OpsMgr 1801 All in One – Quick Start Deployment Guide

Maybe you want to play with the new SCOM version like me?

 

Following Kevin Holman’s Quick Start Deployment Guide for SCOM 2016, build out an All in One

 

High Level Deployment Process:

1.  In AD,  note the ID’s and groups used for Operations Manager for the technical preview

2.  Install Windows Server 2016 to all server role servers

3.  Install Prerequisites and SQL 2016.

4.  Install the Management Server and Database Components

5.  Deploy Agents

6.  Import Management packs

7.  Set up security (roles and run-as accounts)

 

 

Prerequisites:

1.  Install Windows Server 2016 on Server

2.  Join server to domain.

3.  Install the Report Viewer controls.  Install them from https://www.microsoft.com/en-us/download/details.aspx?id=45496

          NOTE If SQL is installed on the MS (remember All in One server) 

          “Microsoft System CLR Types for SQL Server 2014” (ENU\x64\SQLSysClrTypes.msi) is not needed. 

SQL SysClrTypes available here:   https://www.microsoft.com/en-us/download/details.aspx?id=42295

4.  Install all available Windows Updates.

5.  Add the “OMAdmins” domain global group to the Local Administrators group on each server.

6. Install IIS on any management server that will also host a web console:

Open PowerShell (as an administrator) and run the following:

Add-WindowsFeature NET-WCF-HTTP-Activation45,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-Http-Logging,Web-Request-Monitor,Web-Filtering,Web-Stat-Compression,Web-Mgmt-Console,Web-Metabase,Web-Asp-Net,Web-Windows-Auth –Restart

Note:  The server needs to be restarted at this point, even if you are not prompted to do so.  If you do not reboot, you will get false failures about prerequisites missing for ISAPI/CGI/ASP.net registration.

 

 

7. Install SQL 2016 to the server

  • Setup is fairly straightforward. This document will not go into details and best practices for SQL configuration. Consult your DBA team to ensure your SQL deployment is configured for best practices according to your corporate standards.
  • Run setup, choose Installation > New SQL Server stand-alone installation…

 

When prompted for feature selection, install ALL of the following:

  • Database Engine Services
  • Full-Text and Semantic Extractions for Search
  • On the Instance configuration, choose a default instance, or a named instance. Default instances are fine for testing, labs, and production deployments. Production clustered instances of SQL will generally be a named instance. For the purposes of the POC, choose default instance to keep things simple.
  • On the Server configuration screen, set SQL Server Agent to Automatic.  You can accept the defaults for the service accounts, but I recommend using a Domain account for the service account.  Input the DOMAIN\sqlsvc account and password for Agent, Engine, and Reporting.  Set the SQL Agent to AUTOMATIC.
  • On the Collation Tab – accept the default which is SQL_Latin1_General_CP1_CI_AS
  • On the Account provisioning tab – add your personal domain user account and/or a group you already have set up for SQL admins. Alternatively, you can use the OMAdmins global group here. This will grant more rights than is required to all OMAdmin accounts, but is fine for testing purposes of the POC.
  • On the Data Directories tab – set your drive letters correctly for your SQL databases, logs, TempDB, and backup.
  • Choose Install, and setup will complete.
  • You will need to disable Windows Firewall on the SQL server, or make the necessary modifications to the firewall to allow all SQL traffic.  See http://msdn.microsoft.com/en-us/library/ms175043.aspx
  • When you complete the installation – you might consider also downloading and installing SQL Server Management Studio Tools from the installation setup page, or https://msdn.microsoft.com/en-us/library/mt238290.aspx

 

 

 

 

 

SCOM Step by step deployment guide:

 

1.  Install the Management Server role on SCOM1.

  • Log on using your personal domain user account that is a member of the OMAdmins group, and has System Administrator (SA) rights over the SQL instances.
  • Run Setup.exe

  • Click Install

 

  • Select the following, and then click Next:
    • Management Server
    • Operations Console
    • Web Console

 

 

 

  • Accept or change the default install path and click Next.

 

  • You might see an error from the Prerequisites here. If so – read each error and try to resolve it.

 

  • On the Proceed with Setup screen – click Next.

 

  • On the specify an installation screen – choose to create the first management server in a new management group.
  • Give your management group a name. Don’t use any special or Unicode characters, just simple text.
  • KEEP YOUR MANAGEMENT GROUP NAME SIMPLE, and don’t put version info in there.
  • Click Next.

 

 

  • Accept the license.  Next.

 

 

  • On the Configure the Operational Database screen, enter in the name of your SQL database server name and instance.
  • In my case this is “18MSB01”.
  • Leave the port at default unless you are using a special custom fixed port.
  • If necessary, change the database locations for the DB and log files.
  • I changed the default size to 5000 MB for now.
  • Click Next.

 

  • On the Configure the Data Warehouse Database screen, enter in the name of your SQL database server name and instance.
  • In my case this is “18MS01”.
  • Leave the port at default unless you are using a special custom fixed port.
  • If necessary, change the database locations for the DB and log files.
  • I changed the default size to 5000 MB. Click Next.

 

 

 

  • On the Web Console screen, choose the Default Web Site, and leave SSL unchecked. If you have already set up SSL for your default website with a certificate, you can choose SSL.  Click Next.

 

 

  • On the Web Console authentication screen, choose Mixed authentication and click Next.

 

 

  • On the accounts screen, change the accounts to Domain Account for ALL services,
  • Enter in the unique DOMAIN\OMAA, DOMAIN\OMDAS, DOMAIN\OMREAD, DOMAIN\OMWRITE
  • accounts we created previously.
  • It is a best practice to use separate accounts for distinct roles in OpsMgr
  • Although you can also just use the DOMAIN\OMDAS account for all SQL Database access roles to
  • simplify your installation (Data Access, Reader, and Writer accounts).
  • Click Next.

 

  • On the Diagnostic and Usage Data Click Next

 

  • Microsoft Update screen – choose to use updates or not.  Click Next
  • Click Install

 

  • Watch Installation progress

 

  • After a few minutes, when installation completes
  • Close when complete.

 

 

  • The Management Server will be very busy (CPU) for several minutes after the installation completes. Before continuing it is best to give the Management Server time to complete all post install processes, complete discoveries, database sync and configuration, etc. 10 minutes is typically sufficient.

 

 

 

Verify Console

Login to Management Group

 

 

Import Management Packs

Import your preferred management packs

 

 

Continue with Optional Activities

 

 

Verify any errors in the Operations Manager Event logs

Note the Maintenance permissions is still an issue

Operations Manager Event logs

 

SCOM 1801 dashboards (previously 1711)

Here dashboard dashboard <dong>

Come out, come out wherever you are!

 

 

Looking at SCOM dashboards in the new Technical Preview had me wondering.

I was totally excited after Ignite for System Center v.Next…

          Start at 16:34 in video – BRK1023 https://myignite.microsoft.com/videos/54778

 

 

Found the documents before I found the actual widgets

HTML5 overview https://docs.microsoft.com/en-us/system-center/scom/manage-overview-html5-webconsole?view=sc-om-1801

What’s new in 1801 https://docs.microsoft.com/en-us/system-center/scom/what-is-new-1801?view=sc-om-1801

Release Notes https://docs.microsoft.com/en-us/system-center/scom/release-notes-1801?view=sc-om-1801

 

What’s new in 1711 https://docs.microsoft.com/en-us/system-center/scom/what-is-new-1711?view=sc-om-1711

Release notes https://docs.microsoft.com/en-us/system-center/scom/release-notes-tp1711?view=sc-om-1711

 

We have lots of widgets to choose from

 

Unfortunately, the SQL MP visualizations are not yet HTML5 🙁

 

 

Web Console, well, okay, I can play

 

 

Alert Widget

Scope – Setup for a group or class (my example is All Windows Computers group, could be SQL Servers, SharePoint Servers, etc.)

Criteria – Selected Severity = Warning or Critical, changed Alert age to 1 day (default was 7)

Display – No changes made

Select Columns to display – looks like all the console options when you click on ‘Personalize view’

Group by – Last modified was selected

 

 

Completion  Click on Save Widget

Saving widget

 

Alert Widget

 

 

 

 

State Widget

Scope – Setup for a group AND class (my example is All Windows Computers group, could be SQL Servers, SharePoint Servers, etc.)

Criteria – Selected Severity = Warning or Critical

Display

Selected 4 columns  (Health, Display Name, Path, Principal Name )

Group by – Health

Completion – Named widget and added Description

Click on Save Widget

 

Saved State Widget (NOTE no unhealthy windows computers)

 

 

 

 

Performance Widget

Scope – Setup for a group AND class (my example is SQL Server Computers, could be All Windows Computers, or SharePoint Servers, etc.)

Metrics – Use filter by keyword

Search string = Memory

Selected = Stolen Server Memory

Criteria – Time Range default is 24 hours

Recommend dropping time to 1-4 hours to display less data

Display

Left Default

See difference, checkbox is counter intuitive (uncheck gives visual graph)

Completion – Named widget and added Description

Click on Save Widget

Performance Widget (visualizations check box checked, NOTE NO visual)

 

Performance Widget (visualizations check box UN-checked)

 

 

 

 

 

 

Tile Widget

Simple, can setup for a group or class

Click on Save Widget

 

 

 

Topology Widget

Gotta have a little fun, right!?

Click on Save Widget

 

 

 

Tile and Topology Dashboards

 

 

Now let’s continue this further next week!

SCOM 1711 – Technical Preview for upcoming 1801

If you’re not aware, System Center will start doing 6 month releases, and will be YYDD named

 

Example 

SCOM released in Jan 2018 is 1801, then 180x, 190x, etc.

Technical previews will also exist prior (currently 1711 – the technical preview for 1801).

 

Register for Technical Preview

Evaluate and download https://www.microsoft.com/en-us/evalcenter/evaluate-system-center-release

Save appropriate product(s)

 

Extract for ISO files

Go to path where files were saved

 

Double click on file to extract

 

Click on Run to run the file

 

Answer Yes to UAC prompt

Click ‘I accept for EULA

 

Click Next to begin the setup wizard

Select Path to save file

Click Next

 

File extract completes

 

Click Finish

 

 

Looks like SCOM ISO

 

 

Now it’s time to grab Holman’s quick start guide and set up new servers for 1801 management group (if you don’t already have the steps down pat!)

 

MPViewer reloaded

The previous post covered the MPViewer 2012 version here

 

Jan Van Meirvenne spent the time to update the functionality even further

MPViewer “2012 Reloaded (release 1)” http://scug.be/jan/2016/06/06/mp-viewer-2012reloaded/

 

Use MPViewer reloaded will allow you to

  1. Open multiple management pack files (MP and MPB)
  2. See Modules to view underlying scripts (always wondering how a monitor got its state or property bag info)
  3. Load files from Management Group (typically this required command line or Silect MP Studio!)
  4. OpenWith file association (load MPViewer when clicking on files in explorer)

Using MP Viewer to unseal or export MP to XLS or HTML

Use MPViewer and open the management pack files (MP and MPB)

 

Updated 14 Dec 2018

 

Thanks to Daniele Muscetta for converting this so many years ago!

MPViewer tool originally at this blog https://blogs.msdn.microsoft.com/dmuscett/2012/02/19/boriss-opsmgr-tools-updated/

MPViewer v2.3.3 added to TechNet Gallery for download here

 

Jan Van Meirvenne spent the time to update the functionality even further

MPViewer “2012 Reloaded (release 1)” http://scug.be/jan/2016/06/06/mp-viewer-2012reloaded/

 

 

 

Load Management pack

GUI

In MPViewer,

Click on File, Load Management Pack

The 2012 Reloaded MPViewer allows you to open multiple management packs, or from a Management group

 

 

Go to your directory where you saved the UNIX SCOM 2016 UR2 management packs

If necessary, change the dropdown to mpb

 

 

Command line options

.\MPViewer.exe –help

Example syntax above

Remember to encapsulate your paths with quotes to be successful!

Opens MP and saves as HTML

.\MPViewer.exe “MP Path and file name” “Outputfilename.html”

Opens MP and saves as XLS

.\MPViewer.exe “MP Path and file name” “Outputfilename.xls”

 

 

Best practice is to keep same naming convention – makes it easier to track down the original MP

Example export MP to XLS

.\MPViewer.exe “S:\MonAdmin\scom\Management packs\sql\v7.0.7.0\2008-2012\Microsoft.SQLServer.2012.Monitoring.mp” “S:\MonAdmin\scom\Management packs\sql\v7.0.7.0\2008-2012\Microsoft.SQLServer.2012.Monitoring.xls”

Output

PS C:\Users\scomadmin\desktop> .\MPViewer.exe “S:\MonAdmin\scom\Management packs\sql\v7.0.7.0\2008-2012\Microsoft.SQLServer.2012.Monitoring.mp” “S:\MonAdmin\scom\Management packs\sql\v7.0.7.0\2008-2012\Microsoft.SQLServer.2012.Monitoring.xls”

PS C:\Users\scomadmin\desktop> gci “S:\MonAdmin\scom\Management packs\sql\v7.0.7.0\2008-2012\*.xls”

Directory: S:\MonAdmin\scom\Management packs\sql\v7.0.7.0\2008-2012

Mode                LastWriteTime         Length Name
—-                ————-         —— —-
-a—-       12/13/2018   8:40 AM         527618 Microsoft.SQLServer.2012.Monitoring.xls

 

 

 

To unseal MP to view in Notepad++

 

Once MP is loaded

Click File

Click Unseal MP (my path defaults to desktop)

Open file in Notepad++ or XML Editor, or your favorite XML viewer of choice

 

 

 

To export a management pack to XLS

Once MP is loaded

Click File

Click Save to Excel (my path defaults to desktop)

 

Choose path

My personal preference is to append filename with XLS for visibility

 

Copy file to a machine with Excel installed

 

Open the XML file in Excel, and hide all tabs but the Monitor tabs, and rules tab

Turn on auto-filter, etc.

 

Setting up OMS Capacity and Performance

Setting up OMS Capacity and Performance
Setting up OMS Capacity and Performance

 

Update 18 Dec 2023 – Solution retired in 2021 with OMS sunset.  

https://github.com/uglide/azure-content/blob/master/articles/log-analytics/log-analytics-add-solutions.md Repository archived by the owner on Feb 1, 2021. It is now read-only.

 

 

Do you know what your HyperV hosts are doing?

Not a HyperV fan, there’s a VMWare solution also here

 

Documentation https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-capacity

https://github.com/uglide/azure-content/blob/master/articles/log-analytics/log-analytics-capacity.md

 

Capacity dashboard

Capacity and performance preview summary
Capacity and performance preview summary

Details

OMS dashboard
OMS dashboard

 

 

Setting up OMS Capacity and Performance

Already have the dashboard setup?  Perhaps this will help troubleshoot

Do you have network connectivity, or is a proxy required?

 

Troubleshooting dashboard

Firewall https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-proxy-firewall
Windows Agents https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-windows-agents

 

Verify Operations Manager event log on local agent, then filter for error events and/or EventID 4506.  Look for dates/times to see when events started.

Example Event ID 4506 details the Capacity and Performance Solution, citing ‘Microsoft.IntelligencePacks.CapacityPerformance.Collector’.

Operations Manager Event Log, Event ID 4506 examples
Operations Manager Event Log, Event ID 4506 examples

 

Additional options

  1. Search LAW (Log Analytics workspace) logs

https://github.com/uglide/azure-content/blob/master/articles/log-analytics/log-analytics-log-searches.md

OMS Log search screenshot

 

2. Verify no proxy is set up (unless your network requires this)

OMSAgent proxy setting
OMSAgent proxy setting

 

3. 4506’s result from too many workflows sending data from MS to DB’s (OpsMgr and DW).  Additionally, 4506 events can be communication issues from MS to DB server(s).   Lastly, use TLS1.2 configuration as a best practice to enforce encryption from MS to SQL communication.  Beyond encryption, TLS may be a culprit if AlwaysOn or SQL clusters are involved, particularly as the SCOM console connections fail as SDK cannot talk with SQL side.  See Kevin Holman’s blog for additional TLS1.2 information and setup.

TLS blog https://kevinholman.com/2018/05/06/implementing-tls-1-2-enforcement-with-scom/

 

Documentation

Learn article https://learn.microsoft.com/en-us/answers/questions/212007/scom-errors-no-data-in-summary-performance-dashboa
TechNet blog https://social.technet.microsoft.com/Forums/ie/en-US/10b38121-b0e1-43ec-bf3a-d22ae9ef0220/event-4506-data-was-dropped-due-to-too-much-outstanding-data-in-rule
MS RMSe https://www.system-center.me/opsmgr/event-4506-and-new-root-management-server-rms-management-server-ms/

Setting up OMS Service Map solution

hmmmm

Ever wonder what happened to BlueStripe?

Anyone else have experience using it with SCOM?

If you weren’t aware, Microsoft bought Blue Stripe back in 2015 link

 

Looks like BlueStripe FactFinder is now Service Map in Azure

Documentation here

 

Service Map is very easy to add and get value from right away with OMS

Download agent

You have two choices:

  1. Choose from Docs.Microsoft.com documentation above, or from your OMS environmentdocsagentdownload
  2. From your OMS workspace, add the Service Map solution

Click on Home icon in top left hand corner

omshome

Click on Service Map pane

Click on Download Agent link as appropriate for Windows or Linux

Save file and install on your server(s)

oms-initialscreen

 

Windows Server Installation

Execute the MSI file downloaded from OMS (NOTE may prompt with UAC prompt)

Click ‘I Agree’

servicemapinstall

Watch the Install

servicemapinstalling

Click Finish

servicemapinstallcomplete

Now go back to OMS and look for updates (mine was that fast!)

servicemapsolution

Click on the Service Map pane to see more detail

servicemapdetail

To add additional machines is basically the same, just choose add machines

oms-addmachines

 

In case you caught that I have two (2) of the same named machines, it’s because I have that server set up for OMS separately.  Yes, it’s my lab, so I’m not following the best practice.

servicemapsolutionwclients

Enjoy!

Building a subscription

subscribe-and-save

 

Let’s talk notifications for a minute.

Everyone complains that a tool is noisy for alerts (typically emails).

Why not find a way to limit what you receive, and eliminate, the noise.

Sure, there’s alert tuning, but there are a ton of built-in options with Subscriptions in SCOM.

 

howto

Let’s Start by talking about now a subscription is built in SCOM.

Step 1 – An owner (or ‘subscriber’) is needed

This can be an email address, group name or variable you may want to pass to a command line for a destination (e.g. support team/NOC/POC)

Step 2 – A channel is needed (simply put, a way to get the data out of SCOM)

This can be SMTP (email), or a custom executable to a ticketing system, NetCool, BMC True Sight, xMatters, Derdack, to name a few.

Step 3 – Criteria to send to an owner (details)

Time to set up a subscription, and learn as we go!

Do you have the necessary 3 parts (subscriber, channel)

Do you have a destination/subscriber already set up?

Yes, see go to Channel

No, follow the subscriber blog here

Do you have a channel set up

Yes, see go to Subscription

No, follow the Channel blog here

 

Do you have a naming convention for the subscription parts?

The Subscription name needs to be intuitive, i.e. Application Name, Team Name, Company Name (depending on the environment)

Process an Application’s alerts

Example     ‘BizTalk alerts’

If BizTalk alerts needed to go to different teams

‘BizTalk DEV Alerts’ or ‘BizTalk PROD Alerts’

or if Criteria is involved ‘BizTalk Performance Alerts’

or if alerts need to route to another company ‘Contoso BizTalk alerts’

Capitalize what needs emphasis so in the Subscriptions view (make searches or sorts easier and more intuitive)

Making sense where I’m going with this?

 

Criteria can influence the name

CLASS, MONITOR, RULE, SEVERITY, GROUP, RESOLUTION STATE

To me the value comes in with the Description field in a subscription.

Adding relevant detail here makes life easier when followed, to know what the subscription is doing.

Try this model for the Subscription Description

CRITERIA

SUBSCRIBER

COMMENTS

Example

+MONITOR = Health Service Heartbeat Failure +SEVERITY = Warning/Critical +RESOLUTION STATE NOT equals 255 +SUBSCRIBERS = GROUP Server Admins via Email +Comments: Created 2016-02-12 for SCOM Agent tuning

 

Time to set up a subscription

Subscription Summary Healthservice Watcher subscription to alert on any NEW Healthservice Heartbeat failures

Name     SCOM HealthService Watcher

Description

+MONITOR = Health Service Heartbeat Failure +SEVERITY = Warning/Critical +RESOLUTION STATE NOT equals 255 +SUBSCRIBERS = GROUP Server Admins via Email +Comments: Created 2016-02-12 for SCOM Agent tuning

 

Criteria

Notify on all alerts where

created by Health Service Heartbeat Failure rules or monitors (e.g., sources)

and of a Warning or Critical severity

and with Not Equals 255 resolution state

 

Subscribers

GROUP Server Admins via eMail

 

Channels

SMTP Channel

Basic Admin ‘How-to’ Series

443053-royalty-free-rf-clip-art-illustration-of-a-cartoon-businessman-carrying-a-heavy-manual

This is a series of blog posts to help with SCOM best practices, and things that make SCOM easier to administer.

 

Associate MPX files in Notepad++ blog

Backup management packs via PowerShell blog

Get to know your monitor blog

Load Test MP with Report blog

Load Test MP Fragments blog

Maintenance Mode PowerShell blog

Manage DB storage with DWdataRP blog

Managing Subscriptions blog

PowerShell Rule/Monitor/PerfCounter MP and Fragments blog

Registry Key discovery MP Fragment clarification blog

Run As PowerShell monitor fragment blog

Sealing Management packs with 2012R2 and 2016 blog

Subscriptions blog

Subscription Set up Guide blog

Uncommon MP Fragments blog

Verifying Overrides blog

 

Best Practices

Agent Management pack KH Blog

Enable proxy as a default KH blog

How to be heard blog

Manage alerts/events/performance KH Blog

Office Analytics (find where all the time goes) blog

Optimize SQL blog

Recommended Registry tweaks KH blog

SCOM Agent Version Addendum KH blog

Set SCOM Agent to remotely managed KH Blog

SQL Engineering Blog

SYSTEM CENTER 2016 Operations Manager – Anti-Virus Exclusions blog

Update VMM MP’s for SCOM when SCVMM patched blog

 

Tools

MP Viewer blog

Download Notepad++ here

Kevin Holman blog on extracting scripts from MP’s using Transform tool from codeplex

Test fire events using EventLog Explorer here

Alternate tool to fire any events here