Category: Windows OS

How to upload Custom Images to Microsoft Azure using PowerShell

March 10, 2017March 11, 2017 · 2 Comments ·

In this post, I am going to show how to upload a custom image used in Windows Hyper-V (2016) to Azure cloud. I will be using a combination of the UI in Hyper-V and PowerShell in Azure Resource Manager. I will be working with Azure Resource Manager (ARM) and with Hyper-V 2016 with a custom image of Windows Server 2008 R2 SP1.

Okay, let’s get started.

Prepare On-Premises Virtual Machine Image

First, we need an image to work with. As mentioned, I am using a Windows Server 2008 R2 SP1 (yes, 2008 — needed it for a customer). The VM is Generation 1, which is not only a requirement for Windows 2008, but also a requirement for Azure, as it currently does not support Generation 2 VMs. See HERE to read more on preparing a Windows VHD.

Next, we need to install Hyper-V role on the VM. Since this is a nested VM, we will first need to enable nested-virtualization on the Hyper 2016 box. See a previous post on how to go about this HERE. Once that is complete, go ahead and install the Hyper-V role.

Next, we now need to SysPrep our VM. From an Administrative command prompt, navigate to %windir%\system32\sysprep and then execute the command “sysprep.exe”. Here, we will be using OOBE and enabling “Generalize”, also “Shutdown” the VM once SysPrep completes.

Once the VM is SysPrep’ed, we now need to compact the VHDx (remember Hyper-V 2016 here) and also will need to convert the VHDx to a VHD. This is due to the limitation of Azure at the moment, as it only supports Gen1 VMs and VHD’s.

Go into Hyper-V and within the VM properties, edit the Virtual hard disk. Then we will need to compact the virtual hard disk. Go ahead and do that..

Great, now we need to convert the VHDx to a VHD. Time for PowerShell!

Convert-VHD –Path “<source VHDX path>" –DestinationPath "<destination VHD path>" -VHDType Fixed -Verbose

Let this run (I let it go over night.. it was getting late =) )

Great, now we are ready to move on to Azure and more PowerShell.

Build Azure Container and Upload Image to Azure

First, we need to download and install the latest AzureRM bits module locally to the Hyper-V box (if you have done this.. jump down a few lines…)

Install-Module AzureRM -Force

Next, since there was a recent update to the AzureRm module, I now need to update the module path location.

$env:PSModulePath = $env:PSModulePath + "; C:\Program Files\WindowsPowerShell\Modules"

Next, we will need to import the AzureRm module.

Import-Module AzureRM -Force

Next, we’ll need to log-in into our Azure account, and specify the subscription to want to work with. In my case, there are multiple Azure subscriptions tied to my email.

Login-AzureRmAccount
Get-AzureRmSubscription
#select the subsciption you will be working with -- if you have one, you can skip this line
Select-AzureRmSubscription -SubscriptionId "<ID>"

Next, we will create a resource group and storage account, and bind the account the group.

New-AzureRmResourceGroup -Name "ResourceGroupName" -Location "Canada East"
New-AzureRmStorageAccount -ResourceGroupName "ResourceGroupName" -Name "StorageAccountName" -Location "Canada East" -SkuName "Standard_LRS" -Kind "Storage"

If you want to change the storage type, to let’s say Geo-redundant, here are the other types of storage:

Valid values for -SkuName are:

Standard_LRS – Locally redundant storage.
Standard_ZRS – Zone redundant storage.
Standard_GRS – Geo redundant storage.
Standard_RAGRS – Read access geo redundant storage.
Premium_LRS – Premium locally redundant storage.

Now, we need to create a Container and grab the URL needed to upload our image. I did this through the Azure Resource Manager (ARM) Portal since I couldn’t figure out the PowerShell cmdlet (Get-AzureStorageBlob) — if you can get this to work, please let me know!

You can get the URL from the Web UI when you go into the Storage Account >> Blobs >> Container (in my case, I called it “VHD”) >> Properties.

Now we are ready to upload our image/VHD to Azure! For me this took about 2 hours, uploading a 80GB file @ 9-10MBs.

$rgName = "ResourceGroupName"
$AzureVHDURL = "URL"
$LocalVHDPath = "LocalPathtoVHD"
Add-AzureRmVhd -ResourceGroupName $rgName -Destination $AzureVHDURL -LocalFilePath $LocalVHDPath

Great, now we just need to register the VHD disk to the Gallery, and we can begin creating machines based off our image that is now in the cloud! — Another post! 🙂

Using OMS for Patch Deployment (Update Management)

February 2, 2017February 2, 2017 · 12 Comments ·

Not too long ago, the OMS team introduced the Update Management solution. This solution has definitely made the patch management process a lot easier, however at the same time, has raised some questions, such as:

What’s the future of SCCM (Configuration Manager) with OMS now deploying patches?
Can this be used concurrently/dual-homed with SCCM for on-premises environments?
Is OMS essentially System Center in the cloud?
Is OMS the future?

For the most part, SCCM will still be required for on-premises environments. When it comes to application deployments, computer/server images, granularity with patch/hotfix selection, etc. Microsoft has explicitly stated SCCM configured machines cannot be tagged to OMS with respect to patching, so at the current time, OMS and SCCM cannot/will not work together, whereas OMS and SCOM work hand-in-hand (for now?).

It also seems OMS is slowly becoming System Center in the cloud. It has absorbed the monitoring capabilities from SCOM, and now the patch management process from WSUS and SCCM.

So, is OMS the future, in my opinion, no, it is not the future, it is very much the present! I think OMS/Azure will soon welcome the demise of System Center.

Getting started with OMS Update Management is very easy. For starters, you will need the following:

OMS Workspace
Update Management Solution added to OMS
Automation account (create in Azure first)
Machines to manage

Once we have taken care of these steps, the rest is pretty easy.

Clicking on the Update Management title, here is an overview.

Update Management Overview

As we can see, I have a few machines that need some updates. I haven’t introduce a Linux machine to OMS yet (had to create a new workspace recently… Maybe I will get to that in another blog post, until then..)

If we move over to the right, and click on Manage Update Deployments, we can then see our current configuration and schedules, and create new ones.

Create an Update Deployment

Creating a deployment schedule is very, very easy!

Name your deployment, and select some computers to manage in this group.

Notice the big red box, we cannot couple machines with OMS Update and System Center Configuration Manager!

Next, create a schedule, for example deploy patches on the Last Sunday of the month, and run the schedule for 5 hours (300 minutes). If a machine is unable to complete the patching cycle within the 300 minutes, it will resume with patches at the next scheduled deployment.

We can also choose to run this schedule 1-time, or reoccur weekly. Once happy with the schedule and computers, hit Save.

Once saved, we can now see our Scheduled Update Deployment.

Post Update Deployment

Once the Update Deployment has executed, let’s take a quick look at the updates that were applied.

If go back to OMS and select the results, we can see what patches were applied, what failed, etc.

We can also expand further, by seeing the KB for the patch, and the exact patch that was applied, or failed, or missed, etc.

If we go back to the Update Deployments, we can see our deployment ran as planned, and patched the 4 servers in the group (one of the five machines was offline).

Now we should have a better/happier Update Management Overview:

Here’s the title from OMS (All Solutions) view:

So how exactly did this all happen?

How the Update Management Solution Work?

The short answer is, “I don’t know.” 🙂

I say this because the solution clearly adds two Runbooks to the solution, and both of these Runbooks are not accessible and not even visible. If you dig a bit into the Job details, then we can see some information. But overall, the guts of this solution is pretty well hidden.

Go into your Azure portal (ARM — Azure Resource Manager) and find Automation Account you created for this solution to work. I called mine, “OMSUpdateMgmt“.

As you can see, there are 0 (Zero) Runbooks… and we now have 7 Hybrid Worker Groups.

If we click on the Jobs title, we can see 4 jobs completed (I had 5 schedules/deployments. I cancelled 1).

If we click on this title, we can get some more information:

Ah ha!! There are the Runbooks, “Patch-MicrosoftOMSComputer” and “Patch-MicrosoftOMSComputers“. If we select one of the jobs, we can get some more detail.

We can now see the Runbook executed against my SQL server.

If we click on Input, we can see the Runbook, “Patch-MicrosoftOMSComputer” has 6 Input parameters:

WORKSPACEID
DURATION
SCHEDULENAME
MACHINEID
STARTTIMEUTC
MASTERJOBID

If we go back to the OMSUpdateMgmt Automation Account overview, and select Hybrid Worker Groups, we can get some more insight. 😉

Nice, the Automation Account found all the machines in my workspace, and made them each a worker.

FINAL THOUGHTS

Pros:

Very easy to create collections/groups (similar approach to SCCM/WSUS)
Simple setup for multiple patch cycles
Able to patch Nano machines as well
Can leverage OMS Alerting for missed patches
Complexity of the implementation could not be easier
Works for both Windows Server and Client OS

Cons:

Cannot approve/decline specific patches/fixes like in SCCM/WSUS
Cannot use SCCM in parallel
Computers must be Windows Server 2012 or higher
No roll-back of patches
No inventory of patches/hotfixes/drivers to be deployed

The Update Management solution for OMS is great! It makes the entire process a lot easier and cleaner (IMO), especially since I am not a SCCM expert. You can setup collections just like we could in WSUS and SCCM. However there are some negative takeaways (see above). Of course like most OMS solutions, updates are pushed out regularly, so I am sure the Update Management solution will get some tweaks here and there as time goes on.

For more information on the OMS Update Management Solution, please visit the following: https://docs.microsoft.com/en-us/azure/operations-management-suite/oms-solution-update-management

Issues with Azure Active Directory and Login-AzureRmAccount

January 16, 2017January 20, 2017 · Leave a comment ·

If you’re like me, you have probably banged your head against the wall a few times with the Login-AzureRmAccount cmdlet… I reached out to the Azure Development team and not only is this a known issue, but there is currently no solution at the time…. Hmm.

Here is a bit of the background story, followed with the problem and solution to the issue.

Background:

Using PowerShell to script an auto-login to Azure, and start (and shutdown) Virtual Machines (yes, OMS Automation could help/solve this, but in this scenario my customer is currently not on-board with OMS). At any rate, the script is designed to capture some data on a on-premises server, if the threshold breaks, then begin starting resources in Azure, likewise, if the threshold falls back then shutdown those same resources in Azure.

Problem:

Running the following code, I keep getting the a null entry for SubscriptionId and SubscriptionName. Even though the user I have created is a co-administrator and has access to all the resources necessary. Assuming the login did work and the data isn’t needed…when try to start my Azure VM I get an Azure subscription error. So, let me check the subscription details. Well, there we go, I get the following response, “WARNING: Unable to acquire token for tenant ‘Common’” ….. So what gives?

I check and confirm the test-user is in-fact an administrator in ARM (Azure Resource Manager):

Solution:

Turns out, the user account created, not only needs to be created and added to the resources with Azure Resource Manager (ARM), but also needs to be assigned as an Administrator within Azure Classic Portal.

Once the test-user was added within the Classic Portal Administrators and set as Co-administrator, I could then get SubscriptionId and SubscriptionName info populate, and Get-AzureRmSubscription with proper details. Yay! (Still get that tenant ‘Common’ warning however…)

Now I can go ahead with my script!

I hope this helps you as much as it helped me.

System Center Operations Manager (SCOM) 2016 – Requirements for Windows Server 2016 via PowerShell

December 27, 2016October 13, 2017 · 2 Comments ·

The following PowerShell code is to install all the necessary IIS components for System Center Operations Manager (SCOM) 2016 Web Console on Windows Server 2016.

Import-Module ServerManager
Add-WindowsFeature Web-Server, Web-WebServer, Web-Common-Http, Web-Default-Doc, Web-Dir-Browsing, Web-Http-Errors, Web-Static-Content, Web-Health, Web-Http-Logging, Web-Log-Libraries, Web-Request-Monitor, Web-Performance, Web-Stat-Compression, Web-Security, Web-Filtering, Web-Windows-Auth, Web-App-Dev, Web-Net-Ext45, Web-Asp-Net45, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Mgmt-Tools, Web-Mgmt-Console, Web-Mgmt-Compat, Web-Metabase, NET-Framework-45-Features, NET-Framework-45-Core, NET-Framework-45-ASPNET, NET-WCF-Services45, NET-WCF-HTTP-Activation45, NET-WCF-TCP-PortSharing45, WAS, WAS-Process-Model, WAS-Config-APIs, web-asp-net -restart

You can also find this in Microsoft’s TechNet Gallery, HERE.

Step-by-Step: Setup and Configure Azure Site Recovery (ASR) with Windows Server 2016 Hyper-V using ARM

December 6, 2016 · 1 Comment ·

Not too long ago, Microsoft announced the support of Windows 2016 and Azure Site Recovery (ASR). Microsoft’s announcement can be found HERE.

With that said, I decided to setup ASR with my Hyper-V 2016 environment. Rather than the typical blog posts (screenshots etc.,) I decided to create a step-by-step video that demonstrates how to setup ASR with Windows Server 2016 and Hyper-V. That video can be found HERE at Channel 9.

In addition this post is a series of blog posts for Azure Site Recovery (ASR).

ASR for Hyper-V 2012R2 On-Premises
ASR for VMs being hosted within Azure
ASR for VMs being hosted On-Premises
ASR for an ESXi hosted On-Premises, coming soon…

Monitoring Windows Server 2016 Nano Server with SCOM 2016

November 30, 2016December 1, 2016 · 2 Comments ·

The following post is intended to demonstrate how to monitor your Windows Server 2016 — Nano Server, via System Center Operations Manager (SCOM) 2016.

Also, a quick note, the SCOM team released the Windows Server 2016 Operating System Management Pack today, see HERE for the download/MP. One of the many updates to this MP (version 10.0.8.0) is the added compatibility of the Nano agent! So without further ado, let’s try installing the SCOM 2016 agent on a Nano server!

To begin, I have an out-of-the-box Windows 2016 (No UI) VM. I gave it 1GB of memory, and 2 vCPU’s.

Once the VM is online, first things first, we need to add this machine to our domain, unless you want to go the DMZ/Certificates route…. For simplicity, I am adding the Nano server to my domain, same domain as the SCOM Management Server(s) — The Nano Server and SCOM Management Server MUST be on the same domain. Same network space, etc. etc.

Assuming the above is completed, let’s begin with assigning a static IP address to the server. However, before we do this, we need to get the name of the Network Adapter(s).

Network Adapter Information

Get-NetAdapter
Get-NetIPConfiguration

These cmdlets will give us the network adapter name and current settings. As you can see below, the domain controller/DHCP has already given our server a dynamic IP (10.10.10.50). We want to change this….

Assign Static IP

New-NetIPAddress -InterfaceIndex 2 -IPAddress 10.10.10.37 -PrefixLength 24 -DefaultGateway 10.10.10.1

By default, the -PrefixLength 24, will assign the subnet mask of 255.255.255.0.

Next, since this is Active Directory, we want to assign the DNS Server(s) to our Network Adapter.

Assign DNS Server(s)

Set-DnsClientServerAddress -InterfaceIndex 2 -ServerAddresses 10.10.10.30, 10.10.10.31

If you only have one DNS/DC server, then remove the second entry.

Now that we have communication with the domain controllers, now we can add our machine to the domain.

First, let’s change the server name from its random default, to something we like. I am going to go with “NANO01“.

Change Server Name

Rename-Computer -NewName "NANO01" -Restart

Next, we can now add the server to the domain.

Add Server to Domain

Add-Computer -DomainName "RaviLocal.com" -Restart

To quickly verify our server has been added to AD, we can take a looking at the AD Users and Computers UI:

Great, there it is! Now we can go ahead and deploy our Microsoft Monitoring Agent (MMA)/SCOM Agent.

Deploy SCOM 2016 Agent

Since I am taking the lazy approach, I will be deploying the agent via SCOM console. If you want to make use of PowerShell, see Microsoft’s TechNet article HERE.

Great, MMA deployed as expected! Quickly verify it is now communicating with SCOM:

All good!

Happy SCOM’ing 2016!

Step-by-Step: Setup and Configure Azure Site Recovery (ASR) for On-Premises Hyper-V Host with Azure Resource Manager (ARM)

November 14, 2016August 27, 2018 · 6 Comments ·

This post is a series of blog posts for Azure Site Recovery (ASR).

Here is a step by step walk-through on how to go about setting up and configuring ASR (Azure Site Recovery) and backing up your On-Premises Virtual Machines (VMs) with Azure Resource Manager (ARM).

First things, first, Azure’s Recovery Service Vault is a unified vault/resource that allows you to manage your backup and data disaster recovery needs within Azure. For example, if you are hosting your VMs on-premises you can create a link between your on-prem site and Azure to allow your VMs to be backed-up into Azure. This is regardless of your hypervisor, it can be either ESX or Hyper-V, either will work. However for the interest of this blog post, I will be setting up ASR for a Hyper-V 2012R2 host.

Configuring Azure

Step 1: Create a Recovery Services Vault

Within Azure Resource Manager (ARM), if we select New, within the Marketplace, select Monitoring + management, then select Backup and Site Recovery (OMS) within the featured apps. Of course if this is no longer present, just search for it within the marketplace.

Next we will now need to create our vault.

Give it a meaningful name, and you can either create a new Resource Group, or use an existing. I opted with existing, as I will (another post) next setup a Site-to-Site ASR.

Give this a few seconds, maybe minutes to do its thing…

Great, now our Vault is up and ready to go!

Step 2: Choose your Protection Goal(s)

Click Settings > Site Recovery (Under Getting Stated) > Step 1: Prepare Infrastructure > Protection Goal > And specify the following > Click OK:

Replicating to: Azure
Machines Virtualized: Yes, with Hyper-V
Using SCVMM (Virtual Machine Manager): No

Step 3: Setup the Source Environment

Next, we will now need to Prepare our source give our Hyper-V site a name, “Ravi-OnPrem” makes sense here, but give it something meaningful.

Now we need to download the ASR Provider Installer, along with the Vault Registration Key.

Step 4: Install and Configure the ASR Provider on Hyper-V Host

This Hyper-V host is not behind any Proxy…

If we go back to Azure, we can now see our Hyper-V host populated.

Step 5: Create a Replication Policy

Within our Vault properties > Settings > Manage: Site Recovery Infrastructure > For Hyper-V Sites: Replication Policies > +Replication Policies

Step 6: Associate Hyper-V Site(s)

Next we will need to Associate our Hyper-V site:

Great! Now we can continue on with Step 3 (Target Environment) of Step 1 (Preparing Infrastructure).

Step 7: Create a Storage Account + Virtual Network

Within the Replication, we have a few options here. I left mine as default (GRS) Geo-Redundant.

Next, we need to create a Target Virtual Network:

Now we can go ahead and setup the replication settings:

Step 8: Setup Replication Settings

Since we create the Replication Policy beforehand, this auto-filled. Next we need to do some Capacity Planning. Since this is simply a walk-through example, I elected to skip this, but for a real-production environment, I would highly recommend doing this.

Here is a link to Microsoft’s Capacity Planner for Hyper-V Replica.

Hit OK, and now we are ready to to move on to Step 2 (Replication Application)

This all should have populated since we created our Storage account and Virtual Network just earlier… If not, add them.

Now Azure should have connected with our Hyper-V host, we can now see our VMs within our Hyper-V host. Here we now need to select which machines we will want to include within ASR. For simplicity and variety, I am going to select a domain controller and a Linux machine.

Now we need to configure the VMs properties:

Once we are good, we can go ahead and apply the Replication Policy to our VMs.

Once satisfied, go ahead and hit “Enable Replication“.

Lastly, Step 3, we now need to complete creating our Recovery Plan:

Step 9: Create Recovery Plan

Great! All done? Before we say all done, let’s go back to our Hyper-V host, and configure the Network/Throttling bandwidth.

Step 10: Network/Throttle Bandwidth

My Hyper-V host is not equipped with a GUI as I am using Windows 2012R2 Minimal Server, so navigate here to launch the Microsoft Azure Backup Agent, “C:\Program Files\Microsoft Azure Recovery Services Agent\bin\“. Launch, “wabadmin“.

In the Actions pane, select “Change Properties” >> Select the Throttling tab.

Change these settings as to your needs. I wanted to increase my non-work hours to 4MB, but looks like 1MB is the max.

Great! Since we already hit, enable replication, this process should have already started… Let’s go back to Azure:

If we take a look at the Vault > Settings > Protected Items > Replicated Items

Once these VMs are 100% Synchronized, the next steps will be to simulate a fail over, both Test and Planned.

Step-by-Step: Setup and Configure Azure Site Recovery (ASR) for On-Premises Virtual Machine with Azure Resource Manager (ARM)

November 7, 2016November 1, 2016 · 3 Comments ·

This post is a series of blog posts for Azure Site Recovery (ASR).

ASR for VMs being hosted within Azure
ASR for a Hyper-V hosted On-Premises, coming soon…
ASR for an ESXi hosted On-Premises, coming soon…

Configuring Azure

Step 1: Create a Recovery Services Vault

Next we will now need to create our vault.

Give it a meaningful name, and you can either create a new Resource Group, or use an existing. I opted with existing, as I will (another post) next setup a Site-to-Site ASR.

Give this a few seconds, maybe minutes to do its thing…

Great, now our Vault is up and ready to go!

Step 2: Choose your Protection Goal(s)

Click Settings > Site Recovery (Under Getting Stated) > Step 1: Prepare Infrastructure > Protection Goal > And specify the following > Click OK:

Replicating to: Azure
Machines Virtualized: Yes, with Hyper-V
Using SCVMM (Virtual Machine Manager): No

Step 3: Setup the Source Environment

Next, we will now need to give our Hyper-V site a name, “Ravi-OnPrem” makes sense here, but give it something meaningful.

Once validated, we can now go ahead with the Azure Backup Agent. Download the Azure Backup Agent, and also, download the Backup Credentials.

Download the Agent and Credentials to the server you will be backing up. In my example, I will be backing up a Windows Server 2016 (RTM).

Step 4: Microsoft Azure Recovery Site (MARS) Agent Install

The Microsoft Azure Recovery Site (MARS) Agent is a pretty simple install, but here is what I experienced when installing:

Since my environment is pretty open, ie. No Proxy, no changes required here.

Your call here..

All good with the MARS prerequisites… Hit Install!

All good, time to register our server to our Recovery Services Vault.

Step 5: Register Server to Azure Recovery Services Vault

Here is where we will need that VaultCrentials file.. I hope you downloaded it as mentioned earlier… As you can see, back in the first few steps, when we created our Vault, the settings are now automatically inputted.

Here, I decided to let the wizard generate the Passphrase. I then saved the key locally to the server.

Perfect! Now we can go ahead and with the Azure Back: Site Recovery/Backup Schedule, etc.

Step 6: Configuring Microsoft Azure Backup

Going back to our On-Prem server, which by the way is a Windows 2016 OS, let’s launch Microsoft Azure Backup…

Click on Schedule Backup within the (Right) Actions Pane:

Since this is a basic server, I only allocated 1 drive for this example, once we hit Backup, I am presented with the available drives.

Now we can begin defining our Backup Schedule

Step 7: Specify Backup Schedule

For this example, I want to back up the following server with the following properties:

Backup once a week @ 4AM, every Monday

Retention Policy will be as follows, see below:

Once you are satisfied with the policy, go ahead and hit next. Since we want to back up to Azure, and not an offline backup, we will backup over the network.

Have a look over before we do the initial backup.

Step 7: Initiate Backup Now

Going back to the main console, within the right pane, within Actions, let’s initiate our Back Up Now.

If we now double click within the job, we can see the Backup has begun….

Step 8: Validate Backup

If we go back to Azure, and take a look at our Vault properties, we can see there is a Backup in progress.

If we drill down within the Backup, we can see our server being backed-up.

After a few minutes, we can go back to the server, and track its progress:

And likewise, if we go within to the Azure Resource Manager, and within the Vault Backup jobs, and take a look at the details, we can see data is being updated to Azure.

Perfect!

Step-by-Step – Upgrading to SCOM 2016 from SCOM 2012 R2

November 1, 2016October 26, 2016 · 28 Comments ·

So you’ve decided to take the jump and upgrade to System Center Operations Manager 2016? Assuming you are running a SCOM 2012R2 (UR11) environment, this post will be exactly what you need to have a successful SCOM 2012 R2 to SCOM 2016 upgrade. **Although the recommended path is to upgrade from UR9**

In my environment, here is the quick breakdown:

SCOM 2012 R2 environment has two Management Servers.
- Handful of clients (Windows 2012R2) being monitored.
Both Management Servers live on a Windows 2012 R2 operating system.
- Both Management Servers are running with UR 11 (Update Rollup) **Microsoft recommends upgrading the environment at latest version number minus one (latest – 1), so in this case, UR9 (UR10 was never issued for SCOM 2012R2)**.
The SQL environment is a SQL Server 2014 SP2 also running on Windows 2012 R2.
- The Operations and Data Warehouse live on dedicated SQL instances, however reside on the same server.

Pre-Upgrade Tasks

Let’s get started!

First, we need to do some “Pre-Upgrade” Tasks. Follow these in order.

Back up the Operations Manager Databases
Review the Operations Manager Event Logs
Cleanup the Database (ETL Table)
Remove Agents from Pending Management
Disable the Notification Subscriptions
Stop the Services or Disable any Connectors
Verify that the Operational Database Has More Than 50 Percent Free Space
Back up the Operations Manager Databases

To Cleanup the ETL Tables, you will need to run the following script:

The following script will determine the number of rows that will (need) be deleted:

DECLARE @SubscriptionWatermark bigint = 0;

SELECT @SubscriptionWatermark = dbo.fn_GetEntityChangeLogGroomingWatermark();

Select COUNT (*)
FROM EntityTransactionLog ETL with(nolock)
WHERE NOT EXISTS (SELECT 1 FROM EntityChangeLog ECL with(nolock) WHERE ECL.EntityTransactionLogId = ETL.EntityTransactionLogId)
AND NOT EXISTS (SELECT 1 FROM RelatedEntityChangeLog RECL with(nolock) WHERE RECL.EntityTransactionLogId = ETL.EntityTransactionLogId)
AND EntityTransactionLogId < @SubscriptionWatermark;

Now we can go ahead and clean up the ETL table running the script below:

DECLARE @RowCount int = 1;
DECLARE @BatchSize int = 100000;
DECLARE @SubscriptionWatermark bigint = 0;
DECLARE @LastErr int;

SELECT @SubscriptionWatermark = dbo.fn_GetEntityChangeLogGroomingWatermark();
WHILE(@RowCount > 0)
BEGIN
DELETE TOP (@BatchSize) ETL
FROM EntityTransactionLog ETL
WHERE NOT EXISTS (SELECT 1 FROM EntityChangeLog ECL WHERE ECL.EntityTransactionLogId = ETL.EntityTransactionLogId)
AND NOT EXISTS (SELECT 1 FROM RelatedEntityChangeLog RECL WHERE RECL.EntityTransactionLogId = ETL.EntityTransactionLogId)
AND ETL.EntityTransactionLogId < @SubscriptionWatermark;

SELECT @LastErr = @@ERROR, @RowCount = @@ROWCOUNT;

END

Great! Let this run, which may take a few minutes, or hours depending on your environment..

Now we are ready to get started with the upgrade. (Don’t get to backup your databases (Report Server, Operations, Data Warehouse!!)

Upgrading to SCOM 2016

After you have downloaded the RTM image file, as you may have noticed, it is not an ISO file. So let’s extract the file contents locally…

Before moving on with the install, I stopped the following SCOM services on all of the Management Servers:

Microsoft Monitoring Agent (healthservice)
System Center Data Access Service (OMSDK)
System Center Management Configuration (cshost)

Now we can run the installer (Run As Administrator or, SCOM Data Access/SDK account)

Sweet! Although this was expected, since no new changes were required for Windows Server 2012 R2.

I cannot stress how useful it is to use dedicated service accounts. Here input your Data Access/SDK account.

Once quick review before we begin the Upgrade..

Let this run… For me, the upgrade took around 50 minutes for the first Management Server..

Sweet! All good. Remember to install the license key before the 120 days are up.

Let’s launch the console just to make sure we are in all working order.

Great! Now we will need to repeat the process for the second/other Management servers…

Once complete, let’s upgrade our client agents to SCOM 2016 (v 8.0.10918.0)

At this time we can make use of the SCOM 2016 features, and update our out-dated Management Packs. Remember this feature really only works for Microsoft based Management Packs, ie. SQL, Windows Server, Client OS, etc.

I hope this helped! For additional information, and or upgrading other items such as Gateways, ACS (Audit Collection Services), etc. Please visit Microsoft’s guides HERE.

Lastly, it is highly recommended to upgrade to SCOM 2016 Update Rollup 1 (UR1). For that guide, please visit this LINK.

Happy SCOM’ing 2016!

(more…)

System Center Operations Manager (SCOM) Console crash after October 2016 Security Updates

October 19, 2016 · Leave a comment ·

If your System Center Operations Manager (SCOM) 2012R/2016 console has been crashing since updating with the October 2016 Windows Server security updates (MS16-118 and MS16-126), Microsoft has just pushed out the hotfix for this crash.

Please visit the following LINK.

(more…)