To do so, I can either use the OpsMgr SDK or the OperationsManager PowerShell module. I’ve developed below scripts to run locally on a management server:

Using SDK:

$MgmtServer = $Env:COMPUTERNAME
#Connect to SCOM management group
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.OperationsManager.Common") | Out-Null
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.OperationsManager") | Out-Null
$MGConnSetting = New-Object Microsoft.EnterpriseManagement.ManagementGroupConnectionSettings($MgmtServer)
$MG = New-Object Microsoft.EnterpriseManagement.ManagementGroup($MGConnSetting)
$MG.GetManagementGroupMonitoringObject()

TimeAdded property indicates the MG initial installation date.

Using OperationsManager PowerShell module:

import-module OperationsManager
$mg = Get-SCOMManagementGroup
$mg.GetManagementGroupMonitoringObject() | format-list

The post Finding OpsMgr Management Group Installation Date Using PowerShell appeared first on Tao Yang's System Management Blog.

Being technical in I.T industry means I always have to keep myself up to date with the latest technologies and certifications. 2012 in particular has been very busy for me. Firstly, I became a dad in June, 2012. Secondly, we can all recall how many products that Microsoft has released in 2012! I started studying and preparing for exams around March, April 2012 during my spare time. Now, just a little bit over 1 year, I have completed the following exams during this period:

70-243: Administering and Deploying System Center 2012 Configuration Manager

70-410: Installing and Configuring Windows Server 2012

70-411: Administering Windows Server 2012

70-412: Configuring Advanced Windows Server 2012 Services

70-246: Monitoring and Operating a Private Cloud with System Center 2012

70-247: Configuring and Deploying a Private Cloud with System Center 2012

With these exams, I’ve earned 3 certification:

• Microsoft Certified Technology Specialist (MCTS): Administering and Deploying System Center 2012 Configuration manager
• Microsoft Certified Solutions Associate: Windows Server 2012
• Microsoft Certified Solutions Expert: Private Cloud

In terms of taking exams, it should be done and dusted for me for a while (unless Microsoft releases other System Center related certificates in the near future).

What’s next?

There are few books that I really want to have a good read, i.e. SCOM 2012 unleashed book and the upcoming Orchestrator Unleashed book. I’m also planning to start working on updating the OpsMgr Self Maintenance management pack very shortly. And with the System Center 2012 upgrade project at work, I will definitely still be very busy.

The post I’m Now a Microsoft Certified Solutions Expert (MCSE): Private Cloud appeared first on Tao Yang's System Management Blog.

When I tried to launch VMM using an account with Full Administrator rights, the console got stuck on below screen during load and would not go any further:

I also found out if I use an account which is a member of a Delegated Admin role that I’ve created called “Cloud Admin”, although it also got stuck on this screen, but the console would eventually load after 10-15 minutes.

Long story short, after spent my entire night troubleshooting, I noticed there were few job got stuck on “Running” state by querying the database using below query:

SELECT * FROM [VirtualManagerDB].[dbo].[tbl_TR_TaskTrail] where TaskState = 'Running'

All of these running jobs were trying to run the VMM cmdlet Get-SCOpsMgrConnection. It seems each of this job is associated to a console connection attempt. I then tried to manually run this cmdlet from a PowerShell console, it also got stuck.

My OpsMgr management group consists 4 management servers and I’ve created a NLB cluster for the Data Access Service. I have configured OpsMgr integration in VMM using the NLB name a while back and the VMM console was working this morning before I went to work. I checked my OpsMgr servers, they are all healthy and I am able to connect to OpsMgr console using the NLB name from a Windows 8 machine. I’m not sure at this stage what’s causing it.

In order to get VMM consoles fixed as soon as possible, I’ve taken the following steps:

1. Kill all VMM console connections via task manager on all the machines that are trying to connect.

2. Restart System Center Virtual Machine Manager service on the VMM server in order to get rid of these running jobs

3. Use PowerShell cmdlet Remove-SCOpsMgrConnetion –force to remove the OpsMgr connection

4. Confirm the OpsMgr connection is removed from the database by running below SQL query:

SELECT * FROM tbl_MOM_OMConnection

5. I restarted VMM service again just to be safe

Now I can open VMM console from any computers on my network

I’ll try to add OpsMgr connection back in later. It’s bed time now…

The post Unable to Launch SCVMM 2012 Console appeared first on Tao Yang's System Management Blog.

Yesterday morning, there were some tradies working in my house fixing a leakage in my shower. I was just about to get in the car leaving home for the MS 70-246 exam, they connected some tools to a powerpoint and popped the safety switch. Therefore all my computers got shutdown unexpectly. I quickly switch the safety switch back on and left home.

After I came home few hours later, I turned all the computers back on and made sure all VM’s were up and running.

Today is a public holiday in Australia and New Zealand, and since I’ve just passed a exam yesterday after 2 months of study, I was going to spend some time with my daughter and trying to stay away from doing more work in the lab.

Unfortunately, my day didn’t turnout as what I’ve planned. This morning, I noticed there were around 15 VMs missing from one of my Windows Server 2012 Hyper-V hosts. I had 21 VMs running on that box and I could only see 6. all the rest were gone from the Hyper-V console.

On this Hyper-V server (named HYPERV01), there are 3 SATA disks and 2 SSDs hosting VMs. I found out all VMs from 2 out of 3 SATA drives went missing.

I checked C:\ProgramData\Microsoft\Windows\Hyper-V\Virtual Machines and all the symbolic links for VM’s are still there. Below errors were logged in the event log:

According to http://support.microsoft.com/kb/2249906, It could be caused by insufficient NTFS permissions. I double, triple checked NTFS permissions, and used icacls command to assign virtual machine SID permission to VHDs and XMLs (as suggested in the KB), it didn’t help.

Another KB, http://support.microsoft.com/kb/969556 suggests it’s caused by Intel IPMI driver. Although I’m running Windows Server 2012, not 2008 R2, I still downloaded Intel’s ResetAccess utility as suggested in the KB but it couldn’t run on Windows Server 2012.

KB961804(http://support.microsoft.com/kb/961804) reckons it’s caused by antivirus on access scan and exclusion list. I’m using SCEP (System Center Endpoint Protection) which comes with SCCM 2012. I previously configured exclusion using the Hyper-V antimalware policy template that comes with SCCM, and on top of what’s in the template, I’ve also added few file extensions to the policy (.VHD; .VHDX; .AVHD). However, I didn’t add .XML file type and the path to where VM’s are stored. I couldn’t go to SCCM and fix up the policy – because the Central and the primary site server where my Hyper-V is reporting to are among those 15 missing VM’s.

I didn’t configure to allow users to override SCEP on-access scan settings and exclusion list. So there is no way I could configure SCEP. I’ve then uninstalled SCCM client using “ccmsetup /uninstall” and and uninstalled SCEP agent from Programs and Features in Control panel. I rebooted HYPERV01 after the uninstallation.

After reboot, nothing’s changed. Still not fixed. I then spent next 5-6 hours tried many things including copying all VM’s out of a problematic drive and the reformatted the drive…

I also found in VMM console, the 2 problematic disks (D:\ and E:\) did not show up in the Hyper-V server properties:

Under the Storage tab, it showed these 2 drives have 0 GB available but in fact, both of them only have around 200 GB data on the 1 TB drives.

I tried to re-import the missing VM’s back, but I got this error:

Finally, at 11:00pm, I managed to fix the issue. I uninstalled “Windows Firewall Configuration Provider” from Programs and Features

According to some Google search results, it is a part of SCEP client. After uninstallation and a reboot, all my VM’s appeared in the Hyper-V console:

For those VMs that were copied back to the formatted drive, I had to configure NTFS permission as per KB2249906 before they could be started (because during the copying processes, the VM SID has lost access). (Tip: use /T switch in icacls command to apply the permission to all files and folders below).

Now I’ll have to put SCCM client back on and re-configure Hyper-V antimalware policy. I’ll leave it to tomorrow…

Anyways, this is how I spent my ANZAC day holiday. Maybe it’s time to get few UPS’s for the lab…

The post Missing Virtual Machines After An Unexpected Shutdown of Hyper-V Host appeared first on Tao Yang's System Management Blog.

Last night, I created a Cloud Resources Subscription Request, and then tried to assign the cloud resources to this request. While I was going through the “Assign Cloud Resources” wizard, I got stuck because my VMM server does not show up in the drop down list:

This has really annoyed me as it’s hard for me to find time to study and prepare for the exam with all the stuff going on at work. The only time I can study is from 9:30pm to 1:00am – after my daughter went to bed… the last thing I want to see at 12:00 mid night is an error stop me from going through the lab.

Anyways, after spending some time on google, I found people are having same issues as me and posted the question on the TechNet forum. As suggested in the forum thread, the issue is the VMM 2012 Discovery management pack.

In my case, this MP was not selected in the SCOM CI connector in Service Manager. I couldn’t select it because it was greyed out in the connector. It was greyed out because the version of the MP loaded in Service Manager was 3.0.6005.0 and the version loaded in OpsMgr is 3.1.6011.0.

According to this article, 3.0.6005.0 is the build number for VMM 2012 RTM and 3.1.6011.0 is the build number for VMM 2012 SP1 RTM. Looks like the VMM MP author is trying to match the VMM build version and MP version.

Version 3.0.6005.0 comes with the SP1 version of the Cloud Service Process Pack. Thus this was the one I imported in to Service Manager.

Version 3.1.6011.0 comes with VMM 2012 SP1 installation (located on the VMM server, under <VMM Installation directory>\ManagementPacks directory), and it has been previously imported into my OpsMgr management group.

I also found out the VMM 2012 management pack on Microsoft’s management pack catalog (http://systemcenter.pinpoint.microsoft.com) is version 3.0.6019.0, which is different again…

After I imported version 3.1.6011.0 to Service Manager (because it’s the latest version and it’s the version in OpsMgr), I was able to select VMM 2012 Discovery MP in the OpsMgr CI connector:

I went to bed after I manually kicked off the connector synchronisation, this morning, the VMM server address appeared in the wizard:

Well, I guess it’s all part of the learning. Since I’m still pretty new to Service Manager, I’m not sure how many people in System Center community already know this issue. This post is more like a note to myself. I’m not sure why Microsoft included a very old version of the VMM MP in the most recent release of the Cloud Service Process Pack (which was only released last month).

The post Unable to Select VMM Server in Assign Cloud Resources Wizard in Service Manager appeared first on Tao Yang's System Management Blog.

HP Proliant N54L:

Yesterday, I was going through the labs for Microsoft exam 70-246: Minotoring and Operating a Private Cloud with System Center 2012 and I ran into issues that I could not create a VMM connector to connect to my new VMM server from Service Manager. I got a very simple error message: “Cannot connect to VMM server <vmm server name>”

While I was troubleshooting it, I realised 2 other issues:

1. I couldn’t create a PowerShell remote session to my VMM server using PowerShell command like:

New-PSSession –ComputerName <VMM server FQDN> –Credential <Service Manager VMM Connector Account>

2. After I have created a connection to the new VMM server in the Orchestrator VMM integration pack, I modified an existing test runbook called “Get Cloud” to use the new connection, and it also failed.

All of these worked fine on the old VMM server, WinRM is configured exactly the same between old and new VMM severs because it configured in a domain GPO.

Both these errors were related to some kind of Kerberos authentication errors. (It was very late at night, I forgot to take screenshots while I was troubleshooting it).

After few hours troubleshooting, I have found the problems:

1. During VMM install, I installed SQL server on the VMM server. I somehow installed SSRS (SQL Server Reporting Services) as well although it’s not required for VMM. I had SSRS running on a service account and I have registered the SPN’s for SSRS (i.e. setspn.exe –A http/<VMM server Name> <Service Account>). I realised SSRS was installed by mistake, so I uninstalled it. As soon as I removed the SPN’s for the http service (for SSRS), PowerShell remote sessions started to work. – because PS Remoting also uses http.

2. I then tried to run the VMM PowerShell cmdlet Get-SCVMMServer in the remote shell against the VMM server and I got an error:

The type or name syntax of the registry key value IndigoTcpPort under Software\Microsoft\Microsoft System Center Virtual Machine Manager Administrator Console\Settings is incorrect.

Luckily I found this blog article. In my VMM server’s registry, the value IndigoTcpPort under HKLM\SOFTWARE\Microsoft\Microsoft System Center Virtual Machine Manager Administrator Console\Settings is a REG_SZ (string) with no value configured. After I deleted it and recreated a REG_DWORD with value 1fa4 (which is hexadecimal for 8100), everything started working. The Get-SCVMMServer cmdlet worked fine. Service Manager VMM Connector was successfully created and Orchestrator runbooks were able to run.

So to summarise what I’ve done. I’ve reviewed and removed the SPN’s for http service which were originally created for SSRS, and corrected the “IndigoTcpPort” registry value.

It was not how I would like to spend my Saturday night, but I’m glad I’ve got it fixed so I can continue with my study.

The post Failed to Connect to VMM 2012 via Service Manager Connector and Orchestrator VMM Integration Pack appeared first on Tao Yang's System Management Blog.

But then I thought, I might as well do it, just to close the circle. Al though I hate any Apple products (except the old 160GB iPod Classic, which I still use), I’ve spent some time to work out how to do the same for iOS devices – Because iOS is still the most popular mobile devices out there…

An iPhone user at work told me he uses an iOS app called Prowl for his NZB or Sick Beard notifications (I wasn’t really sure exactly, don’t really spend too much time watching TV)…

So I’ve modified the PowerShell script to utilize Prowl API as well.

Luckily my partner has a spare first generation iPad doing nothing because she’s now using an iPad 3, I’m able to use this old iPad for testing.

I’ll now go through the steps to setup Prowl first, the command notification channel is pretty much the same with my previous post (I’ll go through what’s changed).

1. Firstly, buy and download Prowl from Apple App Store for $2.99: https://itunes.apple.com/us/app/prowl-growl-client/id320876271?mt=8&ign-mpt=uo%3D4

2. Go to Prowl’s website and register an account: https://www.prowlapp.com/register.php

3. Logon with the account and generate an API Key:

4. Logon to Prowl on your iOS device.

Now the the iOS device is configured.

Below is the updated PowerShell script used for command notification channel:

Param($os,$apikey,$alertname,$alertsource,$alertseverity,$alertTimeRaised,$alertdescription)

# Enter the name of the application the notification originates from.
$application = "OM2012"

# Enter The event that occured. Depending on your application, this might be a summary, subject or a brief explanation.
$event = "OM2012 Alert"

Switch ($alertseverity)
{
"2" {$strSeverity = "Critical"}
"1" {$strSeverity = "Warning"}
"0" {$strSeverity = "Information"}
}

# The full body of the notification.
$description = @"
AlertName: $alertname
Source: $alertsource
Severity: $strSeverity
TimeRaised: $alertTimeRaised
Description: $alertDescription
"@

#description maximum length is 10000, truncate it if it's over
If ($description.length -gt 10000)
{
$description = $description.substring(0,10000)
}
#You can enable the write-eventlog for logging purposes.
#write-eventlog -LogName Application -source MSIInstaller -EventId 999 -entrytype Information -Message $description

# An optional value representing the priority of the notification.
$priority = "-2"

# Specifies the responsetype you want. You can currently choose between JSON or XML (default)
$type = "json"
$os = $os.tolower()
Switch ($os)
{
    "android" {$uri = "http://notifymyandroid.com/publicapi/notify?event=$event&priority=$priority&application=$application&description=$description&apikey=$apikey&type=$type"}
    "windows" {$uri = "http://notifymywindowsphone.com/publicapi/notify?event=$event&priority=$priority&application=$application&description=$description&apikey=$apikey&type=$type"}
    "ios" {$uri = "http://api.prowlapp.com/publicapi/add?event=$event&priority=$priority&application=$application&description=$description&apikey=$apikey&type=$type"}
}

#Invoke-WebRequest -Uri $uri
$response = [System.Net.WebRequest]::Create($uri)
$response.GetResponse()

The script can also be downloaded here.

I have made the following changes to the script:

1. Windows PowerShell version 3 is no longer a requirement.

As we all know, Microsoft has removed Windows Management Framework 3.0 update for operating systems earlier than Windows 8 & Server 2012 from WSUS couple of months ago because it breaks many applications including SCCM, SharePoint, etc.. More Info can be found here. I saw someone posted a question in System Center Central’s forum wanting to install WMF 3.0 on OpsMgr management servers just to run this script. So I replaced the PowerShell 3.0 cmdlet Invoke-WebRequest (which was inherited from Stefan’s original script) with a .NET method in System.Net.WebRequest.

2. The original script was displaying alert severity as number (0 = information, 1 = warning, 2 = critical), I’ve updated it to display the actual severity in English rather than number.

3. the $os parameter supports additional value of “ios”.

The command notification setup is exactly the same as the previous version (except OS parameter now supports “ios”):

In my lab, the script is located on D:\Scripts\MobileDevices-Notification on all my management servers, so the setup looks like:

Full path of the command line:

C:\WINDOWS\system32\windowspowershell\v1.0\powershell.exe

Command line parameters:

D:\Scripts\MobileDevices-Notification\MobileDevicesPushNotifications.ps1 ‘<mobile device type>’ ‘<API Key>’ ‘$Data/Context/DataItem/AlertName$’ ‘$Data[Default='Not Present']/Context/DataItem/ManagedEntityPath$\$Data[Default='Not Present']/Context/DataItem/ManagedEntityDisplayName$’ ‘$Data/Context/DataItem/Severity$’ ‘$Data/Context/DataItem/TimeRaisedLocal$’ ‘$Data[Default='Not Present']/Context/DataItem/AlertDescription$’

Startup Folder:

D:\Scripts\MobileDevices-Notification

Note:

The script takes the following parameters (in the correct order):

1. OS: support either “ios”, “android” or “windows”

2. API key: generated from either Notify My Windows Phone or Notify My Android website

3. AlertName

4. AlertSource: Addition to Stefan’s script.

5. AlertSeverity

6. AlertTimeRaised

7. Alert Description: Addition to Stefan’s script.

Command line samples (assuming the API key is 1111111111111111):

For iOS devices:

D:\Scripts\MobileDevices-Notification\MobileDevicesPushNotifications.ps1 ‘ios’ ‘1111111111111111’ ‘$Data/Context/DataItem/AlertName$’ ‘$Data[Default='Not Present']/Context/DataItem/ManagedEntityPath$\$Data[Default='Not Present']/Context/DataItem/ManagedEntityDisplayName$’ ‘$Data/Context/DataItem/Severity$’ ‘$Data/Context/DataItem/TimeRaisedLocal$’ ‘$Data[Default='Not Present']/Context/DataItem/AlertDescription$’

For Android devices:

D:\Scripts\MobileDevices-Notification\MobileDevicesPushNotifications.ps1 ‘android’ ‘1111111111111111’ ‘$Data/Context/DataItem/AlertName$’ ‘$Data[Default='Not Present']/Context/DataItem/ManagedEntityPath$\$Data[Default='Not Present']/Context/DataItem/ManagedEntityDisplayName$’ ‘$Data/Context/DataItem/Severity$’ ‘$Data/Context/DataItem/TimeRaisedLocal$’ ‘$Data[Default='Not Present']/Context/DataItem/AlertDescription$’

For Windows phone devices:

D:\Scripts\MobileDevices-Notification\MobileDevicesPushNotifications.ps1 ‘windows’ ‘1111111111111111’ ‘$Data/Context/DataItem/AlertName$’ ‘$Data[Default='Not Present']/Context/DataItem/ManagedEntityPath$\$Data[Default='Not Present']/Context/DataItem/ManagedEntityDisplayName$’ ‘$Data/Context/DataItem/Severity$’ ‘$Data/Context/DataItem/TimeRaisedLocal$’ ‘$Data[Default='Not Present']/Context/DataItem/AlertDescription$’

On my iPad, when an alert has arrived:

And I can also see the details once I opened Prowl:

Similar to the Android and Windows phone APIs, Prowl has a limitation of 1000 notifications per hour from an IP address. I wouldn’t think any healthy OpsMgr environments would hit that limit.

If you’ve already got the notification channel setup for Android device (from my previous post), you can simply replace the script with the new one. and the same script can be used for iOS and Windows phone devices too.

Summary

At this stage, this script would work on all 3 major mobile device types: iOS, Android and Windows Phone by using 3 different push notification API’s:

Windows Phone: Notify My Windows Phone

Android: Notify My Android

iOS: Prowl

Again, thanks Stefan for his original posts and script. Hopefully this script will be adopted by more people as most of the population is still using iOS and Android devices.

The post OpsMgr Alerts Push Notification to iOS (And Android, And Windows Phone) Devices appeared first on Tao Yang's System Management Blog.

Few days ago, I posted an article: OpsMgr Alerts Push Notification to Android Devices. In my lab, I have created a subscription to notify me all new critical alerts using this channel:

In the first few days, I wasn’t paying too much attention when every time I get spammed by these push notifications on my phone, 2 days ago, I realised every new critical alerts gets pushed to my phone twice and two notifications are 1-2 minutes apart:

Cause

After some troubleshooting, I found the Service Manager’s OpsMgr Alert Connector is causing this issue. Well, I wouldn’t say it’s a fault or bug, it’s just the way that OpsMgr alert notifications handles alert.

In my lab, I have configured an OpsMgr Alert Connector in Service Manager. As a result, Service Manager updates the OpsMgr alert with a Ticket ID after the alert is generated:

And in alert history tab, you can see Service Manager updated the alert soon after it was initially raised:

Looks like this issue has been identified for a long time. some one has already posted a thread in TechNet forum back in 2009: http://social.technet.microsoft.com/Forums/en-US/operationsmanagergeneral/thread/4d2f7f8f-c616-483e-a5af-8c77f5d20953/

OpsMgr alerts get processed by notification subscriptions every time they are updated. i.e. If I take a critical alert with resolution state of “New” and set the resolution state to “New” again in the OpsMgr console, it will get processed again by subscriptions:

Therefore I wouldn’t blame service manager for this issue.

Possible Solutions

I can think of 3 possible solutions:

1. Put a 3 minutes delay in the OpsMgr alert subscription since Service Manager alert connector is configured to check OpsMgr every 60 seconds.

2. add another criteria to the alert subscription: with a “%” ticket ID – which means ticket ID must match a wildcard (%).

3. Modify the criteria to notify any new critical alert WITHOUT a ticket ID.

Each option has it’s pros an cons.

Option 1 would wait Service Manager 3 minutes so it can process the alert first. However, if the alert is generated by a monitor and the monitor has a recovery task, the alert is probably already closed after 3 minutes and you will not get notified. this may not be the desired result.

Option 2 would only pick up alerts that have already been processed by Service Manager. This adds a unnecessary dependency. If for some reasons Service Manager is down, Ticket ID field in the OpsMgr alert will not get updated, therefore alert subscription will not pick up the alert.

To me, Option 3 makes most of the sense. The subscription should only pick up the “brand new” new critical alerts, before Service Manager updates the Ticket ID. – But, it’s not that easy to configure. Why? because I cannot specify conditions like “and with a NULL ticket ID” via the OpsMgr Console. As you can see below, I can only specify a wildcard match to ticket ID:

Luckily I can do this outside of the console, by directly modifying the OpsMgr “Notification Internal Library” MP. Kevin Holman has an excellent blog post on this topic: Creating granular alert notifications – rule by rule, monitor by monitor.

So I’ve decided that I’m going to go for option 3. I’ll now go through the steps I took to modify the existing alert subscription.

1. Export AND BACKUP the “Notification Internal Library” MP from the OpsMgr console (Microsoft.SystemCenter.Notifications.Internal.xml)

2. Open Microsoft.SystemCenter.Notifications.Internal.xml with a text editor (i.e. Notepad++).

3. Towards the end of the file, in the <LanguagePack> section, find the <DisplayString> associated to the subscription. Make sure the Name in <Name> tag matches the subscription name in the OpsMgr console, and ElementID starts with “subscription”

4. Change the name in <Name> tag, add “-Do Not Change In UI” at the end (As shown above). this is to remind anyone not to change this subscription in the Operations console after it’s imported back.

5. Find the Rule with the same ID as the ElementID for the <DisplayString> taken from step 3. The rule should be under <Monitoring><Rules> tags.

6. Modify the DataSource module of this rule, Add below expression in <Expressions><And> tag:

<Expression>
<UnaryExpression>
<ValueExpression>
<Property>TicketId</Property>
</ValueExpression>
<Operator>IsNull</Operator>
</UnaryExpression>
</Expression>

Before:

After:

7. Save the changes and import the MP back to OpsMgr management group.

8. Wait few minutes for the new configuration to become active. Once it’s active, you will no longer see the criteria in operations console:

Now, when I test this notification by creating a critical alert (using a test alert generating rule I’ve configured previously), I only get 1 notification pushed out to my phone (and it was pushed out before Service Manager updated it):

More Information

MP Schema Reference:

ExpressionType: http://msdn.microsoft.com/en-us/library/ee692979.aspx

ExpressionType (GroupPopulationSchema): http://msdn.microsoft.com/en-us/library/ff472337.aspx

Note: I used UnaryExpression, which is only listed in GroupPopulation Schema ExpressionType. but it worked in this scenario.

Related Blog Articles:

Using Expressions and Wildcards to create groups, author rules and monitors, create console views and notification subscriptions, and in the Command Shell: http://blogs.technet.com/b/jonathanalmquist/archive/2010/10/13/regular-expression-syntax-in-scom-for-filtering-groups-monitor-elements-operational-views-notification-subscriptions-etc.aspx

Creating granular alert notifications – rule by rule, monitor by monitor: http://blogs.technet.com/b/kevinholman/archive/2008/10/12/creating-granular-alert-notifications-rule-by-rule-monitor-by-monitor.aspx

The post Duplicate OpsMgr Alert Notifications Caused by Service Manager’s OpsMgr Alert Connector And Ways Around It. appeared first on Tao Yang's System Management Blog.

Background

Stefan Stranger has written a 2-part blog post on how to use Windows Phone push notification for OpsMgr alerts. Stefan’s posts can be found here:

Part 1

Part 2

I got so excited about this idea, but I’m a big fan for Android when comes to mobile devices. I am currently using a Samsung Galaxy Nexus phone and a Samsung Galaxy Tab 2 10.1 tablet – both of them are Android devices. So I’ve spent some time to see if I can do the same for Android devices.

It turned out, there is also an app for Android devices, called “Notify My Android” . And the API’s for both apps are the same.

Setup Instructions

It’s pretty much the same way to get this setup for Android devices. I’ll now go through the steps to configure push notification for Android devices (and also for Windows Phones):

1. Install “Notify My Android” on Android devices via Google Play

2. Sign up – either from android device or from https://notifiymyandroid.com

3. Generate an API key from https://notifymyandroid.com, under “My Account”

Note:

Stefan mentioned the “Notify My Windows Phone” app costs $1.99. “Notify My Android” app is actually free from Google Play, HOWEVER, after you’ve signed up, your account is only a trail account. the limitation for the trail accounts is that you only get 5 push notifications per day. Premium account has removed this limit It costs one-off payment of $4.99 to upgrade to premium account. the upgrade payment can either be made via Google Play on your android devices or using PayPal via the website. I upgraded my account via Google Play (as I thought it’s easier than using PayPal).

As I have 2 Android devices, I don’t need to create multiple accounts or generate multiple API keys. Once I’ve logged in on both devices using my premium account, the push notifications get delivered to both devices at the same time.

4. copy this script to a unique location on all OpsMgr management servers in the Notifications Resource Pool (by default, this resource pool contains all management servers). In my lab, I have copied the script to D:\Scripts\MobileDevices-Notification on all my management servers. Below is what my updated script look like:

#Requires -Version 3

Param($os,$apikey,$alertname,$alertsource,$alertseverity,$alertTimeRaised,$alertdescription)

# Enter the name of the application the notification originates from.
$application = "OM2012"

# Enter The event that occured. Depending on your application, this might be a summary, subject or a brief explanation.
$event = "OM2012 Alert"

# The full body of the notification.
$description = @"
AlertName: $alertname
Source: $alertsource
Severity: $alertseverity
TimeRaised: $alertTimeRaised
Description: $alertDescription
"@

#description maximum length is 10000, truncate it if it's over
If ($description.length -gt 10000)
{
$description = $description.substring(0,10000)
}
#You can enable the write-eventlog for logging purposes.
#write-eventlog -LogName Application -source MSIInstaller -EventId 999 -entrytype Information -Message $description

# An optional value representing the priority of the notification.
$priority = "-2"

# Specifies the responsetype you want. You can currently choose between JSON or XML (default)
$type = "json"
$os = $os.tolower()
Switch ($os)
{
"android" {$uri = "http://notifymyandroid.com/publicapi/notify?event=$event&priority=$priority&application=$application&description=$description&apikey=$apikey&type=$type"}
"windows" {$uri = "http://notifymywindowsphone.com/publicapi/notify?event=$event&priority=$priority&application=$application&description=$description&apikey=$apikey&type=$type"}
}

Invoke-WebRequest -Uri $uri

I’ve modified Stefan’s script (used in OpsMgr command notification channel) a little bit. Below is a list of what’s changed in my version of the script:

• supports both Windows Phone’s “Notify My Windows Phone” app and Android’s “Notify My Android” app.
• Script is more generic as the API key is not hardcoded in the script, instead, it’s passed into the the script as a parameter.
• Push notification messages contain additional alert information – alert source, alert description. – As both app’s API’s supports maximum 10,000 characters in notification description, the script will truncate the message to 10,000 characters if it’s over the limit.
• Additional parameters are required to be passed into the script. – therefore the OpsMgr command channel is different than Stefan’s version.

5. Setup command notification channel:

Full path of the command line:

C:\WINDOWS\system32\windowspowershell\v1.0\powershell.exe

Command line parameters:

D:\Scripts\MobileDevices-Notification\MobileDevicesPushNotifications.ps1 ‘<mobile device type>’ ‘<API Key>’ ‘$Data/Context/DataItem/AlertName$’ ‘$Data[Default='Not Present']/Context/DataItem/ManagedEntityPath$\$Data[Default='Not Present']/Context/DataItem/ManagedEntityDisplayName$’ ‘$Data/Context/DataItem/Severity$’ ‘$Data/Context/DataItem/TimeRaisedLocal$’ ‘$Data[Default='Not Present']/Context/DataItem/AlertDescription$’

Startup Folder:

D:\Scripts\MobileDevices-Notification

Note:

The script takes the following parameters (in the correct order):

1. OS: support either “android” or “windows”

2. API key: generated from either Notify My Windows Phone or Notify My Android website

3. AlertName

4. AlertSource: Addition to Stefan’s script.

5. AlertSeverity

6. AlertTimeRaised

7. Alert Description: Addition to Stefan’s script.

The command line parameter can be populated by using pre-defined OpsMgr variables:

6. Follow Part 2 of Stefan’s original post to setup Subscriber and Subscriptions.

I cannot test my version of the script against Windows phones because I don’t have one. But I’m fairly confident it should work. From what I can see, the API’s for both apps are exactly the same. Well, the only difference is the URL’s for API calls:

I think in real world, this is a very cost effective solution for alerts notification to mobile devices. According to the API documentations, multiple API keys can be used in a single API call. When using multiple API keys, the API keys needs to be separated by comma. Again, I have not tested this scenario against my script because I don’t really want to spend another $4.99 for another premium account.

If it’s required to setup push notification to multiple people (different mobile devices types, different notify app accounts and different Microsoft / Google accounts, thus different API keys), separate command notification channels need to be created (one per API key or group of API keys).

Below are what I get on my Android devices:

On the phone:

On the tablet:

Limitations

According the the FAQ pages on both websites, there are some limitations that are worth mentioning:

Notify My Windows Phone:

Are there any limitations to the amount of messages I can send?

Yes – The Microsoft Push Notification Service throttles notifications at 500 per 24 hours per device. The messages will however be stored temporarily at NotifyMyWindowsPhone, so they can be retrieved manually by hitting refresh from within the Windows Phone App.

Notify My Android:

Is there a rate limit for using the public API?

Yes. Right now the limit is set to 800 API calls per hour from a given IP. Remember that you can notify multiple API keys on a single API call. Please check the API documentation for more details. Very few applications managed to reach that limit so far, but if you hit the cap too often, feel free to contact us and ask for a developer key.

In my opinion, if you get over 500 messages a day on your Windows phone or 800 in one hour on android devices, there are something seriously wrong with your infrastructure or you might want to re-configure alert subscriptions to only notify really critical alerts.

Credit

Big thanks to Stefan for providing such an wonderful solution in the first place.

The post OpsMgr Alerts Push Notification to Android Devices appeared first on Tao Yang's System Management Blog.

First of all, apologies for this mistake. I wrote the PowerShell script for the probe action module back in July last year, when most of world was in summer. I didn’t even think about negative values and I couldn’t test it anyway…

Last night, I spent some time fixing the management pack. As I was fixing the code, I also found few other issues due to in consistencies in www.webservicex.net (where the MP is getting the data from). for example, some locations have decimal points in temperature value (i.e. Vancouver, Canada), some locations have multiple <Wind> tags in the return data, etc. oh well, webservicex is a free service so there’s no point bagging them for inconsistencies.

Below is a list of bugs that are fixed in this release (1.0.1.0):

• Incorrect temperature collected when the reading is below zero
• Incorrect temperature collected when the reading contains decimal points
• script error when pressure reading is not within <pressure> tag (i.e. Vancouver, Canada uses <PressureTendency> tag). in this situation, pressure reading is not probed.
• fixed wind direction and speed probe when there are multiple <Wind> tags in the result.
• Agent task not displaying wind speed in KM/H
• Updated temperature related performance views to display negative temperature readings.

Note:

I’ve updated below 4 temperature related performance views so they can display negative values:

The Y-Axis range is set to –130 to 134 (degrees) for Imperial Unit (Fahrenheit) and –90 to 57 (degrees) for Metric Unit (Celsius). According to Wikipedia, these figures are the highest and lowest temperature ever recorded on this plant. They can be customised by right clicking the view and choose “Personalize view…”:

the updated MP can be downloaded HERE. The download link from the original post is also updated.

The post OpsMgr Weather Monitoring MP Updated appeared first on Tao Yang's System Management Blog.

As the result, when I tried to run the report, I get this error:

I found a blog article from Dieter Wijckmans “SCOM 2007: Scheduled reports failing”, it indicates it’s because there are duplicate management group ID specified in the report parameters. Dieter’s fix doesn’t really apply to me as the my report is not a scheduled report, however, my approach is much easier.

below is what I’ve done:

1. log on to the RMS box, and run below PowerShell script to get the management group ID:

$RMS = $env:computername
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.OperationsManager.Common") | Out-Null
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.OperationsManager") | Out-Null

$MGConnSetting = New-Object Microsoft.EnterpriseManagement.ManagementGroupConnectionSettings($RMS)
$MG = New-Object Microsoft.EnterpriseManagement.ManagementGroup($MGConnSetting)
$MG.Id

Note:

If RMS is clustered, replace “$env:computername” to the RMS cluster name in the first line.

2. export the management pack (assuming the linked report is stored in a unsealed MP), open the unsealed MP in a text editor

3. Go to

<Reporting>

<LinkedReports>

<LinkedReport ID= (where ID is the Id of the problematic report)

<Parameters>

Find the ManagementGroupId parameter and delete the incorrect value

4. Save the XML and import the unsealed MP back to the management group.

After importing the MP back, the “Data Aggregation” field is populated:

Note:

I can also change the report parameter in SSRS web site:

However, by directly modifying report in SSRS, the fix is only temporary. the original MP is not fixed and it will over write the report definition in SSRS. I’ve tried to update SSRS directly, the report got changed back shortly after.

The post “Data Aggregation” field became empty in OpsMgr 2007 linked Performance Report appeared first on Tao Yang's System Management Blog.

Over the last few days, since it was the long weekend down here in Victoria, I spent some time setting up the Talking Heads web application to explorer APM in OpsMgr 2012. I was following the instructions in Chapter 9 in the Mastering System Center 2012 Operations Manager book. The instructions in this chapter is exactly the same (almost word to word) as the 3-part series in Kevin Greene’s blog (Part 1, Part 2, Part 3). – Looks like we know who’s the author for this chapter. – Thanks Kevin

Anyways, I’ve learnt a lot from this chapter as I’ve never dealt with Avicode in 2007 or APM in 2012. While I was exploring the App Diagnostic and App Advisor consoles, I’ve noticed my App Advisor console won’t run any reports! No matter which reports I tried to run, I always get this error:

and as suggested, I got this warning event (EventID 1309) from Windows Application log:

In the exception stack, it shows I cannot connect to the SQL server:

Exception message: An error has occurred during report processing. —> Microsoft.ReportingServices.ReportProcessing.ProcessingAbortedException: An error has occurred during report processing. —> Microsoft.ReportingServices.ReportProcessing.ReportProcessingException: Cannot create a connection to data source ‘AppMonitoringSource’. —> System.Data.SqlClient.SqlException: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 – Could not open a connection to SQL Server)
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)

After spending time trying to fix this issue, I created a DNS Alias record with my old OpsMgr SQL server name pointing to the new SQL server, and it fixed the problem! By doing this, I knew there is one place that I haven’t updated the SQL server name yet. I went through the Technet instructions for moving Operational DB, DW DB and Reporting Server again, I couldn’t find which step was I missing.

Today, I had a second look in the SSRS instance for OpsMgr reporting, I noticed there is an additional data source called AppMonitoringSource under Application Monitoring –>.Net Monitoring. the connection string for this data source was still pointing to the old SQL server:

According to the Technet guide “How to Move the Data Warehouse Database”, as per step 8, only the Data Warehouse Main data source needs to be updated (and of course, if we’ve manually created another data source for operational DB, which is very common and lots of community report MPs requires this datasource, we’d also update it too.). The AppMonitoringSource was not mentioned in the instructions – which I found interesting because step 10 actually covered changing the DB server name in dbo. MT_Microsoft$SystemCenter$DataWarehouse$AppMonitoring, table, we can tell by name is used for APM.

As result, after I’ve changed the connection string in this data source, deleted the DNS alias and flushed DNS cache on my web console server, the problem is now fixed.

So, not sure if the AppMonitoringSource was overlooked by the author of the Technet guide. For anyone who has moved the DW DB in OpsMgr 2012, it’s probably worth checking this data source (by going to http://<reporting server>/reports). I only found out now only because I’ve started using APM in my environment.

The post OpsMgr 2012 App Advisor Web Console Failed To Run Reports After DW Database Move appeared first on Tao Yang's System Management Blog.

You might have heard that this book is already available in ebook formats from Amazon and Barnes & Noble.

I’m sick of waiting for the paperback version that I bought last July from Amazon, it still hasn’t been shipped yet. So I went ahead and also bought the ebook.

I bought the ebook from the publisher’s website: http://www.informit.com/store/system-center-2012-operations-manager-unleashed-9780672335914

Unlike Amazon, when you get from www.informit.com, you’ll get 3 versions of the ebook: epub, mobi and pdf.

Currently the price is $38.39, but for the limited time, if you use the promo code “UNLEASHED2013”, the price will reduce to $37.99 – That’s 40 cents off! what a bargain!

So for those who are getting the ebook and hasn’t made the purchase yet, I’d recommend to get from the above mentioned site as you’ll get all 3 formats:

The post System Center 2012 Operations Manager Unleashed ebook appeared first on Tao Yang's System Management Blog.

After the MP is imported and the “OpsMgr 2012 Self Maintenance Operational Database LocalizedText Table Health Monitor” has been enabled via an override, you’ll soon get this alert from one of the management servers:

The PowerShell script failed with below exception

System.Management.Automation.IncompleteParseException: White space is not allowed before the string terminator.
at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input)
at Microsoft.EnterpriseManagement.Common.PowerShell.RunspaceController.RunScript[T](String scriptName, String scriptBody, Dictionary`2 parameters, Object[] constructorArgs, IScriptDebug iScriptDebug, Boolean bSerializeOutput)

After spent sometime troubleshooting, the issue is a bit stupid, but I’ll remember this in the future:

I wrote the 2007 version using 2007 R2 authoring console, thus no problems found. The 2012 version was written using Visual Studio Authoring Extension. In the particular probe action module used by the monitor type, this is what the raw code looks like:

when I pasted the script in the xml, I tried to format it using the Tab key.

This is what it should look like:

After I removed all the Tab spaces, the monitor started working.

I’ve changed the version number of the 2012 version to 1.0.0.1. I’ll update the MP from the original article from yesterday. For those who has already downloaded the MP, apologies. please download it again and the mp can be in-place upgraded to the new version.

The post “PowerShell Script failed to run” alert in OpsMgr 2012 appeared first on Tao Yang's System Management Blog.

I had this idea to automate some repetitive maintenance tasks that every SCOM administrator perform regularly via a management pack. So I started to write a OpsMgr self maintenance MP during my spare time around July last year, right after my baby girl Rosie was born. since then, I’ve got side-tracked many times, i.e. left for TechEd in September for a week, studying for ConfigMgr 2012 exam, studying for the 3 Windows Server 2012 MCSA exams, writing other management packs such as the Weather monitoring MP, etc. This MP has been sitting there 90% completed for months.

Few of weeks ago, I passed all 3 Windows Server 2012 exams required for MCSA, and got a phone call from my friend Dan Kregor. Dan told me he wanted to write a maintenance MP for OpsMgr, and I told him I’ve got one 90% done. So we got together, went through what needed to be included and Dan gave me some good ideas. Over last few weeks, I have spent most of my spare time working on this MP. Initially this MP was only designed for 2007 (which would also work on 2012), I then decided to build a 2012 version (based on OpsMgr 2012 MP schema) so the MP can utilise resource pools. There are also few additional rules / monitors in the 2012 version. Anyways, I’ve now finally finished both version of the MP. Below paragraphs are ripped from the MP documentation:

Introduction

OpsMgr Self Maintenance Management Pack automates some routine tasks generally performed by OpsMgr administrators on a regular basis. It also provides few rules / monitors to monitor the OpsMgr management group itself. This management pack contains 2 version.

• The OpsMgr 2007 R2 version works on both 2007 R2 and 2012 versions of OpsMgr.
• The OpsMgr 2012 version only works on OpsMgr 2012.

The 2012 version of this management pack is able to utilize OpsMgr 2012 resource pools and also provides additional rules and monitors than the 2007 version. For OpsMgr 2012 environments, it’s strongly recommended to use the 2012 version of this management pack.

The following workflows are included in this management pack:

• Automatically balance OpsMgr agents among a group of management servers.
• Automatically close aged rule-generated alerts
• Convert all manually installed OpsMgr agents to Remote-Manageable.
• Enable Agent-Proxy for all agents
• Backup Unsealed (and Sealed) management packs.
• Remove Disabled discovery objects
• Detect staled stage change events
• Monitoring the size of LocalizedText able from the OpsMgr operational database.
• Detects OpsMgr management servers in maintenance mode (Only available in OpsMgr 2012 version of the MP)
• Performance Collection rule for total number of SDK connection within the management group (among all management servers). (Only available in OpsMgr 2012 version of the MP).
• Agent tasks for:
  • Manually backup management packs
  • Get currently connected users to the SDK service
  • Enable Agent Proxy for all agents.

All the rules and monitors from the OpsMgr Self Maintenance management packs are disabled by default. This is to ensure OpsMgr administrators only turn on the workflows that are required for the OpsMgr environments they support and configure the required parameters for workflows to suit the environment.

The agent tasks from the management packs are enabled by default.

An unsealed override management pack is provided for each version of the OpsMgr Self Maintenance MP. OpsMgr administrators can use provided unsealed override MP for customization or they can also create their own override MPs for this purpose.

Credit

I’d like to thank Dan Kregor for sharing ideas with me and taking time testing the MP.

I appreciate any feedback from the community, this is only the first release, any thoughts on additional workflows that I can build into this MP is much appreciated!

Both versions of the management packs and the documentation can be downloaded HERE.

The post OpsMgr Self Maintenance Management Pack appeared first on Tao Yang's System Management Blog.

Firstly, load the SDK DLL’s. I always use below function:

function Load-SDK()
{
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.OperationsManager.Common") | Out-Null
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.OperationsManager") | Out-Null
}

Load-SDK

Secondly, connect to the management group. Since I’ll be running this script on a management server, I’m connecting to the management group via the SDK service on the local machine:

$MGConnSetting = New-Object Microsoft.EnterpriseManagement.ManagementGroupConnectionSettings($env:computername)
$MG = New-Object Microsoft.EnterpriseManagement.ManagementGroup($MGConnSetting)

Then, get the management group administration

$Admin = $MG.Administration

Finally, get all resource pools

$ResourcePools = $admin.GetManagementServicePools()

In the past, I’ve been using the GetAdministration() method from the management group object to retrieve MG administration object. This time, When I did it, the MG administration object returned from the method does not contain a method for GetManagementServicePools. I then realised the management group contains a property called Administration. the object type is the same as what’s returned from GetAdministration() method.

But it looks like the object returned from the “Administration” property contains more members:

This is just a quick observation. In the future, I’ll remember to check both places.

The post Using SCOM 2012 SDK to Retrieve Resource Pools Information appeared first on Tao Yang's System Management Blog.

I followed the How to Move the Operational Database guide from TechNet. After the migration, I have noticed that on one of my management servers, I kept getting a warning event 28001 and an error event 29112 every couple of minutes in the OperationsManager event log.

Event 28001:

The Root connector received an exception from the Config Service on StateSyncRequest:

System.Runtime.Remoting.RemotingException: Failed to connect to an IPC Port: The system cannot find the file specified.

Server stack trace:
at System.Runtime.Remoting.Channels.Ipc.IpcPort.Connect(String portName, Boolean secure, TokenImpersonationLevel impersonationLevel, Int32 timeout)
at System.Runtime.Remoting.Channels.Ipc.ConnectionCache.GetConnection(String portName, Boolean secure, TokenImpersonationLevel level, Int32 timeout)
at System.Runtime.Remoting.Channels.Ipc.IpcClientTransportSink.ProcessMessage(IMessage msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders& responseHeaders, Stream& responseStream)
at System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage msg)

Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.EnterpriseManagement.Mom.Internal.IConfigService.OnStateSyncRequest(Guid source, UInt64 messageIdentifier, String cookie)

Event 29112:

OpsMgr Management Configuration Service failed to execute bootstrap work item ‘ConfigurationStoreInitializeWorkItem’ due to the following exception

System.Data.SqlClient.SqlException (0×80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 – Could not open a connection to SQL Server)
at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning()
at System.Data.SqlClient.TdsParser.Connect(ServerInfo serverInfo, SqlInternalConnectionTds connHandler, Boolean ignoreSniOpenTimeout, Int64 timerExpire, Boolean encrypt, Boolean trustServerCert, Boolean integratedSecurity)
at System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, SqlConnection owningObject)
at System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, Boolean redirectedUserInstance, SqlConnection owningObject, SqlConnectionString connectionOptions, TimeoutTimer timeout)
at System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, TimeoutTimer timeout, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance)
at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance)
at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options)
at System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)
at System.Data.SqlClient.SqlConnection.Open()
at Microsoft.EnterpriseManagement.ManagementConfiguration.DataAccessLayer.ConnectionManagementOperation.Execute()
at Microsoft.EnterpriseManagement.ManagementConfiguration.DataAccessLayer.DataAccessOperation.ExecuteSynchronously(Int32 timeoutSeconds, WaitHandle stopWaitHandle)
at Microsoft.EnterpriseManagement.ManagementConfiguration.SqlConfigurationStore.ConfigurationStore.ExecuteOperationSynchronously(IDataAccessConnectedOperation operation, String operationName)
at Microsoft.EnterpriseManagement.ManagementConfiguration.SqlConfigurationStore.ConfigurationStore.Initialize()
at Microsoft.EnterpriseManagement.ManagementConfiguration.Engine.ConfigurationStoreInitializeWorkItem.ExecuteWorkItem()

This particular management server did not get rebuilt to Windows 2012, all other management servers I have in the MG has been completely rebuilt so they did not have this issue.

In the step 7 of the guide from TechNet, it mentioned updating the <Category Name=”Cmdb”> tag in the %ProgramFiles%\System Center 2012\Operations Manager\Server\ConfigService.config file.

However, the old DB server name also exists in the <Category Name=”ConfigStore”> tag in the same file. this was not mentioned in the guide:

After I updated <Category Name=”ConfigStore”> section and restarted all the SCOM services on the management server, the error went away.

The post EventID 28001 and 29112 on SCOM 2012 Management Server after Operational Database Move appeared first on Tao Yang's System Management Blog.

I got stuck few days ago when I was building my first secondary site. I was trying to use a pre-installed SQL 2012 Express With SP1 instance for the secondary site database. I followed the instruction that I have previously blogged for SQL Express 2008 R2: http://blog.tyang.org/2012/04/09/installing-sccm-2012-rtm-secondary-site-using-a-pre-installed-sql-express-2008-r2-instance/

After I installed and configured the SQL express instance for the secondary site, I started the secondary site install (from the parent primary site). However, I was keep getting this error during the prerequisites check:

SQL server sysadmin rights:

Either the user account running Configuration Manager Setup does not have sysadmin SQL Server role permission on the SQL Server instance selected for site database installation, or the SQL Server instance could not be contacted to verify permissions. Setup cannot continue.

Prerequisite check result:

ConfigMgrPrereq.log:

The error suggested that my account does not have sysadmin rights. In fact, both my user account and the site server computer account have sysadmin and dbcreator rights in that SQL 2012 instance.

I then tried few different SQL configurations, including using default instance rather than named instance (CONFIGMGRSEC), and using SQL 2012 Enterprise rather than Express edition, they made no difference. I then installed SQL 2008 R2 Express With SP2 (with exact same configuration in terms of security, collation, using named instance, enabling SQL Server Browser service, etc). and the pre-requisite checks passed and secondary site got successfully installed.

After I compared settings in SQL 2008 R2 and the SQL 2012 Express instance I had installed on another secondary site server, I found the issue:

During SQL 2012 install, the sysadmin rights was not granted to the local system account (NT AUTHORITY\SYSTEM). In SQL 2008 R2, “NT AUTHORITY\SYSTEM” account by default has sysadmin rights. During the prerequisites check, SCCM installs a series of services on the target secondary site server to perform the checks. these services are installed to run under LOCALSYSTEM account. The SQL sysadmin rights check failed because the LOCALSYSTEM account does not have sysadmin rights as it was running under LOCALSYSTEM account. To a degree, the error message is somewhat misleading in my opinion.

i.e. system event log entry for one of the services installed by prerequisites check:

So to fix the issue, I simply gave “NT AUTHORITY\SYSTEM” account the same access in SQL 2012 as in SQL 2008 R2:

sysadmin and securityadmin role:

To summarise, when installing SCCM 2012 SP1 secondary site on a pre-configured SQL 2012 instance regardless which SQL edition is being used, “NT AUTHORITY\SYSTEM” account needs to be given securityadmin and sysadmin rights. If SQL Express is used, there are few additional steps need to be carried out to configure the SQL TCP connection as documented in my previous blog: http://blog.tyang.org/2012/04/09/installing-sccm-2012-rtm-secondary-site-using-a-pre-installed-sql-express-2008-r2-instance/

The post Installing SCCM 2012 SP1 Secondary Site with a Pre-Configured SQL 2012 Instance appeared first on Tao Yang's System Management Blog.

My OpsMgr 2012 test environment consists 3 management servers, 1 database server (SQL 2008 R2, hosts both Operational and DW database, it is also the OpsMgr reporting server running SQL SSRS), and 1 web console server. All of these servers were running Windows Serer 2008 R2 SP1.

Below are the high level steps I have taken to upgrade this environment to OpsMgr 2012 SP1 and also migrate to Windows Server 2012 and SQL Server 2012 SP1:

1. Update the existing OpsMgr 2012 RTM environment to SP1
2. Build a new SQL 2012 SP1 database server running on Windows Server 2012 and Migrate both databases and reporting server role to this server.
3. Move agents off each management server and rebuild them one by one running Windows Server 2012 and then install OpsMgr 2012 SP1 management server to join the existing management group.
4. Rebuild Web console server to Windows Server 2012 and then install OpsMgr 2012 web console using OpsMgr 2012 SP1 install media.

Alone the process, I have documented some detailed steps and I want to share with the community as I assume I’m not the only one who also wants to upgrade the underlying OS for SCOM servers to Windows Server 2012. Here’s what I have documented:

Disclaimer: below are the step I’ve taken specific to my test environment. They are essentially combination of multiple guides from TechNet. Please only use it only as a reference, I hold no responsibilities for any damages it may occur to anyone else’s OpsMgr environment.

1. Created Windows Server 2012 instance (named OpsMgrSQL01)
2. Install SQL 2012 Enterprise With SP1 (Database Engine, Full-Text and Semantic Extractions for Search, SSRS, client tools etc)
3. Upgrade existing OpsMgr 2012 RTM to SP1 (http://technet.microsoft.com/en-us/library/jj899854.aspx)
   1. Backup OperationsManager and OperationsManagerDW databases.
   2. run SP1 setup on all management servers
4. Migrate SCOM Operational Database to new SQL 2012 server
   1. Poweroff all management servers
   2. Backup OperationsManager database on the original SQL 2008 R2 server
   3. Copy OperationsManager.bak to new SQL 2012 server
   4. Restore OperationsManager database from OperationsManager.bak on SQL 2012 server
   5. On the original SQL 2008 server, take OperationsManager database offline
   6. Startup all management servers
   7. Stop System Center Data Access Service, System Center Management service and System Center Management Configuration service on all management servers
   8. Follow instruction from http://technet.microsoft.com/en-us/library/hh278848.aspx to migrate the operational database
5. make sure all management servers are functional
6. Migrate SCOM Data Warehouse database and reporting server role to new SQL server
   1. Backup OperationsManagerDW database on the original SQL 2008 R2 server
   2. Copy OperationsManagerDW.bak to new SQL 2012 server
   3. Restore OperationsManagerDW database on the new SQL 2012 server
   4. Follow instruction to finish moving DW database: http://technet.microsoft.com/en-us/library/hh268492.aspx
   5. Configure SSRS on new SQL 2012 server
   6. Remove OpsMgr reporting server role from the old SQL 2008 server
   7. Install OpsMgr Reporting Server on new SQL 2012 server
   8. Follow instruction: http://technet.microsoft.com/en-us/library/hh457588.aspx to move the Reporting server
   9. On new SQL 2012 server, go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Reporting, change DWDBInstance to the new SQL 2012 server.
   10. On new SQL 2012 server, go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\System Center Operations Manager\12\Reporting, change DWDBInstance to the new SQL 2012 server.
   11. On the new SQL 2012 server hosting the operational database, update the OperationsManager database table.
       1. Open SQL Server Management Studio.
       2. Expand Databases , OperationsManager , and Tables.
       3. Right-click dbo. MT_Microsoft$SystemCenter$DataWarehouse , and then click Edit Top 200 Rows .
       4. Change the value in the MainDatabaseServerName_2C77AA48_DB0A_5D69_F8FF_20E48F3AED0F column to reflect the name of the new SQL Server
       5. Close SQL Server Management Studio.
   12. In new SQL 2012 server, go to SSRS web page http://localhost/reports, edit “Data Warehouse Main” data source to point to the new SQL 2012 server.
7. Turn off old SQL 2008 server
8. Reboot new SQL 2012 server
9. Reboot all management servers
10. Move all agents from management server A to another management server
11. If management server A is the RMS emulator, move the RMSE role to another management server by using Powershell Cmdlet: Get-SCOMManagementServer -Name “NewRMSE” | Set-SCOMRMSEmulator
12. If the Reporting server is pointing to this management server, configure the reporting server to use another MS by editing the registry key on the reporting server
    1. Go to HKLM\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Reporting, edit DefaultSDKServiceMachine to another management server.
    2. Go to HKLM\SOFTWARE\Microsoft\System Center Operations Manager\12\Reporting, edit DefaultSDKServiceMachine to another management server.
    3. Edit “<SQL Install Dir>\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\rsreportserver.config” file, locate 2 instances of <ServerName> tag and update the management server name
    4. Restart SSRS service on the new SQL 2012 server running SSRS
    5. Shut down management server A and make sure reporting still works
    6. Power up management server A
13. Uninstall OpsMgr management server on management server A from control panel.
14. Delete management server A from OpsMgr console (Administration–>Management Servers)
15. Rebuild management server A with Windows Server 2012.
16. Install Microsoft Report Viewer 2010
17. Install OpsMgr 2012 Service Pack 1 on the newly built Windows Server 2012 and join it to the existing management group.
18. Repeat step 10-17 for each management server that to be migrated to Windows Server 2012.
19. Uninstall Web Console from Web Console server
20. Rebuild Web Console server to Windows Server 2012
21. Install Microsoft Report Viewer 2010 on the Web Console server
22. Configure IIS and .NET prerequisites for OpsMgr 2012 web console
23. Install OpsMgr 2012 Web Console on the newly built web console server
24. Connect to the Web console server from a client computer and make sure the web console is functional.

Now, I have migrated everything but 1 management server to Windows Server 2012 and SQL server 2012. I have decided to keep one management server running Windows Server 2008 R2 just in case I need to test any different scenarios in the future.

I didn’t have chance to build a Gateway server in the RTM environment so I didn’t have a Gateway server to migrate.

The post Migrating OpsMgr 2012 RTM to OpsMgr 2012 SP1 appeared first on Tao Yang's System Management Blog.

Apparently the script contained 2 bugs:

1. The script could not evaluate existing maintenance mode’s end time.
2. The script did not use“Recursive” option when calling ScheduleMaintenanceMode method. Which means, in this case, only the group itself were put into maint. mode, none of its  members were entered maint. mode.

I’ve updated the script in the original post and these 2 bugs are fixed.

The post Bug Fixes for the Group Maintenance Mode Script appeared first on Tao Yang's System Management Blog.