Tag: groups

DNS Addendum pack

nslookup to find out IP to name or name to IP resolution
nslookup to find out IP to name or name to IP resolution.

 

Simply put: Leverage the ‘DNS Addendum pack’.  Why?  DNS is a translation method to convert names to IP’s.  Can you imagine if we wanted to connect to google via IP?  The amount of workflows in the SCOM DNS pack (built by the DNS Product Group) makes for an astounding number of workflows running on your DC every minute.  Forward and reverse lookups are a good check, verifying DNS is functioning.  In a complex environment with 100’s of zones, SCOM becomes a utilization culprit for a DC’s primary missions – authenticate and resolve.  This article will help you understand how the pack will add new capabilities and tune DNS monitoring to best practice.

 

QUICK DOWNLOAD(S)

2016+ https://github.com/theKevinJustin/DNSAddendumAgnostic

 

 

What capabilities does the ‘DNS Addendum pack’ provide?

Count logic monitors (i.e. x events in y time, and self heal)

Daily summary report of DNS alerts broken out

DNS service(s) recovery automation

Daily alert closure workflow to close out DNS rules/monitor

Synthetic internal/external nslookup monitor (scoped to PDC emulators versus ALL DNS servers

WMI validation alert recovery to prevent false positive alerts with weird one off scenarios – one example: Security tools randomly block WMI access.

 

Download the DNS Addendum on GitHub and the PDF install guide, to improve AD Integrated (ADI) DNS monitoring on Windows Server 2016+ (version agnostic).

 

XML authoring

The pack greatly decreases alerts, workflows on your AD integrated DNS servers, and the XML authoring is an easy feat.  After you import the pack, find/replace is required for two pieces.

  • Group GUIDs update, after installing this pack.

Find/replace the GUIDs, as they are unique to every SCOM management group, hard coding the group ID GUID is not possible.

From PowerShell, on your SCOM management server, run these commands (after DNS Addendum installed)

Use get-scomclassinstance -DisplayName “GroupNameHere” | ft Id

DNS Addendum - update overrides for group GUID from SCOM management group

Find/Replace the GUID in the pack with the ID from the output above.

 

  • Discovery group regular expressions (RegEx)

##DNSServerRegEx##

Find ##DNSServerRegEx## and replace with your DNS server expressions.

Example server names: 16dns01, 19dc01,16dns02,19dc02,19dc03, etc.

RegEx = (?i)16dns0|19dc0

DNS Group discovery example of RegEx for find/replace
DNS Group discovery example of RegEx for find/replace

 

Save and Import & Enjoy!

Logical Disks Dynamic Group

So what do you do when a team comes to you and asks for different values for logical disk alerts?

 

Work smarter vs. harder!

 

Harder

Use Explicit groups

As an Admin, someone should not have to update groups every time a server or app changes in the environment.

 

Smarter

Use Dynamic groups

One better, use regular expressions (see Kevin Holman’s blog if you need a refresher)

 

 

Great background information

Holman had a great article to make groups of logical disks

TechNet had some good example references in this wiki

Forum article where John Joyner (MVP) listed a way to make a dynamic group

Groups can consist of objects in a primary class and also includes Windows Computer attribute

 

How can this apply to  your environment?

Is there a unique attribute for the class you’ve chosen, or possibly to include Windows Computer class properties?

In my experience, the Windows Computer Class can be utilized to better specify the criteria, using Principal Name, NetBIOS name, etc.)

 

 

Let’s begin to see walk through the Logical Disk class attributes, and understand that we can look at the class, and the Windows Computer class.

 

From the SCOM Console

Click on the Monitoring Tab

Click on Discovered Inventory

On the Tasks pane (right hand pane), click on change target type

I chose Windows Server 2016 Logical Disk (corresponding for 2008,12 class structures exist)

 

Are there any unique class/object properties where we can differentiate?

Path stands out, possibly size

Display Name/Device Identifier/Device Name are of course the drive letter

 

Create a Dynamic group

From the SCOM Console

Click on the Authoring Tab

Click on Groups

On Task pane, click on ‘Create New group’

 

Name the group

Recommend naming convention – my example is TEAM Logical Disk group (where TEAM could be SQL, SharePoint, Exchange, Skype, etc.)

Don’t forget to add description comments to help the next guy who’s tracking down details!

Create Management pack, or add to the Team’s overrides or customizations management pack.

 

Click Next twice (to get to Dynamic Members tab)

Click Create/Edit Rules

 

Choose class

Our example was ‘Windows Server 2016 Logical Disk’

Click Add

 

Click the Property Drop down

 

Note the options – and refer back to your notes in the Discovered Inventory from the Monitoring Tab

The three D’s in the middle – Device Identifier, Device Name, and Device Description were all the drive letter

I chose Device Name as it seemed the logical choice

 

Click Insert + to add another property

Click again on the Class properties

Select the bottom choice – (Host=Windows Computer)

Select Principal name

In my case, the servers met a specific naming convention for the server name

 

In the Operator Column, choose ‘Matches regular expression’

In the Value field, enter your regular expression

 

My example is (?i)16[md]

Go back to my Discovered inventory output

 

 

Dissect the regular expression

(?i) case inclusive (don’t care upper or lower case – back to Unix roots!)

16m or 16d is in the server name

 

Click OK

Click Next twice to create group (and bypass Sub Groups, Excluded Members)

Click Create Group

Click Close

 

 

Verify expression

From the Authoring pane

Click on the Group and either right click ‘View Group members’, or in the task pane, click ‘View Group members’

Practice using regular expressions to get the desired results!

 

 

Now it’s time to go off and override the monitor for the newly created group!