislav Zhelyazkov has already wrote an article on his blog: Operations Management Suite – Performance Monitoring.

I won’t repeat what’s already been discussed in these 2 posts, but I’ll tackle it from the management pack authoring perspective, and sharing what I have discovered so far.

Note: If you haven’t read above mentioned 2 posts, I strongly recommend you to do so before continuing with this article.

Management Pack Under The Hood

By default, OMS has 8 performance counters configured for near-real time perf collection. You can see them in the settings section of your workspace:

image

As explained in both the official blog post from the OMS product team as well as Stan’s blog, you can add additional perf counters on this page, and it will be pushed to the OpsMgr management groups that are connected to this OMS workspace. I am fairly certain, the sample interval range is between 10-1800 seconds (minimum 10 seconds, maximum 30 minutes).

All the counters configured on this page are stored in an Unsealed management pack called “Microsoft System Center Advisor Log Management Collection” in your OpsMgr management group.

SNAGHTML6943086

If you export this MP and open it using MPViewer, you will see there are 2 rules for each counter:

SNAGHTML6a306af

Microsoft.IntelligencePack.LogManagement.Collection.PerformanceCounter.xxxxxxxxxx:

These rules are collecting the raw real time perf data:

image

Microsoft.IntelligencePack.LogManagement.Collection.PerformanceCounterAggregation.xxxxxxxxxx:

As the name suggested, these rules are collecting the 30-minute aggregated data (As stated in the official blog post, the raw data retention is 14 days and the 30-minute aggregated data retention is same as your OMS data plan).

image

After Examining these 2 rules closely,  we can see the following:

01. Both rules are disabled by default

02. Both rules are not remoteable (won’t work for agentless machines)

03. Both rules are targeting the Windows Computer class (Microsoft.Windows.Computer)

04. Both Rules are using the same data source module with same input parameters (Microsoft.IntelligencePacks.Performance.DataProvider). This configuration enables OpsMgr agents to leverage the Cookdown feature to reduce the computer resource consumed by these rules.

05. Comparing with the raw data collection rule, the aggregation data collection rule has an additional condition detection module (which is used for data aggregation) and the aggregated data is submitted to OMS via a different write-action module (Microsoft.SystemCenter.CollectCloudPerformanceDataAggregated_PerfIP).

06. Since both rules are disabled by default, the MP also comes with overrides to enable these rules for the OMS managed computers:

SNAGHTML6c32a96

Write Your own OMS Near-Real Time Perf Collection Rules

Now that we have discovered how are the near-real time perf data is collected in OpsMgr, I have spent some time today testing different rule configurations. Based on my own experience, my findings are:

01. Both raw data collection rule and aggregation data collection rule are required

Based on my testing, I found in order to submit near-real time perf data to OMS, I must create both raw data and aggregation data collection rules (as shown above). I tried with only one rule for the raw data, after few hours, I still couldn’t see the data in OMS. I then created another rule for the aggregation data, imported the updated MP in OpsMgr, after about 30 minutes, the data became visible from the search result.

02. Data source module “Microsoft.IntelligencePacks.Performance.DataProvider”

The rule must use the data source module “Microsoft.IntelligencePacks.Performance.DataProvider”, which is defined in management pack “Microsoft System Center Advisor Types Library” (Microsoft.IntelligencePacks.Types). This data source module consists of 2 member modules:

image

  • Data Source: System.Performance.DataProvider
  • Condition Detection: System.Performance.DataGenericMapper

I have tried to use System.Performance.DataProvider module directly in both raw and aggregation data collection rules, unfortunately this configuration does not seem to work. additionally, many 4502 events were logged in the Operations Manager log on the OpsMgr agent computer indicating the configuration for the aggregation data collection rule is incorrect.

image

03. The Rule target must be Windows Computer class (Microsoft.Windows.Computer).

Initially I have written few rules targeting SQL DB Engine class, waited few hours and I could only see the 30-minute aggregated data in OMS (collected by the aggregation collection rules). The data insertion is every 30 minutes and the perf graph could not be displayed in OMS (showed “No Data”). When I changed the target for both rules from SQL DB Engine to Windows Computer class, the raw data started to appear.

Having said that, I have also tried Windows Server Computer class (Microsoft.Windows.Server.Computer). This class is derived from Windows Computer class. This configuration also worked. So in my opinion, it is fair to guess the target class must be Windows Computer class or class that’s based on Windows Computer class.

Demo Management Pack “OMS Performance Demo MP”

I have created a MP during my experiments today. In the end, I have deleted all the rules that are not working in this MP and kept two sets rules for demonstration purpose:

  • Set #1:
    • Target: Microsoft.Windows.Computer
    • Perf Counter: Processor(_Total)\% Privileged Time

image

  • Set #2:
    • Target: Microsoft.Windows.Server.Computer
    • Perf Counter: SQLServer:Memory Manager(*)\Free Memory (KB)

image

You can download my demo MP from the link below:

Disclaimer:

This post is purely based on my own experiment, it may not be 100% accurate. Please use it with caution and test it in your test environment first!

Automating OpsMgr Part 14: Creating Event Collection Rules

Written by Tao Yang

OpsMgrExntededIntroduction

This is the 14th installment of the Automating OpsMgr series. Previously on this series:

Previously in part 12 and 13, I have demonstrated how to create performance related workflows using the OpsMgrExtended module. Today, I will start discussing event data, in this post, I will demonstrate how to create an event collection rule.

In the OpsMgrExtended module, there is a function called New-OMEventCollectionRule, which can be used to create event collection rules. It has been fully documented, you can access the documentation by using the Get-Help cmdlet:

Get-Help New-OMEventCollectionRule

SNAGHTML8b917c0

A side note here, Last week, I received an email asked me if the OpsMgrExtended module can be used outside of SMA and Azure Automation. The answer is yes, it can be used as a normal PowerShell module. for all the functions included in the module, you can access the examples by using the Get-Help cmdlet with –Full or –Example switch:

image

Runbook: New-EventCollectionRule

I have hardcoded the following parameters in the runbook:

  • SMA OpsMgr connection object name (which you will need to change to suit your environment)
  • Frequency – 900 seconds
  • (Unsealed) MP (where the rule  is going to be saved to) – “TYANG.Test.Windows.Monitoring”

Additionally, this runbook will firstly try to retrieve the management pack from the management group, if the MP deosn’t exist, it will create it first.

This runbook takes the following input parameters:

  • ClassName – The name of the target monitoring class (i.e.Microsoft.Windows.Server.OperatingSystem)
  • EventID – Optional. the Event ID to be collected by the rule.
  • EventLog –The name of the event log to be collected by the rule
  • Publisher– The event publisher
  • RuleDisabled– Boolean, whether the event collection rule should be disabled by default
  • RuleDisplayName– Display name of the rule
  • RuleName – The name of the rule

Runbook Execution Result:

image

Viewing the rule properties in OpsMgr operations console:

image

image

image

image

What if I don’t want to use SMA or Azure Automation?

Like I mentioned before, you don’t have to if you don’t want to. You can simply modify the runbook demonstrated above to run in a standalone PowerShell console by changing the PowerShell workflow to pass the OpsMgr management server name to the OpsMgrExtended functions (instead of SMA connection objects):

image

After updated the script (which contains the PS Workflow), firstly run the workflow in PowerShell, then call / execute the workflow:

Load the workflow:

SNAGHTML93cdde2

Execute the workflow:

image

Conclusion

In this post, I have demonstrated how to create an event collection rule using OpsMgrExtended module, with and without automation engines such as SMA and Azure Automation. I will demonstrate how to create a 2-state event monitor in the next post of the Automating OpsMgr series. Until next time, happy automating!

OpsMgr Alert Console Task For Squared Up

Written by Tao Yang

I have just created 2 alert console tasks in OpsMgr for Squared Up:

  • View Alert in Squared Up
  • View Alert Source Object in Squared Up

SNAGHTML7c0f76d

These 2 tasks will open the selected alert and alert source object in Squared Up  respectively using your default browser:

Squared Up Alert View:

image

Squared Up Monitoring Object view (Alert Source Object):

image

the management pack containing these 2 tasks can be downloaded at the end of this article. In order to use this MP, you will need to modify 2 lines:

image

You need to open the unsealed MP (xml) in a text editor (such as Notepad++), and modify line 29 and 38 (as shown above). Please replace “http://Your-SquaredUp-URL” with the Squared Up URL in your environment. i.e.

image

You can download this MP from the link below:

Automating OpsMgr Part 13: Creating 2-State Performance Monitors

Written by Tao Yang

OpsMgrExntededIntroduction

This is the 13th instalment of the Automating OpsMgr series. Previously on this series:

In the previous post (Part 12), I have demonstrated how to create performance collection rules using the OpsMgrExtended module. In this post, I will demonstrate how to create a 2-State performance monitor.

OpsMgrExtended module provides a function called New-OM2StatePerformanceMonitor. It has been documented in the embedded help within the module. you can access it via the Get-Help cmdlet:

image

Same as the previous posts, I’m going to show a sample runbook which utilise this function.

Runbook New-2StatePerformanceMonitor

As you can see, I have hardcoded the following parameters in the runbook:

  • Frequency – 900 seconds
  • (Unsealed) MP (where the monitor is going to be saved to) – “TYANG.SMA.Automation.Perf.Monitor.Demo”
  • Increase MP Version – true

So, before I can kick off this runbook, I need to firstly create the MP. This can be easily done using a one-liner on a machine where OpsMgrExtended is loaded:

image

After the test MP is created, I can then execute the runbook. This runbook takes the following input parameters:

  • ClassName – The name of the target monitoring class (i.e.Microsoft.Windows.Server.OperatingSystem)
  • CounterName – Name of the perf counter
  • InstanceName (Optional) –The Name of the instance of the counter. if not specified, the monitor will use All Instances.
  • MonitorDisplayName – The Display Name of the monitor.
  • MonitorName – The name of the monitor
  • ObjectName – Name of the object where the counter belongs to (i.e. memory, logical disk, etc.)
  • Threshold – The numeric threshold used by the monitor
  • UnhealthState – The unhealthy state of the monitor (Error or Warning)
  • UnhealthyWhenUnder (Boolean) – Specify if the monitor is unhealthy when the perf counter is under the threshold (or over the threshold).

Runbook Execution Result:

image

Monitor created by the runbook:

image

image

image

image

image

Conclusion

In this post, I have demonstrated a SMA / Azure Automation runbook to create 2-state performance monitors in OpsMgr. Now that I have covered both aspect of the performance  data (perf collection rule and monitor), I will move on to the event data in the next post.

Squared Up Dashboard Community Initiative

Written by Tao Yang

kablam3

It has been over 3 months since I started working for Squared Up. If you ask me my impression about Squared Up, I believe they truly care about the System Center community. Over the last few months, the folks at Squared Up have been working on an initiative to create a community dashboard repository, where everyone can submit and share their Squared Up dashboards with the broader community.

With the recent release of Squared Up version 2.1.11, exporting and importing dashboards have been made incredibly easy. I have made a short demo video and uploaded to YouTube:

Or watch it on YouTube: https://www.youtube.com/watch?v=NYDqSWbA2E0

As you can see, it is now really easy to export and import dashboards within Squared Up. Mr. Richard South from Squared Up has also asked me to share an Squared Up community news letter with readers of my blog:


Subject: Community Dashboards – New Features

Hi Tao

We have a couple of updates on our Community Dashboards project that I wanted to quickly share with you.

The main one is that we’ve just released a new version of the product which includes the ability to Export your dashboards and also to Import template dashboards (v2.1.11)

This should make it incredibly easy for you to submit dashboards, which you can send to community@squaredup.com, together with screenshots.

If you’d like get up and running with v2.1.11, without necessarily having to upgrade a production instance of Squared Up, we’d suggest simply applying for a 30 day trial online and you’ll be sent everything you need – http://squaredup.com/free-trial/download-30-day-free-trial/

If you have any questions in this respect, do please let me know.

We’ve also produced a launch page, including FAQs, at https://squaredup.com/community and put together a short video showing this new functionality in action – http://youtu.be/72HeYi9CvFc – as well as a longer one to discuss the project in more depth (although you’re up to speed with most of the information in that already)http://youtu.be/tRn1LnqQ2FY

So, that means the process for submitting is now as simple as;

  • Build dashboard (nb – don’t use SQL or iframe plugin)
  • Make private *
  • Take screenshots
  • One-Click Export
  • Send the ZIP + screenshots to community@squaredup.com
  • Win a Lego Death Star (hopefully…)

 

* You may want to ensure that there’s no private information available in any images or Visio SVGs used within your dashboards or in the dashboard title or sub-titles

Remember, we’re counting on you to get your dashboard submissions in by the beginning of next week in time for our preview launch at SCU Europe

As ever, many thanks for being part of this, feel free to drop me a line with any questions and have a great weekend

Cheers

Richard

Richard South | Squared Up Ltd


Now with the SCU Europe is taking place over in Basel, Switzerland this week, Squared Up has 2 sessions:

 

  • Whisky Tasting (and insider info…) with Squared Up (25th August, 17:15)
  • Revolutionise SCOM with Squared Up (26th August, 12:00pm)

 

Please stay tuned, there might be something exciting to be announced!

There are many ways to get involved in the System Center community, such as blogging, podcasting, sharing code on TechNet / GitHub / CodePlex, etc.

During a catch up call with Squared Up last week, Richard explained to me that they are essentially providing an additional channel for people to contribute and get involved in the community, because at the end of the day, not everyone blogs or write code. contributing an existing dashboard can be very quick and easy, it doesn’t take too much effort at all!

So, if you have designed an awesome Squared Up dashboard for a particular application and you would like to share it with the community, I encourage to take this opportunity and start sharing! As Squared Up Pointed out to me, their goal is for people to:

Use –> Share –>Improve

Deploying OpsMgr 2016 TP3 with Minimum Windows Server GUI requirements

Written by Tao Yang

keep-calm-and-love-mrnoguiBackground

This blog has been a little bit quiet over the last couple of weeks as I have been busy working on few projects that are yet to be finalised to be released to the public. Few days ago, there was a private conversation between few SCCDM MVPs – we were trying to figure out how to configure the IE settings on a management server in order to complete the OMS registration process using the console on the management server itself. As the result of that conversation, I raised question if OpsMgr can be installed on Windows Server Core because I believe any kind of administrative tasks should be performed from a remote machine. My buddy Stanislav Zhelyazkov pointed out it’s actually supported and suggested this could actually be a good blog topic. I am also very interested in seeing this to work in my lab, as I have been spent a lot of $$$ lately on computer hardware for my lab, I think it would benefit myself if I can cut the footprint of some applications that I have running in my lab by removing the GUI interfaces from Windows server instances.

So, I spent my spare time this weekend trying to install each of the OpsMgr 2016 TP3 component on Windows Server 2016 TP3 with one principal – each component must be installed on a Windows Server OS with minimum supported GUI interface. In this post, I will go through my deployment experience.

Overview

As we all know, currently (OpsMgr 2016 Tp3) is still largely the same as OpsMgr 2012 R2, with added support to newer OS (Windows Server 2016 TP) and few minor new functionalities.

Nowadays, Windows Server consists the following UI options (from minimum to maximum):

  • Server Core (No GUI)
  • Graphical Management Tools and Infrastructure aka. the Minimal Server Interface (Server-Gui-Mgmt-Infra)
  • Server Graphical Shell (Server-Gui-Shell)
  • Desktop Experience (looks and feels just like a desktop), it even has the Xbox app installed (if you ask me, why not just use Windows 10?)

Currently, OpsMgr consists of the following roles:

Role Required Components Minimum OS GUI requirement
Management Server .NET 4.5.2 / 4.6 Graphical Management Tools and Infrastructure
Operational DB SQL Database Engine (SQL2014) Server Core
Data Warehouse DB SQL Database Engine (SQL 2014) Server Core
Web Console Server .NET 3.5 Sp1 / 4.5.2 / 4.6 Server Core
Gateway Server .NET 4.5.2 / 4.6 Server Core
Reporting Server .NET 3.5 Sp1 / 4.5.2 / 4.6
SQL Server Reporting Services (SQL 2014)
Server Graphical Shell

In the end, I managed to install all the OpsMgr components on server core or minimal server interface, except for the Reporting Server. This is because only limited SQL Server components are supported by Windows Server Core. SQL Server Reporting Services (SSRS) requires full GUI (Server Graphical Shell). Although OpsMgr 2016 Tp3 only supports up to SQL 2014, this requirement has not changed for SQL 2016 Technical Preview (https://msdn.microsoft.com/en-us/library/hh231669.aspx). Therefore, the OpsMgr Reporting Server is the only component I had to install on a server with full graphical interface.

In the past, when I deploy OpsMgr in my lab, I would use a single SQL instance to host both Operational DB, Data Warehouse DB, as well as SSRS and OpsMgr reporting server. Due to the GUI requirement I have mentioned above, I am unable to do so this time – I had to create a separate virtual machine just for OpsMgr Reporting Server and SSRS. However, I think having a dedicated reporting server could be a more realistic approach in many large production environments, especially when the Operational DB and Data Warehouse DB are hosted on SQL server clusters, and since SSRS is not cluster aware, it cannot be a part of the cluster resource.

As the result, I have deployed the following servers in my lab. All of them are running Windows Server 2016 TP3:

Server Name OpsMgr Role OS GUI Level
OMTP3DB01 Operational DB and Data Warehouse DB SQL Server Server Core
OMTP3MS01 First Management Server Graphical Management Tools and Infrastructure (Minimal Server Interface)
OMTP3MS02 Additional Management Server Graphical Management Tools and Infrastructure (Minimal Server Interface)
OMTP3GW01 Gateway Server Server Core
OMTP3WEB01 Web Console Server Server Core
OMTP3RP01 Reporting Server Server Graphical Shell (Full GUI)

I will now go through my experience of configuring each OpsMgr 2016 TP3 components in my lab (with minimum GUI).

01. General OS Installation

I did not use any image or template based deployment methods (i.e. via VMM or ConfigMgr). I simply manually created these VMs on a Windows Server 2012 R2 Hyper-V box and installed the OS using the Windows Server 2016 TP3 ISO that I’ve downloaded from my MSDN subscription. I chose Server Core during the install for all above mentioned virtual machines. After the OS install, I performed the following tasks on all servers:

Using sconfig.cmd to configure the following:

  • Server name
  • IP address and DNS settings
  • Join Domain

 

image

image

Install .NET Framework 3.5 using dism.exe

Dism /online /enable-feature /featurename:NetFx3 /All /LimitAccess /Source:d:\sources\sxs

Note: D: is the CD-ROM drive in this case

image

Configure disks and volumes using diskpart.exe

I am not going to go through diskpart here, and it is not the only way to do so.

02. Configure SQL Server (OMTP3DB01)

I mounted the SQL 2014 Enterprise with SP1 ISO to the VM in Hyper-V and launch the install using command:

setup.exe /UIMODE=EnableUIOnServerCore /Action=Install

This command directly launch the setup wizard:

SNAGHTML11561eff

I then went through this wizard and installed SQL as I normally would, the only thing to keep in mind is that not all the SQL features are supported in Server Core, I have selected the following features:

 

  • Database Engine Services
  • Full-Text Search
  • Client Tool Connectivity
  • SQL Client Connectivity SDK

 

image

image

Note: if you have chosen a feature that’s not supported by Server Core, you will get this error message:

image

After few minutes, SQL server was successfully installed:

image

As you can see, since this is on a Server Core machine, I did not install SQL Management Studio on this server, I performed all other required SQL configuration such as minimum and maximum memory config, temp DB config, maintenance plan creation, etc. from a remote machine. I will go through the steps I took to setup a machine for remote management towards the end of this post.

Note: I found a good post on how to install SQL on Server Core: http://tenbulls.co.uk/2012/09/19/using-the-sql-server-installation-wizard-on-server-core/. However, when I initially launched the install wizard without “/Action=Install” switch, I was presented to the “SQL Server Installation Center” page, but when I clicked on any links on this page, nothing would happen. Luckily someone mentioned this switch in one of the comments and I was able to by pass this page:

image

03. Configure the First Management Server (OMTP3MS01):

As documented on TechNet, management servers require the minimal server interface and AuthManager:

image

So, before installing the OpsMgr management server component, I need to firstly install these 2 components.

Note: There’s a spelling mistake in the above highlighted section. The server feature is Server-Gui-Mgmt-Infra, it’s “f”, not “t”.

Install Server-Gui-Mgmt-Infra via PowerShell:

Install-WindowsFeature Server-Gui-Mgmt-Infra -Source wim:D:\sources\install.wim:2

image

Note:

  • D: is the CD-ROM in this VM which has the Windows Server 2016 TP3  ISO loaded.
  • You can refer to THIS post detailed steps of adding GUI to Server Core, including how to check the image index in the wim file.

Install AuthManager using Dism.exe

After installing the minimal server interface, I need to reboot the server. After the reboot, I used dism to add AuthManager :

dism /online /enable-feature /featurename:AuthManager /source:d:\sources\sxs

image

Install first management server

Note: When I downloaded the System Center 2016 TP3, each System Center component is presented as a EXE:

image

When I run the exe, I can specify a location to extract the installation to. I have previously extracted the OpsMgr installation to a folder, and copied the extracted content to C:\Software\SCOM on all the servers I mentioned above. So, now, I will run the unattended install from C:\Soffware\SCOM on this management server:

setup.exe /install /components:OMServer
/ManagementGroupName:TP3
/SqlServerInstance:OMTP3DB01.corp.tyang.org
/DatabaseName:OperationsManager
/DWSqlServerInstance:OMTP3DB01.corp.tyang.org
/DWDatabaseName:OperationsManagerDW
/ActionAccountUser:corp\svc_OpsMgrAction
/ActionAccountPassword:<password>
/DASAccountUser:Corp\Svc_OpsMgrSDK
/DASAccountPassword:<password>
/DatareaderUser:Corp\Svc_OpsMgrDataReader
/DatareaderPassword:<password>
/DataWriterUser:Corp\Svc_OpsMgrDW
/DataWriterPassword:<password>
/EnableErrorReporting:Never
/SendCEIPReports:0
/UseMicrosoftUpdate:0
/AcceptEndUserLicenseAgreement:1
/silent

Note:

 

  • You can also refer to the official TechNet article for first management server unattended install here: https://technet.microsoft.com/en-us/library/hh301922.aspx, and my fellow SCCDM MVP Christopher Keyaert has also blogged about it before: http://scug.be/christopher/2014/03/10/scom-2012-r2-unattended-installation-command-line/
  • Please update the command to suit your environment.
  • The installation also logs to “%LocalAppData%\SCOM\Logs” folder. You may have to check the logs in this folder the installation didn’t go as what you have hoped.
  • Since I did not install the Operations Console on the management server, I did not have to install the SQL CRL Type and Report Viewer as pre-requisites. – They are the pre-reqs for the console, not for the management server server.

04. Configure Additional Management Server (OMTP2MS02):

I have gone through the same OS requirements as the first management server (Server-Gui-Mgmt-Infra and AuthManager), please refer to the previous section. After these components were installed on OMTP3MS02, I used a slightly simpler command for the additional management server install:

setup.exe /install /components:OMServer
/SqlServerInstance:OMTP3DB01.corp.tyang.org
/DatabaseName:OperationsManager
/ActionAccountUser:corp\svc_OpsMgrAction
/ActionAccountPassword:<password>
/DASAccountUser:Corp\Svc_OpsMgrSDK
/DASAccountPassword:<password>
/EnableErrorReporting:Never
/SendCEIPReports:0
/UseMicrosoftUpdate:0
/AcceptEndUserLicenseAgreement:1
/silent

SNAGHTML1185ef98

05. Configure Gateway Server (OMTP3GW01)

The OS requirement for gateway servers is different than management servers. It does not require the minimal server interface (Server-Gui-Mgmt-Infra) and AuthManager. Additionally, we cannot use the setup.exe for the gateway server unattended install. we must execute the gateway server msi directly using msiexec.exe.

As I mentioned before, the OpsMgr install bits have already been copied to each server, in the command prompt, I firstly changed the directory to C:\Software\SCOM\gateway\AMD64 (C:\Software\SCOM is where I copied the install bits to).

I then used msiexec with the following parameters:

msiexec.exe /i MOMGateway.msi /qb /l*v C:\Temp\GatewayInstall.log
ADDLOCAL=MOMGateway MANAGEMENT_GROUP=TP3
IS_ROOT_HEALTH_SERVER=0
ROOT_MANAGEMENT_SERVER_AD=OMTP3MS01.corp.tyang.org
ROOT_MANAGEMENT_SERVER_DNS=OMTP3MS01.corp.tyang.org
ACTIONS_USE_COMPUTER_ACCOUNT=0
ACTIONSDOMAIN=Corp.tyang.org
ACTIONSUSER=svc_OpsMgrAction
ACTIONSPASSWORD=<password>
ROOT_MANAGEMENT_SERVER_PORT=5723
AcceptEndUserLicenseAgreement=1

SNAGHTML118e49b8

After the gateway server has been successfully installed, I must approve it from a management server by taking the following steps:

  • Go to the SupportTools folder from the Installation files, copy Microsoft.EnterpriseManagement.GatewayApprovalTool.exe to the management server installation folder:
  • copy Microsoft.EnterpriseManagement.GatewayApprovalTool.exe “c:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Server”
  • Go to the management server installation folder and execute:
  • Microsoft.EnterpriseManagement.GatewayApprovalTool.exe
    /ManagementServerName=OMTP3MS01.corp.tyang.org
    /GatewayName=OMTP3GW01.corp.tyang.org
    /Action=Create
    image

     

     

 

Lastly, I need to configure the gateway server to failover to another management server. Since I did not install the console on management servers, I must perform this task on a remote machine where the console is installed (as the Operations Manager PowerShell is part of the console install):

$GatewayServer = Get-SCOMGatewayManagementServer –Name “OMTP3GW01.corp.tyang.org”
$FailoverServer = Get-SCOMManagementServer –Name “OMTP3MS02.corp.tyang.org”
Set-SCOMParentManagementServer -GatewayServer $GatewayServer -FailoverServer $FailoverServer

image

Note:

06. Configure Web Console server (OMTP3WEB01)

The web console server can be installed on a Server Core instance. However, we must firstly install all required IIS and .NET components.

Install IIS components via PowerShell:

Add-WindowsFeature Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-Http-Logging,Web-Request-Monitor,Web-Filtering,Web-Stat-Compression,Web-Metabase,Web-Asp-Net,Web-Windows-Auth,Web-ASP,Web-CGI

image

Install HTTP Activation (.NET component) via PowerShell:

Add-WindowsFeature NET-WCF-HTTP-Activation45

image

Install Web Console Pre-requisites (SQL CLR Type and Report viewer):

msiexec /i SQLSysClrTypes.msi /q
msiexec /i ReportViewer.msi /q

You may connect to the application event log from a remote machine and verify these 2 MSIs have been installed successfully.

Install Web Console:

Go to the folder where SCOM Install bits are located:

setup.exe /silent /install /components:OMWebConsole
/ManagementServer:OMTP3MS01.corp.tyang.org
/WebSiteName:”Default Web Site”
/WebConsoleAuthorizationMode:Mixed
/SendCEIPReports:0
/UseMicrosoftUpdate:0
/AcceptEndUserLicenseAgreement:1

Note:

  • Official documentation for web console unattended install: https://technet.microsoft.com/en-us/library/hh298606.aspx
  • Since the IIS management console is not installed on server core, I will go through how to install and configure IIS management in the remote management section towards the end of this post.

07. Configure Reporting Server

Since the Reporting server has the full GUI interface enabled (required by SSRS), there is no much to cover here. I will only briefly go through few points here.

Install SQL Server Reporting Services (SSRS)

I launched the SQL installation and only installed SSRS. I then went through each page in the Reporting Service Configuration Manager and configured the SSRS instance. I created a new Reporting Server database on the main SQL server OMTP3DB01:

SNAGHTML11acd201

Install OpsMgr Reporting Server

I launched the OpsMgr installation wizard and selected Reporting Server. The only error I received was that the SQL Server Agent was not running. So I went to check the SQL Server Agent service on the SQL server OMTP3DB01, and realised I must have left the start type for SQL Server Agent service to the default configuration of Manual. I changed it to automatic and started the service. I was then able to continue on with the reporting server installation.

08. Configure a Remote Management machine

Now that I have all the OpsMgr components installed, I need a machine to remotely manage these components. For this purpose, I have created a VM running Windows 10 Professional and have installed the following components:

The installation for all of these components are very straight forward, except for the IIS Manager for Remote Administration. I will only go through my experience for this one here.

Install IIS Manager for Remote Administration

On the client OS (Windows 10 in this case), if you install the IIS management console, you can only manage the local IIS instance, not a remote IIS server. In order to remotely manage a IIS server, we must install the IIS Manager for Remote Adminisitration, as well as enabling the remote administration on the remote IIS server.

The IIS Manager for Remote Administration can be installed using Microsoft Web Platform Installer. And here’s a blog article for Windows 8 (which is still relevant now with Windows 10): http://tech-stew.com/post/2012/10/08/How-to-install-IIS-remote-manager-in-Windows-8.aspx

When I downloaded and launched the Web Platform Installer, I was able to see the IIS Manager for Remote Administration:

image

However, somehow the installation failed (twice). When I checked the installation log, I found the downloaded msi failed signature verification.

image

After I manually deleted this file from the temp folder and installed again from Web Platform Installer, it failed again. So I manually ran the downloaded msi file from the temp location, and it installed successful. I was able to see the option to connect to a remote IIS instance on my Windows 10 machine:

image

Configure IIS for Remote Management

As I mentioned, I also need to enable IIS remote management for the web console server. To do so, I need to install IIS management service on the web console server (which I did not install when I installed IIS). This can be done using PowerShell:

Install-WindowsFeature Web-Mgmt-Service

image

Remote Management can then be enabled via a registry value. The dword value “EnableRemoteManagement” in “HKEY_LOCAL_MACHINE\Software\Microsoft\WebManagement\Server” must be set to 1. You can do so using PowerShell, or using regedit from the remote machine (via Remote Registry service):

image

After updating the registry value, start the WMSVC service:

image

Then I was able to connect to the web console IIS server from the Windows 10 machine:

image

09. Verifications

I launched the OpsMgr console, checked the management servers and deployed the agents on all other computers mentioned in this blog post:

image

image

And tried to run a report:

image

Everything seems to be OK (with my limited testing so far).

Conclusion

In this post, I have documented the steps I took to setup OpsMgr 2016 TP3 on Windows servers using the minimum required GUI components. This is 100% based on my own experience in my lab. Please use it with caution and I will not hold any responsibilities if anything went south in your environment. Please also feel free to contact me if you have anything to add on this topic, or simply want to share you experience.

Automating OpsMgr Part 12: Creating Performance Collection Rules

Written by Tao Yang

OpsMgrExntededIntroduction

This is the 12th instalment of the Automating OpsMgr series. Previously on this series:

From now on, I will start concentrating on creating various monitoring workflows (rules, monitors, template instances, etc) using the OpsMgrExtended module. I will dedicate at least 6-7 posts on this topic. Since OpsMgr is a monitoring solution, I am now getting to the core offering of this module – providing ways for OpsMgr professionals to automate the creation of their monitoring requirements. In this post, I will demonstrate a runbook utilising New-OMPerformanceCollectionRule activity from the OpsMgrExtended module, to create performance collection rules in OpsMgr.

Runbook New-PerfCollectionRule

In order to use this runbook, you firstly need to modify line 14 with the name of the SMA connection to your OpsMgr management group:

image

I have also hardcoded few other parameters in the runbook:

image

$MPName is the name of the unsealed MP where the rule is going to be saved to, and $Frequency is the interval in seconds on how often does this perf collection rule need to run. You also need to modify these 2 variables, especially the $MPName – the unsealed MP must exist in your management group already.

This runbook requires the following input parameters:

$RuleName – name of the perf collection rule

$RuleDisplayName – The display name of the perf collection rule

$CounterName – name of the perf counter you need to collect

$ObjectName – name of the object where the counter belongs to (i.e. memory, logical disk, etc.)

$InstanceName (optional) – name of the instance of the counter. if not specified, the rule will collect All Instances.

$ClassName – name of the OpsMgr monitoring class of which the perf collection rule is targeting

$RuleDisabled – Boolean variable (true or false). specify if the rule should be left disabled by default

Runbook execution result:

image

Rule configuration (from the console):

image

image

Accessing Perf data collected by this rule in a Perf view:

SNAGHTMLb5a869e

Conclusion

In this post, I have demonstrated how to use a runbook to create a performance collection rule in OpsMgr. In the next post, I will demonstrate how to create a 2-state performance monitor.

Spend Your Money Wisely

Written by Tao Yang

spendingAs what I’d like to consider myself as – a seasoned System Center specialist, I have benefitted from many awesome resources from the community during my career in System Center. These resources consist of blogs, whitepapers, training videos, management packs and various tools and utilities. Although some of them are not free (and in my opinion, they are not free for a good reason), but large percentage of these resources I value the most are all free of charge.

This is what I like the most about the System Center community. Over the last few years, I got to know many unselfish people and organisations in the System Center space, who have made their valuable work completely free and open source for the broader community. Due to what I am going to talk about in this post, I am not going to mention any names in this post (unless I absolutely have to) . But if anyone is interested t know my opinion, I’m happy to write a separate post introducing what I believe are valuable resources.

First of all, I’m just going to put it out there, I am not upset, and this is not going to be a rant and I’m trying to stay positive.

I started working on System Center around 2007-2008 (ConfigMgr and OpsMgr at that time) . I started working on OpsMgr because my then colleague and now fellow SCCDM MVP (like I mentioned, not going to mention names) has left the company we were working for and I had to pick up the MOM 2005 to OpsMgr 2007 project he left behind. The very first task for me was to figure out a way to pass the server’s NetBIOS name to the help desk ticketing system and I managed to achieve this by creating a PowerShell script and utilised the command notification channel to execute the script when alerts were raised. I then used the same concept and developed a PowerShell script to be used in the command notification to send content rich notification emails which covered many information not available from native email notification channel.

When I started blogging 5 years ago, this script was one of the very first posts I published here. I named this solution “Enhanced SCOM Alert Notification Emails”. Since it was published, it has received many positive feedbacks and recommendations. I have since published the updated version (2.0) here:

http://blog.tyang.org/2012/08/16/scom-enhanced-email-notification-script-version-2/

After version 2.0 was published, a fellow member in the System Center community, Mr. Tyson Paul has contacted me, told me he has updated my script. I was really happy to see my work got carried on by other members in the community and since then, Tyson has already made several updates to this script and published it on his blog (for free of course):

Version 2.1: http://blogs.msdn.com/b/tysonpaul/archive/2014/08/04/scom-enhanced-email-notification-script-version-2-1.aspx

Version 2.2: http://blogs.msdn.com/b/tysonpaul/archive/2015/01/30/scom-enhanced-email-notification-script-version-2-2.aspx

This morning, I have received an email from a person I have never heard of. This person told me his organisation has developed a commercial solution called “Enhanced Notification Service for SCOM” and I can request a NFR by filling out a form from his website. As the name suggests (and I had a look on the website), it does exactly what mine and Tyson’s script does – sending HTML based notification emails which include content rich information including associated knowledge articles.

Well, to be fair, on their website, they did mention a limitation of running command notifications that you have a AsyncProcessLimit of 5. But, there is a way to increase this limit and if your environment is still hitting the limit after you’ve increased it, I believe you have a more serious issue to fix (i.e. alert storm) rather than enjoying reading those “sexy” notification emails. Anyways, I don’t want to get into technical argument here, it’s not the intention of this post.

So, do I think someone took my idea and work from Tyson and myself? It is pretty obvious, make your own judgement. Am I upset? not really. If I want to make a profit from this solution, I wouldn’t have published out on my blog in the first place. And believe me, there are many solutions and proof-of-concepts I have developed in the past that I sincerely hope some software vendors can pickup and develop a commercial solution for the community – simply I don’t have the time and resources to do all these by myself (i.e. my recently published post on managing ConfigMgr log files using OMS would be a good commercial solution).

In the past, I have also seen people took scripts I published on my blog, replaced my name with theirs from the comment section and published it on social media without mentioning me whatsoever. I knew it was my script because other comments in the script are identical to my initial version. When I saw it, I have decided not to let these kind behaviour get under my skin, and I believe the best way to handle it is to let it go. So, I am not upset when I read this email today. Instead, I laughed! Hey, if this organisation can make people to pay $2 per OpsMgr agent per year (which means for a fully loaded OpsMgr management group would cost $30k per year for “sexy” notification emails), all I’m going to say is:

good for  you

However, I do want to advise the broader System Center community: Please spend your money wisely!

There is only so much honey in the pot. You all have a budget. This is what the economist would call Opportunity Cost. If you have a certain needs or requirement and you can satisfy your requirement using free solutions, you can spend your budget on something that has a higher Price-Performance Ratio. If you think there’s a gap between the free and paid solution, please ask your self these questions:

  • Are these gaps really cost me this much?
  • Are there any ways to overcome this gap?
  • Have I reached out the the SMEs and confirm if this is a reasonable price?
  • How much would it cost me if I develop an in-house solution?

Lastly, I receive many emails from people in the community asking me for advise, and providing feedback to the tools I have published. I am trying my best to make sure I answer all the emails (and apologies if I have missed). So if you have any doubts in the future that you’d like to know my opinion, please feel free to contact me. And I am certain, not only myself, but other SMEs and activists in the System Center community would also love to help a fellow community member.

Squared Up Online Demo Lab Updated

Written by Tao Yang

logo-on-white_smaller

Squared Up has recently updated their online demo lab, with some new dashboards and features to show case:

http://squaredup.com/revamped-online-demo-lab/

In addition, they have made this demo lab open access to everyone, meaning you don’t need to register and provide any details in order to access it if you don’t want to. As they explained to me:

We are well aware that the daily lives of IT engineers are blighted by the sales teams of highly aggressive vendors who leap on any casual interest and deluge them with calls and emails. That’s why we put all our pricing online, so there’s no mystery and absolutely no need to talk to sales guys unless you actually want to.

So, if you haven’t used or played with Squared Up dashboards, you can access their demo lab by simply going to this address:

http://demo.squaredup.com/squaredup

Automating OpsMgr Part 11: Configuring Group Health Rollup

Written by Tao Yang

OpsMgrExntededIntroduction

This is the 11th instalment of the Automating OpsMgr series. Previously on this series:

Since I have already covered how to create, update and delete OpsMgr groups using the OpsMgrExtended module, the last thing I want to cover on this topic is how to configure health rollup for the groups.

The runbook I’m demonstrating today was based on the PowerShell script in the OpsMgr Group Health Rollup Configuration Task MP which I published yesterday. As I explained in the previous post, because instance groups do not inherit any dependency monitors for their base class, when OpsMgr admins creating groups in the console (which can only be instance groups), they are shown as “Not monitored”:

SNAGHTMLaf5f001

By creating an agent task to create health rollup dependency monitors (in the OpsMgr Group Health Rollup Configuration Task MP), I have provided a more user friendly way for OpsMgr users to configure health rollup for groups, but this task won’t help us when we are designing an automation solution. Therefore, I have written a SMA runbook based on the script I developed for the MP.

Runbook: Configure-GroupHealthRollup

This runbook requires the following input parameters:

  • GroupName: Required parameter. Name of the group (note, this is not the display name you see in the OpsMgr console)
  • Algorithm: Required parameter. The algorithm to use for determining health state. Possible values: ‘BestOf’,’WorstOf’,’Percentage’.
  • Percentage: The worst state of the specified percentage of members in good health state. This parameter is only required when the specified algorithm is ‘Percentage’. Optional parameter, default value is 60 if not specified.
  • MemberUnavailable: The health state when the member is unavailable. Possible Values: ‘Uninitialized’, ‘Success ‘,’Warning’, ‘Error’. Optional parameter. If not specified, the default value is “Error”.
  • MemberInMaintenance: The health state when the member is in maintenance mode. Possible Values: ‘Uninitialized’, ‘Success ‘, ‘Warning’, ‘Error’. Optional Parameter. If not specified, members in maintenance mode will be ignored.
  • ManagementPackName: The Management Pack name of which the monitors going to be saved. This is only going to be used when the group is defined in a sealed MP.’
  • IncreaseMPVersion: Boolean optional parameter. Specify if the management pack version should be increased by 0.0.0.1.

Before executing the runbook:

image

Executing the runbook:

image

After runbook execution:

image

Dependency monitor health rollup policy:

image

Conclusion

In this post, I have demonstrated how to configure OpsMgr group health rollup by creating dependency monitors using a SMA runbook. As I mentioned in part 4, I was going to dedicate few post for a creating and managing groups mini series. This post would be the last post for this managing groups mini series. To summarise, on managing groups, I have covered the following aspects:

  • Creating new empty groups (Part 4)
  • Adding Computers to computer groups (Part 5)
  • Adding monitoring objects to instance groups (Part 6)
  • Incorporated the runbooks from part 5 and 6 into the new version of the OpsMgrExtended module (part 7)
  • Updating group discoveries (Part 9)
  • Deleting Groups (Part 10)
  • Configure Group Health Rollup (Part 11, this post)

Starting from next post, I will start talking about how to create monitors, rules, etc. So it should only get more interesting from now on.

This is all I’m going to share for today. Until next post, happy automating OpsMgr!