Category: System Center

Step-by-Step – Installing System Center Operations Manager (SCOM) 2019 on Windows Server 2019 with SQL 2017

This post I will be installing System Center Operations Manager 2019 (SCOM) RTM, Build Number 10.19.10050.

Here is some of the background information. As this post will concentrate on the installation of SCOM 2019, I am going to omit the setup and configuration of the Domain Controller, Windows Server 2019 for the SCOM Management Server. Also to note, I am using a PaaS instance of SQL 2017 (hosted on Azure), likewise the entire environment lives on Azure in an IaaS and PaaS configuration.

Service Accounts and Local Administrator:

DomainAccount Description Local Admin on…
domainSCOM_AA SCOM Action Account SCOM
domainSCOM_DA SCOM Data Access/SDK Account SCOM
domainSCOM_SQL_READ SCOM SQL Reader n/a
domainSCOM_SQL_WRITE SCOM SQL Writer n/a
domainSCOM_Admins SCOM Administrators Group SCOM
domainSQL_SA SQL Service Account n/a

Now, if you’re lazy like me, or are tired of doing this setup for environments, I have scripted the automation of these accounts. You can find that link here, Microsoft TechNet Gallery.


Let’s Begin:

Since I am hosting SQL on a dedicated server, I will install SSRS (SCOM Reporting) on that server.

Well, that’s not new… Prerequisites. Since this is a clean, vanilla Windows 2019 server, we will need to install all the necessary Web Console components, along with Report Viewer Controls (probably SQL CLR Types too..).

  • For the Report Viewer Prerequisites, go HERE.
  • Here is the PowerShell command I ran to install the necessary IIS features/roles:
Import-Module ServerManager
Add-WindowsFeature Web-Server, Web-WebServer, Web-Common-Http, Web-Default-Doc, Web-Dir-Browsing, Web-Http-Errors, Web-Static-Content, Web-Health, Web-Http-Logging, Web-Log-Libraries, Web-Request-Monitor, Web-Performance, Web-Stat-Compression, Web-Security, Web-Filtering, Web-Windows-Auth, Web-App-Dev, Web-Net-Ext45, Web-Asp-Net45, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Mgmt-Tools, Web-Mgmt-Console, Web-Mgmt-Compat, Web-Metabase, NET-Framework-45-Features, NET-Framework-45-Core, NET-Framework-45-ASPNET, NET-WCF-Services45, NET-WCF-HTTP-Activation45, NET-WCF-TCP-PortSharing45, WAS, WAS-Process-Model, WAS-Config-APIs -restart

 

Once the server is back online, you will need to register ASP.Net.

6

You will need to apply the following using Command Prompt (as Administrator)). Yes, this is a screenshot from a previous post…Forgot to capture the screenshot when running it this time..

  1. cd %WINDIR%Microsoft.NETFramework64v4.0.30319
  2. aspnet_regiis.exe -r
  3. IISRESET
  4. Reboot your server…

Once the server is back online, let’s try that Prerequisites check again….

Great! Now all of Prerequisites have been met!

Provide a meaningful Management Group Name (there’s no going back after this…)

SQL Server will be where your SCOM SQL instance(s) were installed. Remember, to either disable the Windows Firewall, or open SQL TCP Ports 1433.

 

I recommend always keeping this off, and manually updating your SCOM infrastructure.

One quick review. Looks good. Hit Install, and get some fresh air!

A few minutes later….

Sweet! All good. I hope this helps. If you have any questions or issues, please drop me a line.

Happy 2019 SCOM’ing!

(more…)

System Center Operations Manager (SCOM) 2019- Requirements for Windows Server 2019 via PowerShell

The following PowerShell code is to install all the necessary IIS components for System Center Operations Manager (SCOM) 2019 Web Console on Windows Server 2019.

Import-Module ServerManager
Add-WindowsFeature Web-Server, Web-WebServer, Web-Common-Http, Web-Default-Doc, Web-Dir-Browsing, Web-Http-Errors, Web-Static-Content, Web-Health, Web-Http-Logging, Web-Log-Libraries, Web-Request-Monitor, Web-Performance, Web-Stat-Compression, Web-Security, Web-Filtering, Web-Windows-Auth, Web-App-Dev, Web-Net-Ext45, Web-Asp-Net45, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Mgmt-Tools, Web-Mgmt-Console, Web-Mgmt-Compat, Web-Metabase, NET-Framework-45-Features, NET-Framework-45-Core, NET-Framework-45-ASPNET, NET-WCF-Services45, NET-WCF-HTTP-Activation45, NET-WCF-TCP-PortSharing45, WAS, WAS-Process-Model, WAS-Config-APIs, web-asp-net -restart

You can also find this in Microsoft’s TechNet Gallery, HERE.

What’s new in System Center Operations Manager (SCOM) 2019?

When it comes to monitoring your on-premises datacenter, System Center Operations Manager (SCOM) is still the tool of choice. The System Center stack has been the Microsoft go-to toolset for decades for datacenter management. System Center 2019 it is expected be made Generally Available (GA) in the next few weeks, as Q1 comes to an end.

It is also worth mentioning, SCOM and the entire System Center 2019 stack will be following the Long-Term Servicing Channel (LTSC) model.

Some of the key features that will be highlighted with the release of SCOM 2019 are below.

  • Improved Azure Management Pack (faster and easier to manage)
  • Improved HTML5 dashboards – The new web console has no dependencies on SilverLight and is officially HTML5
  • Azure Service Map Integration
  • Enhanced notifications and alert management – Rich HTML notifications are now default
  • Customize and Preview HTML notification content
  • Email notification improvements such as the ability operators (‘OR’ and ‘EXCLUDE’) to the criteria builder
  • Backend support for SQL Server 2017 and SilverLight dependencies removed
  • Enhanced Agentless alerting during failover scenarios
  • Enhanced certificate validation for Web Application monitoring
  • Application Performance Monitoring (APM) support for CSM (Client Side Monitoring) for Edge and Chrome
  • Support for OpenSSL 1.1.0 for Linux platforms
  • Kerberos support for Linux agent
  • Linux log file monitoring (any custom datasource ie. docker/kubernetes container monitoring)

System Center 1807!

System Center 1807 release is officially available. This includes a new updated version for both Virtual Machine Manager (VMM) and Operations Manager. SCOM 1807 highlights a big update to features such as HTML5 and Widgets.

See the URL for more info, the latest release! https://cloudblogs.microsoft.com/windowsserver/2018/07/24/system-center-1807-available-now/

Stay tuned, as I will follow up with a step by step guide for the install, and exploring the new features in the latest release!

System Center – Operations Manager 1801 is now available!

Yesterday afternoon, Microsoft released Operations Manager (System Center, SCOM) version 1801. This is a major change from previous versions of SCOM/Operations Manager, as it now introduces the same release cycle as Windows Server 2016 and Windows 10, ie. Semi-Annual Channel (SAC).

Like Server 2016, and Windows 10, all new features and updates will be delivered in the Semi-Annual Channel (SAC) manner.

Within the Semi-Annual Channel (SAC) model:

  • Each build, ie. 1801 is supported for a minimum of 18 months from its release date;
  • Consistent updates and features within the 6-months (semi-annual) time frame;

In the Operations Manager 1801 version, some of the new features include:

  • Service Map integration;
  • Linux Kerberos support;
  • Linux Log File monitoring improvements;
  • Improvements to the SDK performance;
  • Telemetry for HTML5 dashboard, plus improvements/performance;
  • 3rd Party Management Pack – Updates and Recommendation;

For more information, have a read at the Microsoft blog post: https://docs.microsoft.com/en-us/system-center/scom/what-is-new-1801?view=sc-om-1801

 

Over the next few days, I will spend some time on deploying Operations Manager 1801, so stay tuned for that post! Until next time.

If you want to deploy Operations Manager 1801, go here for the System Center Evaluations download: https://www.microsoft.com/en-us/evalcenter/evaluate-system-center-release

How to Deploy Office 2016 ProPlus Click-to-Run (C2R) with ODT and SCCM

In this blog post, we will be deploying Office 2016 ProPlus (retail; Click-to-Run (C2R)) with Office 2016 Deployment Tool (ODT) and System Center Configuration Manager.

Office 2016 Deployment Tool (ODT)

To begin, we need to get the Office 2016 Deployment Tool (ODT). That can be downloaded from here, Microsoft Download Center. Create a folder on your SCCM application source folder, I called mine, “Office 2016“. Install the deployment tool on your SCCM server, save the extracted files to the folder you just created. Once the installation is complete, the following two files will be found:

Next, we need to create an XML file within the folder. I copied the original “configuration.xml” and called it, “Office 2016 Config.xml” and updated its contents to below. In my deployment, I am deploying Office 2016 32-bit. However, if you are deploying 64 bit, then just change OfficeClientEdition=”32″ to OfficeClientEdition=”64″.

<Configuration>
<Add SourcePath="your path to source files" OfficeClientEdition="32"> >
 <Product ID="O365ProPlusRetail">
 <Language ID="en-us" />
 </Product>
 </Add>
</Configuration>

Next, we need to run Command Prompt (run as Administrator), and run, “setup.exe” with the XML file we just created/modified. After this completes (give it a few minutes), you should now have the following four files within your folder.

setup.exe /download "Office 2016 Config.xml"

Next, we need to update the, “configuration.xml” file. This file is used to deploy Office 2016. As previously, we have set the version to 32-bit, again change this to 64, if you are deploying 64-bit Office. In this deployment, I am deploying a per-user licensing model, if you are using a product key per machine, you will need to add, “PIDKEY” value to the configuration file.

<Configuration>
<Add OfficeClientEdition="32">
<Product ID="O365ProPlusRetail"
<Language ID="en-us" />
</Product>
</Add>
<Display Level="None" AcceptEULA="TRUE" />
</Configuration>

Now we are ready to create and deploy our application package!

Create Application Deployment

First, we need to create the application package. We will choose the manual “Manually specify the application information” approach here.

Next, we need to provide some application information. Office 2016 deployment, owner, etc…

Now we need to add and create the deployment type

Next, we will choose “Manually specify the deployment type information“.

Again, give this deployment a name, and some descriptive comment(s).

Now, we need to specify the location of the source/installation file(s), and need to specify the “configuration.xml” file.

Next, we want to add a detection clause. Essentially, this deployment, once deployed, will validate against this code to confirm the installation was successful and both the detection code and product code match.

Note, if the deployment “fails”, yet the Office suite installed, confirm the product code and detection code match.

For the detection method, we will choose, Windows Installer, and the following Product code: {90160000-008C-0000-1000-0000000FF1CE}.

Next we will select, Install, and leave the Logon requirement to either.

We have no requirements and/or dependencies for this, but for completeness, here are those screenshot windows.

Great! Deployment is complete. Now we need to complete the application deployment wizard.

Great, application deployment is now complete. Now we need to deploy the package itself… Let’s do that.

Deploy Package Deployment to Collection(s)

Right click and select your collection, in this case, my collection is a test group, named “Test1”.

Specify the distribution point

We are going to mark Install and Available for the deployment settings here.

Provide a set time for the deployment to kick off, remember to set it to the correct time of day.. (struggled for a few deployments, after learning I forgot to set to AM…)

We will give the user the option to install, as the update will appear in their Software Center.

Now we if go to our client machine(s). I am testing on both Windows 7 and Windows 10 machines.

Validate Deployment

If we go into the Software Center, check under the “Available Software”, we now see the Office 2016 ready for deployment! Go ahead hit Install Selected, and let the magic happen!

Windows 7

We can validate the deployment, as we see the Office 2016 applications within the start menu.

Likewise for Windows 10:

 

For complete information on this deployment, please feel free to visit Microsoft’s article.

System Center Virtual Machine Manager (SCVMM) 2016 – Error 2912 – Unknown error (0x80041008)

Problem: Cannot to deploy a logical switch (vSwitch) to a Windows Server 2016 node.

Environment: 2x10GB Network Cards – IBM Flex Chassis (not that matters…)

Error:

An internal error has occurred trying to contact the ‘hypervserver01.domain.com’ server: : .

WinRM: URL: [http://hypervserver01.domain.com:5985], Verb: [INVOKE], Method: [GetFinalResult], Resource: [http://schemas.microsoft.com/wbem/wsman/1/wmi/root/scvmm/AsyncTask?ID=1001]

Unknown error (0x80041008)

Recommended Action
Check that WS-Management service is installed and running on server ‘hypervserver01.domain.com’. For more information use the command “winrm helpmsg hresult”. If ‘hypervserver01.domain.com’ is a host/library/update server or a PXE server role then ensure that VMM agent is installed and running. Refer to http://support.microsoft.com/kb/2742275 for more details.

Solution: In my case, I tried the following. Ultimately, it came down to my last case (enabling the physical network card).

  • Disable Windows Firewalls on both SCVMM and the Hyper-V 2016 server
  • Change the default WinRM port to 5985
winrm set winrm/config/Listener?Address=*+Transport=HTTP '@{Port="5985"}'

  • Enable the secondary physical port

Enabling SCOM 2016 Agent Proxy

Not too much has changed when it comes to SCOM 2012R2 and SCOM 2016. This post is a similar post to SCOM 2012R2, but applicable to SCOM 2016. (See that post here).

You could go to the computer that SCOM is complaining about and manually enable the agent proxy via Administration > Managed Computers, and modifying its properties, see below:

2

Or…… you could make your life easier, and do this…

The fix is easy, and the explanation are both below:

To resolve the “Agent proxy not enabled” alert for all machines in your current environment, run the following PowerShell code in the SCOM PowerShell Console:

get-SCOMagent | where {$_.ProxyingEnabled -match "False"} | Enable-SCOMAgentProxy

To prevent this alert in the future, run the following below:

add-pssnapin "Microsoft.EnterpriseManagement.OperationsManager.Client"; new-managementGroupConnection -ConnectionString:<strong>yourSCOMMGMTserverFQDNhere</strong>; set-location "OperationsManagerMonitoring::"; Set-DefaultSetting -Name HealthService\ProxyingEnabled -Value True

 

SCOM Agent Version Addendum Management Pack

Earlier this week, Microsoft’s Kevin Holman published an excellent article and SCOM Management Pack that addresses the issue with SCOM 2012 and agent updates. Please have a read, and consider installing this MP to help alleviate the issues SCOM 2012 has created when it comes to understanding which version your SCOM agent is on….

BLOG POST HERE.

Step-by-Step – SCOM 2016 Update Rollup 2 (UR2) Install Procedure

My personal notes for installing SCOM 2016 Update Rollup 2, Step-by-Step. UR2 (Update Rollup) has a lot improvements, please see below the many updates being provided in this UR. Two fixes I am seeing that makes me happy, is having the alerts view fixed… Previously alerts within the Alerts view would still appear even after the alert was closed. Also, the Get-SCOMGroup cmdlet consistently failed when there was a great number of groups within an environment.

It is highly recommended to upgrade your lab/Dev environments first before upgrading your Production environment(s). The step by step procedures below are the steps I took and in no way shape or form do I accept responsibility for any data loss, and/or issues within your environment. It is advised to always take a backup of your SQL databases and/or snapshots of your SCOM environment(s). Please take these notes as suggestions. Always refer to Microsoft’s KB (posted below) for full documentation steps.

8

Here are the key updates for UR2 (source Microsoft):

Issues that are fixed in Operations Manager Update Rollup 2

  • When you use the Unix Process Monitoring Template wizard (adding a new template) to monitor processes on UNIX servers, the monitored data is not inserted into the database because of the following failure (Event ID 10801)
  • When a management server is removed from the All Management Servers Resource Pool, the monitoring host process does not update the TypeSpaceCache.
  • When alerts are closed from the Alerts view after you run a Search, the closed Alerts still appear in the View when the Search is cleared.
  • When you press Ctrl+C to copy an alert in Operations Manager Alert view and then press Ctrl+V to paste it to Notepad, the Created time is in UTC time, not local time.
  • Groups disappear from Group view after they are added to a Distributed Application.
  • IM notifications from Operating Manager to Skype fail when an incorrect exception causes NullReferenceException in the SipNotificationTransport.Send method.
  • When the maintenance mode option for the dependency monitor is set to “Ignore,” and the group (consisting of the server to which this dependency monitor is targeted) is put in Maintenance mode, the state of the monitor changes to critical and does not ignore maintenance mode.
  • Because of a rare scenario of incorrect computation of configuration and overrides, some managed entities may go into an unmonitored state. This behavior is accompanied by 1215 events that are written to the Operations Manager log.
  • Recovery tasks on “Computer Not Reachable” Operations Manager Monitor generate failed logons on SCOM Agents that are not part of the same domain as the management groups.
  • The ManagementGroupCollectionAlertsCountRule workflow fails and generates a “Power Shell Script failed to run” alert.
  • Get-SCOMGroup cmdlet fails when thousands of groups are created in Operations Manager.
  • Organizational unit properties for computers that are running Windows are not discovered or populated. This discovery is part of the System Center Internal Library MP. After this update, organizational unit properties will be discovered for all computers that are running Windows.
  • When the Operations Manager Health Service agent starts, and the agent is configured for AD integration, if the agent cannot contact Active Directory at all, it immediately goes dormant and stops trying to connect and obtain the policy from Active Directory.

Issues that are fixed in the UNIX and Linux management packs

  • SHA1 is deprecated, and SHA256 certificates are now supported on the management server that’s used to sign the Unix/Linux OMI certificate.
  • OMI does not work on Linux servers configured for FIPS compliance.
  • Avg. Physical disk sec/transfer performance counters are not displayed for Hewlett Packard computers.
  • OMI displays incorrect Memory information on Solaris 10 computers.
  • Network adapter performance is not displayed for SLES 12 x64 platform in the Operations Manager Console.
  • Cannot discover file systems on HPUX 11.31 IA-64 computers with more than 128 disks. Previously it supported only 128 VGs. Now support is extended to 256 VGs.
  • Deep monitoring cannot be started successfully on some JBoss applications because the discovery of the JBoss application server sets the Disk Path for the JBoss server incorrectly. Deep monitoring was not being started in JBoss stand-alone mode when a nondefault configuration was used.

 

Install Procedure

Once you are ready to begin your upgrade, it is recommended you do the following server/roles in the order specified below:

  1. Install the update rollup package on the following server infrastructure in the order below:
  • Management server(s)
  • Agents; Nano Agents
  • Web console server role computers
  • Gateway(s)
  • Operations console role computers
  1. Apply SQL script(s).
  2. Manually import the management packs.
  3. Apply the nano agent update to manually installed agents, or push the installation from the Pending view in the Operations console.

Once you have downloaded the rollup files, I like to extract and only keep the language I need, in this case, ENU (English). You will need to install these with Administrative rights, I like to use PowerShell as Local Administrator. It really does frustrate me, as there is no indication that the rollup installed correctly, (other than looking at the file version number change via File Explorer; Build Number 7.2.11719.0 (RTM) –> 7.2.11822.0 (UR2)).

 

1

3

Personally, I prefer to execute the MSP files via PowerShell (RunAs Administrator) console.

Again, the order needs to be:

  1. Management server(s)
  2. Agents; Nano Agents
  3. Web console server role computers
  4. Gateway(s)
  5. Operations console role computers

Once the Update Rollups are installed, you will now need to apply the SQL script(s). In this UR, only the Operations Manager (OpsMgr) Database is affected.

The script(s) can be found here, “%SystemDrive%\Program Files\Microsoft System Center 2016\Operations Manager\Server\SQL Script for Update Rollups\

Please note, the user executing these scripts needs to have read and write permissions to the database(s).

4

5

Once you have successfully executed the SQL script, you will now need to import the updated Management Packs (MP). These MPs can be found here, “%SystemDrive%\Program Files\Microsoft System Center 2016\Operations Manager\Server\Management Packs for Update Rollups\“.

You will need to import the following MPs, please see below:

  • Microsoft.SystemCenter.Internal.mp
  • Microsoft.SystemCenter.2007.mp
  • Microsoft.SystemCenter.Advisor.Internal.mpb
  • Microsoft.SystemCenter.OperationsManager.Library.mp
  • Microsoft.SystemCenter.Image.Library.mp
  • Microsoft.SystemCenter.Visualization.Library.mpb
  • Microsoft.SystemCenter.Advisor.mpb
  • Microsoft.Windows.InternetInformationServices.CommonLibrary.mp
  • Microsoft.SystemCenter.AlertAttachment.mpb
  • Microsoft.SystemCenter.IntelliTraceProfiling.mpb
  • Microsoft.SystemCenter.SyntheticTransactions.Library.mp
  • Microsoft.SystemCenter.OperationsManager.AM.DR.2007.mp
  • Microsoft.SystemCenter.OperationsManager.SummaryDashboard.mp
  • Microsoft.SystemCenter.Advisor.Resources.(LANGUAGECODE_3LTR).mpb

6

Don’t forget, once the MPs have been imported, you should now go back to your Pending Management view, under the Administrations pane, and update all servers.

7

And that is that! You are now on the latest and greatest System Center Operations Manager release for SCOM 2016.