Active Directory 2012-2016 Addendum Management Pack

A Post-it note is like an addendum, no?

As an Operations engineer, how many times do you get notified for a service restart?

Did you know about Service Recovery actions, or SCOM Recovery Tasks?

Why didn’t the SCOM Recovery tasks get added to many of the common Microsoft Applications?

Hopefully today, we can discuss some actions to help limit the amount of manual rework required to resolve service issues.

Let’s explain the basics

Windows Servers have a Recovery tab in the Services.msc menu.
Does your monitoring tool allow for recovery actions?

To implement recovery actions, here’s an example of the Services Recovery Tab

Here’s an example of the SCOM agent service

NOTE 3 failures spaced 1 minute apart to restart the service

Let’s take it one step further, and add a restart to the service from another tool (insert your monitoring tool here).

In SCOM, taking an action after identifying the problem can be handled different ways

Services are related to Health, which are typically found as monitors, and to apply restart automation falls into Recovery Tasks.

In Monitors as a ‘Recovery Task’, or in Rules as a response

Rule Response

Active Directory Domain Services (AD DS)

Now that we understand the methods available, let’s get to the Addendum.

The Active Directory Domain Services Addendum MP will add Recovery tasks to AD DS Service Monitors.

NOTE: This is for the newer v10.0.x.y management packs that support AD DS 2012-2016

Specifically, the Pack has 12 Recovery tasks for DFS, NTDS, DFSR, IsmServ, KDC, NetLogon, NTFRS, W32Time, Group Policy, DNS Client, ADWS, and DNS.

The recovery tasks verify service state, start ‘not running’ services, and include the option to recalculate health.

My goal is automation that helps anyone work smarter versus harder, with the goal to avoid being woke up at 2am just to restart a service.

SCOM-AD-Directory-Addendum-22d0473a

Sealing SCOM MP’s

Sealing MP’s

This is an updated version of Kevin Holman’s blog, and Jonathan Almquist’s blog for SCOM2012R2 and 2016

First why seal?

If you seal the MP – we will be able to use the classes/groups created for overrides in any other override MP.

Unsealed MP – any overrides you use for classes/groups will be forced into this same MP.

If you don’t have Visual Studio 2013 and above with VSAE, or have other requirements, you will need to download the SDK to get the SN.exe utility

Download SDK

Win2008 & R2 SDK No longer available for Download

Win2012 & R2 SDK Download

Win10 SDK Download https://developer.microsoft.com/en-US/windows/downloads/windows-10-sdk

Release blog https://blogs.windows.com/buildingapps/2017/05/11/windows-10-sdk-preview-build-16190-released/

NOTE Install path to go grab the sn.exe file

Install SDK

Copy file to the local machine

Open PowerShell window as administrator

cd $HOME/desktop

.\sdksetup.exe # .\winsdksetup.exe for Server 2016/win10

Verify SN.exe is found after SDK install completes

Server 2008 – sn.exe located in C:\Program Files\Microsoft SDKs\Windows\v6.1\Bin\x64

Server 2012 – sn.exe located in C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools

Server 2016 and Win 10 – sn.exe located in C:\Program Files (x86)\Microsoft SDKs\Windows\v8.0A\bin\NETFX 4.0 Tools

Create the MPSeal folders

Repository where you want to keep the MPSeal.exe, SNK files, and related sealed packs for any MP sealed
C:\monadmin\MPSeal
C:\monadmin\MPSeal\unsealed
C:\monadmin\MPSeal\sealed # Reference sealed MP’s
C:\monadmin\MPSeal\key
C:\monadmin\MPSeal\output

PowerShell as Admin commands to create repository

new-item -itemtype directory -path c:\monadmin\
new-item -itemtype directory -path c:\monadmin\MPSeal
new-item -itemtype directory -path c:\monadmin\MPSeal\unsealed
new-item -itemtype directory -path c:\monadmin\MPSeal\sealed
new-item -itemtype directory -path c:\monadmin\MPSeal\key
new-item -itemtype directory -path c:\monadmin\MPSeal\output

Copy MPSeal utility from Support directory on SCOM ISO

On ISO, copy mpseal* from ISO SupportTools\AMD64 directory to c:\monadmin\MPSeal

Let’s get the Key file generated and start sealing MP’s!

Create SNK files
Note SN.exe only needs to be run once to create the SNK file
***Critical note – you need to keep a backup of this key… because it will be required for making updates to this MP in the future, re-sealing, and keeping the ability to upgrade the existing MP in production.

sn -k <yourDomainNameHere>.snk

Sample syntax from win2k8 server

Copy this SNK file to c:\monadmin\MPSeal\key

Copy Referenced MP’s
This is a good opportunity to add the MP’s referenced in the ISO, UR updates, and/or RTM folder when installing SCOM, Unix MP’s, etc.

Copy sealed MP’s to c:\monadmin\MPSeal\sealed

Seal MP

MPSeal.exe c:\monadmin\mpseal\unsealed\<mpNameHere>.xml /I “c:\monadmin\mpseal\sealed” /Keyfile “c:\monadmin\mpseal\key\PairKey.snk” /Company “CompanyName” /Outdir “c:\monadmin\mpseal\output”

References
How to Seal MP https://docs.microsoft.com/en-us/previous-versions/system-center/system-center-2012-R2/hh457550(v=sc.12)

Clarification on Registry Key discoveries

Ran across this in my travels, difficulty getting a monitor to work properly

To clarify some of the registry MP fragments, make sure you follow the whole path

This post is to help with using the Monitor.RegistryValue.Exists.mpx fragment

Example – Verify Registry Key under TestService

This is an excerpt from the MP Fragment header

%%
Description:
This fragment includes a Monitor which checks for the existence of a registry VALUE
RegValuePath – needs to be in the format of “SOFTWARE\Microsoft\CCM\HttpPort” or “SYSTEM\CurrentControlSet\Services\CcmExec\Start” as HKLM is assumed
RegValueName – needs to be the actual Reg VALUE name or your description of it (NO SPACES or special characters allowed) such as “HttpPort”
Version: 1.1
LastModified: 29-May-2017
%%

In the MP Fragment, you substitute the variables

<AttributeName>##RegValueName##</AttributeName>
<Path>##RegValuePath##</Path>

<AttributeName>ObjectName</AttributeName>
<Path>SYSTEM\SysInfo\AppName</Path>

Registry Key = HKLM\SYSTEM\CurrentControlSet\Services\HealthService\Test

Fragment variable (##RegValueName##) = SYSTEM\CurrentControlSet\Services\HealthService\Test

AttributeName or ##RegValueName## is simply whatever you want to call the attribute

Simply the name of the Registry value for my example is Test

Substitute ##RegValueName## for Test

If you’re testing in the lab, decrease frequency so you don’t have to wait as long

Remember to increase the frequency when you’re done

Upload MP (don’t forget to version your pack!)

Watch Health Explorer and test away adding or removing your key

Helpful testing tips to add a key to the registry and flip the health

reg add “HKLM\System\CurrentControlSet\Services\TestService” /v “Test” /t REG_SZ /d Test

reg delete “HKLM\System\CurrentControlSet\Services\TestService” /v “Test”

Exchange 2013 monitoring Addendum

This is a good source for additional Exchange Server 2013+ monitoring, brought to my attention from Exchange PFE Dave Groll!

See Volkan Coskun’s blog post here

Update 30 Nov 2018

NOTE this content is no longer available – posted Volkun’s custom extension pack on TechNet Gallery here

This will help provide additional visibility to individual objects like Mailbox Databases or Transport Queues that are otherwise hidden in the health sets.

NOTE my Lab environment is Exchange 2016

PowerShell Monitor Fragment with Run As

Stop!

Ever need to run a PowerShell command (or script) as a specific ID?

Maybe you need to know when the command fails to catch degraded application health?

Let’s work into the scenario with a MP Fragment

Download the latest fragments here

Load Test MP fragment

Shout to Tyson Paul for his initial MP with 2016, catch his blog here!

This should help speed up building the MP if you have Visual Studio 2013 or 2015 with Visual Studio Authoring Extensions (VSAE). Read Kevin Holman’s blog if this is new

Download the latest fragments here

Quicker method To build the MP as MP fragment, update the following:

Import MP Fragment into Visual Studio for MP
Replace variables in fragment
1. ##CompanyID##
2. ##AppName## – LoadTesting
3. ##ClassID## – WindowsServer
4. ##OSVersion## – 2012 = 6.2, 2012R2 = 2012.R2, 2016 = 100
5. ##MPReferenceID## – MWS2M for 2012, MWS2RM for 2012R2
6. ##RuleGUID##
Obtain Rule names for Override Targets and Report rule GUID’s for the report parameters section

get-scomrule | ? { $_.DisplayName -like “System Processor Queue Length*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “Current Disk Queue Length*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “Current Disk Queue*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “Current Dis*k Queue*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Current Disk Queue*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Average Disk Seconds Per Transfer*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Logical Disk Idle Time*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Processor Time Total*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Memory Available Megabytes*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Network Adapter Bytes Total*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Memory Pages per Second*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*System Processor Queue Length*” } | fl ID,DisplayName,Name

Save and Import MP into environment
Get Report parameter value for group ID

get-ScomGroup | ? { $_.DisplayName -like “*Load Testing Group*” } | fl ID,DisplayName

Update ##TargetGroupID##, MP version
1. Save MP, and import into environment
From SCOM Console, Authoring Tab
1. Update group with explicit members
2. Verify Group members
From SCOM Console, Monitoring Tab
1. Verify Performance view has performance counters
From SCOM Console Reporting Tab (this may take a few minutes to push report to Reporting server)
1. Open report and run
2. Export data for analysis

Load Test MP with Report

Read below if you want a specific MP for load testing

I don’t know about you, but I’ve come across the situation where you need to compare performance.

This MP should help validate performance, whether to validate physical versus virtual, or a new Server Farm, storage performance between environments, etc.

Shout to Tyson Paul for his initial MP with 2016, catch his blog here!

Let’s start with the MP shell

Check out the upcoming Gallery download for MP’s and fragments here

NOTE: GUID’s will vary to your environment

To build the MP, you will need to update the following:

Pack ID to include the OS version

Add Reference for OS Monitoring MP (can use Visual Studio (VS) MP alias if VS is available for use in your environment)

Class Type ID with OS version

Discovery ID and Target with OS Version

Overrides ID with OS Version, and Target with OS MP Rule name and reference

Use the OS Monitoring MP to help with the rule names

The far right of the Override lists the Rule that must match to the OS MP

View ID with OS Version

Folder Item Element ID and ID

MP Display Strings with OS Version

Save and Import MP without the Report parameter to see what Group ID SCOM assigns the Load Test group

Part 2 – include report after group is imported

Don’t forget to update MP version under Identity!

Get Report parameter value for group ID

From PowerShell

get-ScomGroup | ? { $_.DisplayName -like “*Load Testing Group*” } | fl ID,DisplayName

Alternatively, obtain from SQL SSMS

select [ManagedEntityDefaultName],[ManagedEntityRowId]

FROM [vManagedEntity]

where [ManagedEntityDefaultName] like ‘%load%’

order by displayname

SSMS Output

In MP XML, update View Target GUID to your Group ID

Add Report section, and update parameter values Rule GUID

PowerShell commands to run from MS or console installed machine

The GUID’s needed for the report parameters section