Tag: dns

Updated DNS2012R2 Addendum

DNS2012R2 addendum pack updated!

Updated DNS2012R2 Addendum overrides.  Learned a few new things with Overrides workspace views, and why Authoring pane > Management pack Objects > Overrides may not load.

 

 

When your management pack has improper overrides, expect the loading icon.  This may be caused due to overrides, whether error is with target, class/rule/monitor.

Console Overrides Loading
Console Overrides Loading

 

Sometimes, an Object of class error gets your hopes up (pointing at a non-existent object).

Object of Class error
Object of Class error

 

Example when Overrides loads properly

When Authoring Tab Overrides view loads successfully.
When Authoring Tab Overrides view loads successfully.

 

 

If Overrides view will not load, try creating a workspace view for Overrides.

Navigation Steps:

From SCOM Console

Click on My Workspace

Right Click  > New > Overrides Summary View

Create Workspace Overrides View
Create Workspace Overrides View

 

Select checkbox ‘with a specific override management pack’ checkbox, then the ‘specific’ link to choose management pack(s).

Select Specific Override management pack(s)
Select Specific Override management pack(s)

 

Choose unsealed management pack(s) with overrides

Can select all – OR pick a few to see what loads without errors

Click OK

If you get the loading screen and error, now begins the pack analysis.

OverridesViewFailsToLoad
OverridesViewFailsToLoad

Clicking on the ‘Show’ link points to a non-existent object

Microsoft.EnterpriseManagement.Common.ObjectNotFoundException: An object of class ManagementPackClass with ID 76e2559c-aaf4-b1ec-60cf-d40ab4102fbc was not found.

 

How did I know that?

Run get-SCOMClassInstance command from PowerShell or Operations Manager shell

Example output of ‘get-SCOMClassInstance -ID “76e2559c-aaf4-b1ec-60cf-d40ab4102fbc” ‘

Get-SCOMClassInstance output of the GUID listed in the console error.
Get-SCOMClassInstance output of the GUID listed in the console error.

 

Work on the Overrides of the affected XML packs, and Import.

Once corrected, the Workspace view loads successfully, finite!

Overrides Workspace view of addendum packs

 

 

Documentation

My Workspace https://learn.microsoft.com/en-us/system-center/scom/manage-web-console-my-workspace?view=sc-om-2022

Monitoring workspace https://learn.microsoft.com/en-us/system-center/scom/manage-using-monitoring-workspace?view=sc-om-2022

DNS2012R2 Addendum pack

Still running Server2012R2 servers with AD DCs with AD integrated DNS?
Still running Server2012R2 servers with AD DCs with AD integrated DNS?

In case you’re still running Windows Server 2012R2, here’s the ‘DNS2012R2 Addendum pack’ giving the same functionality as the version agnostic 2016+ addendum.  Why?  DNS is a translation method to convert names to IP’s.  Can you imagine if we wanted to connect to google via IP?  The number of workflows in the SCOM DNS pack (built by the DNS Product Group) makes for an astounding number of workflows running on your DC every minute.  Forward and reverse lookups are a good check, verifying DNS is functioning.  In a complex environment with 100’s of zones, SCOM becomes a utilization culprit for a DC’s primary missions – authenticate and resolve.  This article will help you understand how the pack will add new capabilities and tune DNS monitoring to best practice.

 

Quick Download HTTPS://GITHUB.COM/THEKEVINJUSTIN/DNSADDENDUM2012R2/

 

 

What capabilities does the ‘DNS Addendum pack’ provide?

Count logic monitors (i.e. x events in y time, and self heal)

Daily summary report of DNS alerts broken out

Daily alert closure workflow to close out DNS rules/monitor

DNS service(s) recovery automation

Synthetic internal/external nslookup monitor (scoped to PDC emulators versus ALL DNS servers

WMI validation alert recovery to prevent false positive alerts with weird one off scenarios – one example: Security tools randomly block WMI access.

 

Download the ‘DNS2012R2 Addendum pack’ on GitHub to improve AD Integrated (ADI) DNS monitoring on Windows Server 2016+ (version agnostic).

Save and Import pack, then update XML for group GUIDs

 

 

Update XML

First, update XML with the GUIDs from your management group.  Second, map the group DisplayName to find/replace the GUID for each group.

Get-SCOMClassInstance output for DNS2012R2 groups
Get-SCOMClassInstance output for DNS2012R2 groups

 

Third, using Notepad++ highlight the ContextInstance GUID and hit Control-H, and paste the group GUID then click Replace All.

Using Notepad++ highlight the ContextInstance GUID and hit Control-H, and paste the group GUID then click Replace All.
Using Notepad++ highlight the ContextInstance GUID and hit Control-H, and paste the group GUID then click Replace All.

Fourth – Rinse and repeat for the other three groups.

Lastly, save file, move to SCOM MS, and import!

 

Documentation and links

DNS Pack download

DNS2012R2 addendum blog including updates

GitHub Repository https://github.com/theKevinJustin/DNSAddendum2012R2/

 

DNS Addendum pack

nslookup to find out IP to name or name to IP resolution
nslookup to find out IP to name or name to IP resolution.

 

Simply put: Leverage the ‘DNS Addendum pack’.  Why?  DNS is a translation method to convert names to IP’s.  Can you imagine if we wanted to connect to google via IP?  The amount of workflows in the SCOM DNS pack (built by the DNS Product Group) makes for an astounding number of workflows running on your DC every minute.  Forward and reverse lookups are a good check, verifying DNS is functioning.  In a complex environment with 100’s of zones, SCOM becomes a utilization culprit for a DC’s primary missions – authenticate and resolve.  This article will help you understand how the pack will add new capabilities and tune DNS monitoring to best practice.

 

QUICK DOWNLOAD(S)

2016+ https://github.com/theKevinJustin/DNSAddendumAgnostic

 

 

What capabilities does the ‘DNS Addendum pack’ provide?

Count logic monitors (i.e. x events in y time, and self heal)

Daily summary report of DNS alerts broken out

DNS service(s) recovery automation

Daily alert closure workflow to close out DNS rules/monitor

Synthetic internal/external nslookup monitor (scoped to PDC emulators versus ALL DNS servers

WMI validation alert recovery to prevent false positive alerts with weird one off scenarios – one example: Security tools randomly block WMI access.

 

Download the DNS Addendum on GitHub and the PDF install guide, to improve AD Integrated (ADI) DNS monitoring on Windows Server 2016+ (version agnostic).

 

XML authoring

The pack greatly decreases alerts, workflows on your AD integrated DNS servers, and the XML authoring is an easy feat.  After you import the pack, find/replace is required for two pieces.

  • Group GUIDs update, after installing this pack.

Find/replace the GUIDs, as they are unique to every SCOM management group, hard coding the group ID GUID is not possible.

From PowerShell, on your SCOM management server, run these commands (after DNS Addendum installed)

Use get-scomclassinstance -DisplayName “GroupNameHere” | ft Id

DNS Addendum - update overrides for group GUID from SCOM management group

Find/Replace the GUID in the pack with the ID from the output above.

 

  • Discovery group regular expressions (RegEx)

##DNSServerRegEx##

Find ##DNSServerRegEx## and replace with your DNS server expressions.

Example server names: 16dns01, 19dc01,16dns02,19dc02,19dc03, etc.

RegEx = (?i)16dns0|19dc0

DNS Group discovery example of RegEx for find/replace
DNS Group discovery example of RegEx for find/replace

 

Save and Import & Enjoy!