Shout out to AT and Aris for his help with this!
Install SCOM agent MSI via command line and roll into a ‘SCOM agent’ MECM application package.
Why an application/package? Many times, servers are built, and the IT Enterprise doesn’t find out device is NOT monitored until it’s involved in an outage. Proceed to add to your Configuration management tool will provide a consistent configuration to avoid the ‘NOT monitored’ configuration.
While there are a few options to build out a MCM/MEM/MECM/SCCM application/package to install the SCOM agent on managed windows machines. In August, I posted Neal’s updates to install/configure the SCOM agent. Neal’s scenario works great for a new environment, and it’s simple PowerShell. Also, if Neal’s scenario with PowerShell is NOT your preference, try the batch file below. Another key point, the script has logic for multiple forests and SCOM gateways (to connect said forests). Basically test the command line script, then roll into a MCM/MEM/MECM/SCCM application/package. Have the SCOM agent added to task sequence which consequently includes the SCOM agent in the default build.
Install SCOM agent command line script
First – NOTE each line has no hidden line feed/carriage returns
Second – go through the variables before testing
Variables to review/replace:
##SCOMManagementGroup## # SCOM Management group, seen in SCOM console on top left corner
SCOMManagementServer## # SCOM management Server in primary domain
##SCOMManagementServerGW## # SCOM first gateway
##SCOMManagementServerGW2## # Second gateway
##Domain## as forest FQDN
##Domain2## as forest FQDN
Determine domain –
‘systeminfo | findstr /i /c:”domain” | findstr /i /c:”##Domain##”
Example Lab output
C:\> systeminfo | findstr /i /c:”domain” | findstr /i /c:”testlab”
Domain: testlab.net
Third – Find/Replace ##hashtagged## variables and test away!
@echo off
cls
REM This script command line is for NEW installs of the agent (nothing prior)
REM Replace ##SCOMManagementGroup## SCOM Management group, seen in SCOM console on top left corner
ECHO Installing SCOM 2019 Windows Agent…
echo Determining domain….
REM Determine if machine is in DMZ….
systeminfo | findstr /i /c:”domain” | findstr /i /c:”DMZ” && (
echo Machine found to be in DMZ…installing for that enclave and management server: ##Domain2##”
echo.
%WinDir%\System32\msiexec.exe /i %~DP0MOMAgent.msi /qn USE_SETTINGS_FROM_AD=0 USE_MANUALLY_SPECIFIED_SETTINGS=1 MANAGEMENT_GROUP=##SCOMManagementGroup## MANAGEMENT_SERVER_DNS=##SCOMManagementServerGW## SECURE_PORT=5723 ACTIONS_USE_COMPUTER_ACCOUNT=1 NOAPM=1 AcceptEndUserLicenseAgreement=1
echo.
GOTO Logging)
REM Determine if machine is on domain….
systeminfo | findstr /i /c:”domain” | findstr /i /c:”##Domain##” && (
echo Machine found to be in ##Domain##…installing for that enclave and management server: ##Domain##
echo.
%WinDir%\System32\msiexec.exe /i %~DP0MOMAgent.msi /qn USE_SETTINGS_FROM_AD=0 USE_MANUALLY_SPECIFIED_SETTINGS=1 MANAGEMENT_GROUP=##SCOMManagementGroup## MANAGEMENT_SERVER_DNS=##SCOMManagementServer## SECURE_PORT=5723 ACTIONS_USE_COMPUTER_ACCOUNT=1 NOAPM=1 AcceptEndUserLicenseAgreement=1
echo.
GOTO Logging)
REM Neither DMZ or domain joined found above…look for alternate domain(s)
REM These all share this same management server: FOREST2.FQDN and Gateway server
%WinDir%\System32\msiexec.exe /i %~DP0MOMAgent.msi /qn USE_SETTINGS_FROM_AD=0 USE_MANUALLY_SPECIFIED_SETTINGS=1 MANAGEMENT_GROUP=##SCOMManagementGroup## MANAGEMENT_SERVER_DNS=##SCOMManagementServerGW2## SECURE_PORT=5723 ACTIONS_USE_COMPUTER_ACCOUNT=1 NOAPM=1 AcceptEndUserLicenseAgreement=1
:Logging
ECHO Installing SCOM 2019 Windows Agent Completed…>> C:\Windows\Logs\SCOM2019Agent.log
time /t >> C:\Windows\Logs\SCOM2019Agent.log
date /t >> C:\Windows\Logs\SCOM2019Agent.log
Lastly enjoy! In summary, I hope the ‘Install SCOM agent MSI via command line’ script helps get the agent deployed faster, and more consistent!