Tag: PowerShell

Monitoring Windows Server 2016 Nano Server with SCOM 2016

The following post is intended to demonstrate how to monitor your Windows Server 2016 — Nano Server, via System Center Operations Manager (SCOM) 2016.

Also, a quick note, the SCOM team released the Windows Server 2016 Operating System Management Pack today, see HERE for the download/MP. One of the many updates to this MP (version 10.0.8.0) is the added compatibility of the Nano agent! So without further ado, let’s try installing the SCOM 2016 agent on a Nano server!

mp

To begin, I have an out-of-the-box Windows 2016 (No UI) VM. I gave it 1GB of memory, and 2 vCPU’s.

7

Once the VM is online, first things first, we need to add this machine to our domain, unless you want to go the DMZ/Certificates route…. For simplicity, I am adding the Nano server to my domain, same domain as the SCOM Management Server(s) — The Nano Server and SCOM Management Server MUST be on the same domain. Same network space, etc. etc.

Assuming the above is completed, let’s begin with assigning a static IP address to the server. However, before we do this, we need to get the name of the Network Adapter(s).

Network Adapter Information

Get-NetAdapter
Get-NetIPConfiguration

These cmdlets will give us the network adapter name and current settings. As you can see below, the domain controller/DHCP has already given our server a dynamic IP (10.10.10.50). We want to change this….

1

Assign Static IP

New-NetIPAddress -InterfaceIndex 2 -IPAddress 10.10.10.37 -PrefixLength 24 -DefaultGateway 10.10.10.1

2

By default, the -PrefixLength 24, will assign the subnet mask of 255.255.255.0.

Next, since this is Active Directory, we want to assign the DNS Server(s) to our Network Adapter.

Assign DNS Server(s)

Set-DnsClientServerAddress -InterfaceIndex 2 -ServerAddresses 10.10.10.30, 10.10.10.31

3

If you only have one DNS/DC server, then remove the second entry.

Now that we have communication with the domain controllers, now we can add our machine to the domain.

First, let’s change the server name from its random default, to something we like. I am going to go with “NANO01“.

Change Server Name

Rename-Computer -NewName "NANO01" -Restart

4

Next, we can now add the server to the domain.

Add Server to Domain

Add-Computer -DomainName "RaviLocal.com" -Restart

5

To quickly verify our server has been added to AD, we can take a looking at the AD Users and Computers UI:

5b

Great, there it is! Now we can go ahead and deploy our Microsoft Monitoring Agent (MMA)/SCOM Agent.

Deploy SCOM 2016 Agent

Since I am taking the lazy approach, I will be deploying the agent via SCOM console. If you want to make use of PowerShell, see Microsoft’s TechNet article HERE.

6

 

Great, MMA deployed as expected! Quickly verify it is now communicating with SCOM:

8

All good!

 

Happy SCOM’ing 2016!

Step-by-Step – Installing System Center Operations Manager (SCOM) 2016 on Windows Server 2016 with SQL 2016

This post I will be installing System Center Operations Manager 2016 (SCOM) RTM, Build Number 7.2.11719.0.

Here is some of the background information. As this post will concentrate on the installation of SCOM 2016, I am going to omit the setup and configuration of the Domain Controller, Windows Server 2016 for both SCOM Management Server and SQL Server (Please note, I am using SQL Server 2016, both servers on Windows 2016).

If you need help setting up SQL 2016 for SCOM 2016, please visit HERE.

Environment:  Virtual; ESX 6.0 Hypervisor

SCOM Management Server:

  • Windows Server 2016
  • 4 vCPU (2.00GHz)
  • 12 GB memory
  • 100GB Diskspace
  • 1GB vNIC

SQL Server:

  • Windows Server 2016
  • SQL Server 2016
  • 4 vCPU (2.00GHz)
  • 24 GB memory
  • 300GB Diskspace
  • 1GB vNIC

Service Accounts and Local Administrator:

Domain\Account Description Local Admin on…
domain\SCOM_AA SCOM Action Account SCOM & SQL
domain\SCOM_DA SCOM Data Access/SDK Account SCOM & SQL
domain\SCOM_SQL_READ SCOM SQL Reader SQL
domain\SCOM_SQL_WRITE SCOM SQL Writer SQL
domain\SCOM_Admins SCOM Administrators Group SCOM
domain\SQL_SA SQL Service Account SQL
domain\SQL_SSRS SQL Service Reporting Services Account SCOM

 

Now, if you’re lazy like me, or are tired of doing this setup for environments, I have scripted the automation of these accounts. You can find that link here, Microsoft TechNet Gallery.


Let’s Begin:

2

3

For completeness, let’s install all the features of SCOM 2016. (I am hosting a default SQL 2016 instance on the SCOM Management Server for SSRS)

4

5

Well, that’s not new… Errors. Since this is a clean, vanilla Windows 2016 server, we will need to install all the necessary Web Console components, along with Report Viewer Controls (probably SQL CLR Types too..).

  • For the Report Viewer Prerequisites, go HERE.

Note, oddly I was unable to install with CLR SQL 2016, Reports Viewer still complained and required CLR SQL 2014.

  • Here is the PowerShell command I ran to install the necessary IIS features/roles:
Import-Module ServerManager
Add-WindowsFeature Web-Server, Web-WebServer, Web-Common-Http, Web-Default-Doc, Web-Dir-Browsing, Web-Http-Errors, Web-Static-Content, Web-Health, Web-Http-Logging, Web-Log-Libraries, Web-Request-Monitor, Web-Performance, Web-Stat-Compression, Web-Security, Web-Filtering, Web-Windows-Auth, Web-App-Dev, Web-Net-Ext45, Web-Asp-Net45, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Mgmt-Tools, Web-Mgmt-Console, Web-Mgmt-Compat, Web-Metabase, NET-Framework-45-Features, NET-Framework-45-Core, NET-Framework-45-ASPNET, NET-WCF-Services45, NET-WCF-HTTP-Activation45, NET-WCF-TCP-PortSharing45, WAS, WAS-Process-Model, WAS-Config-APIs -restart

 

Once the server is back online, you will need to register ASP.Net.

6

You will need to apply the following using Command Prompt (as Administrator)).

  1. cd %WINDIR%\Microsoft.NET\Framework64\v4.0.30319\
  2. aspnet_regiis.exe -r
  3. IISRESET
  4. Reboot your server…

Once the server is back online, let’s try that Prerequisites check again….

7

Great! Now all of Prerequisites have been met!

8

Provide a meaningful Management Group Name (there’s no going back after this…)

9

SQL Server will be where your SCOM SQL instance(s) were installed. For me, I have built two instances on my SQL2016 server (SCOM_OPSMGR & SCOM_DW).

10

11

12

13

14

15

16

17

I recommend always keeping this off, and manually updating your SCOM infrastructure.

18

One quick review. Looks good. Hit Install, and get some fresh air!

19

A few minutes later….

20

Sweet! All good. I hope this helps. If you have any questions or issues, please drop me a line.

Please note, it is STRONGLY ADVISED to install the Update Rollup 1 once you have deployed SCOM 2016. For that walk-through, please visit the following post, HERE.

Happy 2016 SCOM’ing!

(more…)

What’s new with Hyper-V 2016? (PowerShell Direct)

In Windows Server 2016, Hyper-V 2016, Microsoft has created PowerShell Direct. PowerShell Direct allows us Hyper-V administrators to communicate with a VM from the Hyper-V host regardless of the network configuration, firewall settings, security policies,  and/or remote management settings. Provided the VM meets the basic criteria (see below), we can communicate with the VM with simple PowerShell! (Sweet)

*Yes, you could always log in to the VM as well…….<lame>*

PowerShell Direct Requirements:

In order to make use of PowerShell Direct, the following conditions need to be met:

  1. Hypervisor must be either Windows 10, or Windows Server 2016
  2. Virtual Machine must be either Windows 10, or Windows Server 2016
  3. Must have valid user credentials for the VM
  4. The VM must reside on the same Hypervisor
  5. The admin logged into the Hypervisor must be a Hyper-V administrator

Example:

In my example, my Hypervisor is Windows 10, and my guest VM is also a Windows 10 machine. (Sorry too lazy to get my server up =) )

Here are some cmdlets you will need to know:

  • Get-VM will provide a list of all the VMs on your Hyper-V host
    • Get-VM
  • This will establish the connection between you (the host) and the guest VM:
    • Enter-PSSession -VMName <VMName>
  • If you want to run a block of code, rather than single line:
    • Invoke-Command -VMName <VMName> -ScriptBlock { commands }

PowerShell

I got that error as I shutdown the VM too quickly…

As you can see, there was no Network Adapter on my VM. Also in the screenshot above, no information was provided when I queried an IPCONFIG.

VM vNIC Settings

Also, I was able to shutdown the VM from my host. 🙂

shutdown VM shutdown VM(2)

 

I hope you’re excited as I am! Cheers!

For more information on Hyper-V 2016 and/or PowerShell Direct, see HERE.

Load Balancing SCOM Agents

So you have multiple SCOM Management Servers, yet you just happen to have all of your SCOM agents reporting to one server, or maybe two if you half tried to load balance your agents. There are several reasons why you would want to have multiple Management Servers, ie. off-load workflows, reduce stress on servers, etc., etc. Well what is the point of having multiple Management Servers yet nearly all of your agents are reporting to one, or maybe two at best Management Servers, while the others are collecting dust. Load balance those agents! You could manually move an agent by right clicking and moving to a new server, or you could let our friend PowerShell automate this for you.

In my experience I have seen many SCOM environments where load balancing is either done manually, or not done at all. And usually manually implies the SCOM administrator takes a look which of the servers has the least agents, and deploys away. That works, but why not deploy to any server then let PowerShell load balance for you.

In the solution below, I am using PowerShell along with Orchestrator 2012R2. The runbook can be setup to run ad-hoc, or run regularly, ie. monthly, weekly, etc. Of course if you do not Orchestrator deployed in your environment, you could very well take the script and schedule it to run via Windows Scheduled tasks.

ce63742c-85d7-402e-b114-c3979b7ce32b

Here I have created a Runbook to execute the script, and then send back a warning notification if the Runbook failed, or an informational notification that the Runbook executed successfully.

See below for the PowerShell script. Please note, you will need to change the Line 5 with a SCOM Management server applicable to your environment, duh. This script can also be modified, and you can load balance between two gateway servers.

The script can be found HERE!

Happy SCOM’ing!

SCOM 2012R2 IIS Prerequisites

If you’re like me, a System Center Operations Manager consultant, then I am sure you have already ‘googled’ this a few times by now. I constantly find myself looking this up, so I figured I would write my very own blog post on this.

It should be noted, the following code below was found on various sites, and I have now pieced it together to suite my own needs.

For starters, when installing SCOM 2012R2 and its Web Console, you are required to meet certain IIS prerequisites. You can either do Option 1, the manual way, or Option 2, the PowerShell way.

If you go with Option 1, you will need to install the following IIS features:

  • Static Content
  • Default Document
  • Directory Browsing
  • HTTP Errors
  • HTTP Logging
  • Request Monitor
  • Request Filtering
  • Static Content Compression
  • Web Server (IIS) Support
  • IIS 6 Metabase Compatibility
  • ASP.NET
  • Windows Authentication

Or, Option 2, you can use PowerShell to automate this for you…. (Note, you will need to launch PowerShell console as an Administrator)

Import-Module ServerManager
Add-WindowsFeature NET-Framework-Core,AS-HTTP-Activation,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-Http-Logging,Web-Request-Monitor,Web-Filtering,Web-Stat-Compression,AS-Web-Support,Web-Metabase,Web-Asp-Net,Web-Windows-Auth –restart

scom preq PS capture RT

Automating Start and Stop Times for Azure VMs

So you have set up an Azure lab, but you are now starting to see your billing costs are higher than you anticipated, or maybe you are getting tired of logging in to the Azure portal, every morning and every evening to start and shutdown your lab/Virtual Machine(s). Unfortunately there is no UI in the Azure portal that allows you to input a start and stop time for your Virtual Machines to be powered on and/or off, however there are some clever workarounds! Below are the steps I have taken to automate this problem.

Of course you will need an Azure environment, at least one Virtual Machine and some (very) basic PowerShell knowledge.

For starters, I have already built my VM, and I have already created an account that is a member of the domain administrators.


  • Log into the Azure portal and expand the Browse All icon, located on the left pane.

1

  • Select Automation Accounts and create a new Automation Account. I called mine “MachineStartStopAutomation”.

2

  • Next under the new account, select Assets

3

  • Here we will assign credentials associated to this Automation account. Within Assets, select Credentials

4

5

  • Once you have created the Credentials, next we will need to create the Runbook
  • Go back to the Automation Account, and this time select Runbooks

6

  • Provide some descriptive name for the Runbook. I used “Start<hostname>VM”. Also, I had some issues creating/editing the Runbook script when using the Graphical Runbook type, so I used the PowerShell Workflow. I would advise using the PowerShell Workflow option.

7

  • Within the script, use the code similar here. Note, your workflow will be name of your Runbook name. Also, in line 5, the -Name <hostname> will be your VM you are interested in automating the PowerOn. To be safe, I specified the FQDN.

8

  • Once complete, you can test and/or publish the Runbook. (You will need to Publish the Runbook in order to make use of it)
  • Next you will need to create a schedule. Go back to the Runbook, and select Schedules

9

  • Since I would like to start this VM daily, I set it for daily Recurrence.

10

You will now need to repeat all the steps above (starting at step 7) to create an automated shutdown Runbook. The PowerShell code will be almost exactly the same, but you will make use of the “Stop-VM -Name <hostname>” Cmdlets.

Once complete, your new Automation Runbook should look similar to this. Hopefully this will keep your Azure billing costs down, and hopefully no more daily/manual starting and shutting down your lab/Virtual Machine(s). =)

11

Management Pack Backup Automation

Backup, backup, backup. It is never a bad idea to be safe and back up your data, or in this case your Management Packs. I recently created an automated, scheduled task that runs every Monday morning that backs up all the Management Packs within the environment. Please note, all sealed and un-sealed Management Packs will be backed up in a un-sealed format.

The following PowerShell code I have used:


$a = get-date
$a = $a.ToString("yyyy-MM-dd")
$rootMS = gc env:computername

Import-Module OperationsManager
New-SCOMManagementGroupConnection -ComputerName $rootMS

$path = New-Item -ItemType directory -Path "\\somepath\MPBackup\$a"

Get-SCOMManagementPack | Export-SCOMManagementPack -Path $path.FullName

SCOM Wintel Gray Agents Health State and Cache Flush – Part II Automation

In the previous post, we learned we can clear the agents cache, recycle the health service, and this will (hopefully) resolve our gray agent issue. But, what happens when we have to do this for hundreds of agents? One word, PowerShell. PowerShell allows us to automate this task over hundreds of servers to make this very tedious task, actually very quick!Here is the code I use.

Just make sure all of your servers are within the list you are providing, and of course the account you are running as has Local Administrative rights on each server.

$list = gc “.\list.txt”
foreach ($server in $list)
{
       Write-Host $server Check Service: “ -NonewLine
if ((gwmi win32_service -computer $server -filter “name=’HealthService'” | %{$_.State}) -eq “Running”)
{
       gwmi win32_service -computer $server -filter “name=’HealthService'” | %{$_.StopService()}  | findstr ReturnValue | Tee-Object -var service | out-null
       $serviceResult = $service.split(“:”)
       if ($serviceResult[1] -eq ” 0″)
              { Write-Host “Successful” -f Green}
       else
{Write-Host “Failed” -f Red}
start-sleep 5
$a = gwmi win32_Directory -computer $server -filter “Name=’C:\\PROGRA~1\\SYSTEM~1\\Agent\\HEALTH~1\\HEALTH~1′”
                           $a.DeleteEx() | findstr ReturnValue Tee-Object -var status out-null
                           $statusresult $status.split(“:”)
                                  if ($statusResult[1] -eq ” 0″)
                                         {Write-Host “Successful”}
                                  else {Write-Host “Failed”}
       gwmi win32_service -computer $server -filter “name=’HealthService'” | %{$_.StartService()}  | findstr ReturnValue | Tee-Object -var service | out-null
       $serviceResult = $service.split(“:”)
       if ($serviceResult[1] -eq ” 0″)
              { Write-Host “Successful” -f Green}
       else
{Write-Host “Failed” -f Red}
       }
else
{Write-Host Stopped}
}