1 Ekim 2014 Çarşamba

Linux computer SSL error

Error Message
The server certificate on the destination computer (server.domain.com:1270) has the following errors: 
The SSL certificate could not be checked for revocation. The server used to check for revocation might be unreachable.    
The SSL certificate is signed by an unknown certificate authority.

Login to the linux server and run this command as root:
/opt/microsoft/scx/bin/tools/scxsslconfig -v -f
This will regenerate the certificate, at which point you can use the discovery wizard to re-sign it. Also take note of the Hostname/domain returned by this command.  If it is incorrect (such as FQDN in the hostname field, and domain name blank), you can attempt to fix that on the OS (hostname command /etc/hosts), or you can hardcode it with:
 /opt/microsoft/scx/bin/tools/scxsslconfig -v -f -h hostname -d domain.name

Resolutions

To verify that the SCX Agent on the remote system is running properly, try enumerating the SCX_Agent provider using the following command from the Operations Manager monitoring server:
winrm e http://schemas.microsoft.com/wbem/wscim/1/cim-schema/2/SCX_Agent?__cimnamespace=root/scx -r:https://.:1270 -u: -p: -auth:basic -encoding:utf-8
substituting . for the fully-qualified domain name of the host and / for some valid username and password combination on the remote system.
To verify the certificate on the remote system, log into the remote system and issue the following command:
openssl x509 -noout -in /etc/opt/microsoft/scx/ssl/scx.pem -subject -issuer -dates
To check if the certificate has expired, ensure that the current date falls between the notBefore and notAfter dates, and ensure that the date and time on the target server matches that of the Operations Manager Server.
If the certificate common name does not match the hostname, you may change the name of your host system if necessary (check your operating system documentation for information on how to do that). Or, if the certificate is incorrect but your system's host hame is correct, regenerate the certificate by issuing the following commands from the 'root' account:
cd /etc/opt/Microsoft/scx/bin/tools
. setup.sh
scxsslconfig -f
scxadmin -restart cimom
After the above commands are issued, you'll need to re-sign the certificate via the Operations Manager Discovery Wizard.
Finally, be certain that the target computer's Fully Qualified Domain Name can be resolved from the Operations Manager Server.

28 Nisan 2014 Pazartesi

What's New in System Center 2012 R2 Operations Manager

Fabric Monitoring

A close integration between System Center 2012 R2 Virtual Machine Manager and System Center 2012 R2 Operations Manager introduces System Center cloud monitoring of virtual layers for private cloud environments. To get this new functionality, use the System Center 2012 Management Pack for System Center 2012 R2 Virtual Machine Manager Dashboard, which is imported automatically when you integrate Operations Manager and Virtual Machine Manager. For information about how to integrate Operations Manager and Virtual Machine Manager, see Configuring Operations Manager Integration with VMM.

Fabric Health Dashboard – Monitoring the Health of Private Clouds

The Fabric Health Dashboard shows a detailed overview of the health of your private clouds and the fabric that services those clouds. The dashboard helps you answer questions like “What is the health of my clouds and the fabric serving those clouds?”
To view the Fabric Health Dashboard, click Monitoring, and in Cloud Health Dashboard, click Cloud Health. Select the cloud you want to investigate, and then, in the Tasks pane, click Fabric Health Dashboard.
For each cloud, the Fabric Health Dashboard displays these aspects of the fabric:
  • Host State: monitors the health state of the hosting groups or the computing aspects of the cloud, such as CPU, memory, disks, and network adapters
  • Storage Pools State File Share and LUN State: monitors the health state of the storage aspect of fabric for issues, such as disk space capacity and allocation
  • Network Node State: utilizes network monitoring in Operations Manager and displays the health state of network nodes (devices) that are relevant for the cloud you selected. Only physical network devices within one hop from the hosts are shown. To see the physical network devices, you must enable the Network Monitoring feature of Operations Manager and monitor the physical network devices connected to the hosts. Virtual networks are not shown in the dashboard.
The Active Alerts and Number of VMs fields on this dashboard help indicate which issues are having the greatest impact on your cloud and can help you prioritize your work.

Fabric Monitoring Diagram View – Displays Health States of Cloud and On-Premise Environments

The Diagram view gives you a diagram of the entire infrastructure and shows the health state of each part of the fabric. The Diagram view helps you answer questions, such as “What is the health of my entire fabric?” Improvements to the diagram ensure that health rolls up and that the relevant fabric components are part of the Diagram View.
To Open Diagram View, click Monitoring, and in Microsoft System Center Virtual Machine Manager Views, click Diagram View for the environment you want to see displayed as a diagram.

Microsoft Monitoring Agent

Microsoft Monitoring Agent is a new agent that replaces the Operations Manager Agent and combines .NET Application Performance Monitoring (APM) in System Center with the full functionality of Visual Studio IntelliTrace Collector for gathering full application profiling traces. Microsoft Monitoring Agent can collect traces on demand or can be left running, which monitors applications and collects traces continuously.
Microsoft Monitoring Agent can be used together with Operations Manager or can be used as a standalone tool for monitoring web applications written with Microsoft .NET Framework. In both cases, the operator can direct the agent to save application traces in an IntelliTrace log format that can be opened in Visual Studio Ultimate. The log contains detailed information about application failures and performance issues.
You can use Windows PowerShell commands to start and stop monitoring and collect IntelliTrace logs from web applications that are running on Internet Information Services (IIS). To open IntelliTrace logs generated from APM exceptions and APM performance events, you can use Visual Studio. For more information, see Monitoring with Microsoft Monitoring Agent.

Integrating Operations Manager with Development Processes (DevOps)

Here are two important changes to the DevOps functionality in System Center 2012 R2 Operations Manager:

New Alert Fields of TFS Work Item ID and TFS Work Item Owner

In System Center 2012 R2 Operations Manager, you can synchronize Operations Manager alerts and Team Foundation Server (TFS) work items. When synchronization is enabled, IT operations can then assign alerts to the engineering team. Assigning an alert to engineering creates a new work item in TFS. The workflow will track and synchronize any changes that are made to TFS work items and any associated Operations Manager alerts.
Integration between System Center 2012 Service Pack 1 (SP1) and TFS used the Ticket ID and Owner fields of the Operations Manager alert to store and display which work item is associated with an alert and who it is assigned to. Beginning in System Center 2012 R2 Operations Manager, two new alert fields, TFS Work Item ID and TFS Work Item Owner, hold these values. These fields are read-only in the Operations Manager console to prevent accidental changes of the values that are controlled in TFS.
If you previously personalized any standard alert views or created your own alert views in System Center 2012 SP1 using Ticket ID and Owner fields to display TFS information, you must replace those fields with the TFS Work Item ID and TFS Work Item Owner fields to continue displaying the same information. The previous Ticket ID and Owner fields are still used for synchronization of alerts with incidents in Service Manager Alert Connector.
noteNote
You can now use Operations Manager integration with TFS in the same environment with the Service Manager Alert Connector.

Conversion of Application Performance Monitoring (APM) Performance Events to IntelliTrace format

This monitoring capability now allows the opening of APM performance events from Visual Studio IDE as if the performance event was captured during the IntelliTrace historical debugging session. Tightly integrated with TFS Work Item Synchronization Management Pack, this capability instantaneously brings generated IntelliTrace logs to TFS work items assigned to engineering. This can result in streamlining communications between IT Operations and Development and enriching the development experience with analysis of root causes of the application failure, reducing the mean time to recovery (MTTR) for the problems detected by APM.

Support for IPv6

In System Center 2012 R2 Operations Manager the Operations console can take IPv6 addresses as input for Network Discovery and display IPv6 addresses in the network-related views.

Java Application Performance Monitoring

The System Center 2012 Management Pack for Java Application Performance Monitoring lets you monitor Java application performance and exception events by using Operations Manager Application Advisor. You can set method and resource timing for performance events, stack traces for exception events, and set Java specific counters (such as Average Request Time and Requests Per Second) for events. Additionally, you get Operations Manager level alerting on Java application server counters. You can download the management pack from the Microsoft Download Center.

System Center Advisor

System Center Advisor is an online service that analyzes installations of Microsoft server software. With the latest preview version of Advisor, you can now view Advisor alerts in the Operations Manager Operations console.
Advisor collects data from your installations, analyzes it, and generates alerts that identify potential issues (such as missing security patches) or deviations from identified best practices with regard to configuration and usage. Advisor also provides both current and historical views of the configuration of servers in your environment. Ultimately, Advisor recommendations help you proactively avoid configuration problems, reduce downtime, improve performance, and resolve issues faster. For more information about Advisor, see Viewing System Center Advisor Alerts and Advisor online help

UNIX and Linux Monitoring

UNIX and Linux agents for Operations Manager are now based on the Open Management Infrastructure (OMI) open-source CIM Object Manager.
Debian GNU/Linux 7 is now supported by the Universal Linux agents and Management Packs.

1 Nisan 2014 Salı

SCOM 2012 Discovery Problemi

SCOM'da discovery problemi yaşayanlar için kontrol adımları:

1- Aşağıdaki SQL scriptini çalıştırıyoruz.
USE OperationsManager
GO
SELECT is_broker_enabled FROM sys.databases WHERE name = 'OperationsManager'

2- Sonuç 0 ise sırayla aşağıdaki SQL scriptler çalıştırılır;

ALTER DATABASE OperationsManager SET SINGLE_USER WITH ROLLBACK IMMEDIATE

ALTER DATABASE OperationsManager SET ENABLE_BROKER

*** Bu script çalıştırılmadan SCOM servisini durdurmakta yarar var.
ALTER DATABASE OperationsManager SET MULTI_USER

3- Sonucu kontrol edelim:
SELECT is_broker_enabled FROM sys.databases WHERE name = 'OperationsManager'

Sonuç 1 ise Discovery işlemini başlatabiliriz.


15 Şubat 2014 Cumartesi

OpsMgr 2012: Enable agent proxy on all agents

Turn on agent proxy for all agents where it is disabled:
get-SCOMagent | where {$_.ProxyingEnabled -match "False"} | Enable-SCOMAgentProxy

Turn on agent proxy as a default setting for all new agents to be deployed, never to have to mess with this again:
add-pssnapin "Microsoft.EnterpriseManagement.OperationsManager.Client"; new-managementGroupConnection -ConnectionString:scomserver.domain.com; set-location "OperationsManagerMonitoring::"; Set-DefaultSetting -Name HealthService\ProxyingEnabled -Value True

Subscription Copier

Download: SubscriptionCopier.zip
Guide: SubscriptionCopierGuide.pdf
Subscriptions copier is a simple tool for copying subscriptions and helping with alert escalation. I created this tool after multiple customers have asked me why they couldn’t copy an existing subscription.
image
I have found that customers are not using subscriptions to their full potential; most customers only setup one subscription. While this works for some, I think that all alerts should be actionable. If an alert has not had some type of action taken in a given time, the alert e-mail should be re-sent or escalated to someone who can take action on it. A ticketing system such as SCSM would also fulfill this function, but few customers have their SCOM system linked to a ticketing system.

You want to make a copy of the Windows Server Team subscription and send alerts to the Windows Server Team’s manager, if they not closed within one hour. To do this today is a very manual process. You would have to open up the subscription and take a screenshot of the configuration. Then create a new subscription with the same configuration and add the Windows Team Manager to the recipients. While this works, there is a possibility that you don’t select that exact same criteria and accidently send the windows team manager an informational alert in the middle of the night that the windows team never even saw.
So let’s show how this is done with the subscription copier tool:
As you can see we have 3 subscriptions
image
Step 1: Launch the Subscription Copier Tool
image

Step 2: Type in the name of your root management server
image


Step 3: The tool will then open
image

Step 4: Select the Subscription you would like to copy from the drop down.
image

Step 5: Select how may copies you would like to make. (In this scenario we will only create one.)
image

Step 6: Select how many minutes in between re-alerts. In this scenario we will leave it at the default of 0 (This will be used in scenario 2)
image

Step 7: Check this box if you want the copied subscription enabled. (In this scenario we are leaving it unchecked because we need to make some changes before it is enabled.)
image

Step 8: Click Create
image

Step 9: You should see a message telling you that the subscription was create successfully.
image

Step 10: Open the SCOM console and refresh the subscriptions screen. You should see the copied alert under the subscriptions screen.
image

Now back to our scenario we want to alert the windows team manager if an alert has stayed open for longer than one hour.
We go to the properties of the copied alert.
image
Change the name to “Windows Server Team (Escalated to manager after one hour)” and click next
image
As you can see all of our criteria has been copied from the original subscription.
image
Click Next

Remove the Windows Team E-Mail and add Windows Server Team Manager to the subscribers
image
On the channels screen set the alert aging to 60 minutes. This will only send alerts that have been open for longer than 60 minutes to the Windows Server Team Manager
image
On the Summary Page click “Enable this notification subscription.
image
Then click Finish
image

You want a subscription to re-alert on open alerts every 10 minutes for one hour. To do this today you would have to open up the subscription and take a screenshot of the configuration. Then create six new subscriptions with the same configuration and set the delay by adding an extra ten minutes to every subscription. This could take up to 10 minutes manually. If you were to do this for every subscription in your environment it could take many hours.
So let’s see how this is done with the subscription copier tool
Step 1: Launch the Subscription Copier Tool
Step 2: Type in the name of your Root Management server
Step 4: Select the Subscription you would like to copy from the drop down.

Step 5: Select how may copies you would like to make. In this scenario we will create six.
image
Step 6: Select how many minutes between each re-alert. In this scenario we will set it to 10 minutes.
image


Step 7: Check the enabled box to enable the 6 subscriptions we are going to create.
image

Step 8: Click Create
Step 9: It will take a short time as the copies are created. After it completes you should see a message telling you that 6 subscription copies were created at a 10 minute interval.
image

Step 10: Open the SCOM Console and refresh the subscriptions screen.
image


You should now see the copied subscriptions created by the tool.

  • When creating multiple copies with a re-alert interval. Set your subscription criteria to only include only
Reason: When your subscription criteria includes closed alerts, the closed alerts get delayed and you will get some a bunch of extra closed alerts that you won’t want.

  • If you have subscriptions with duplicate names you will get an error of “An entry with the same key already exists”.
Workaround: Delete subscription(s) with duplicate name
  • Copied subscriptions with a delay set. The delay doesn’t interval doesn’t get copied.
Workaround: Manually set the delay on copied subscriptions

Subscription Copier

Download: SubscriptionCopier.zip
Guide: SubscriptionCopierGuide.pdf
Subscriptions copier is a simple tool for copying subscriptions and helping with alert escalation. I created this tool after multiple customers have asked me why they couldn’t copy an existing subscription.
image
I have found that customers are not using subscriptions to their full potential; most customers only setup one subscription. While this works for some, I think that all alerts should be actionable. If an alert has not had some type of action taken in a given time, the alert e-mail should be re-sent or escalated to someone who can take action on it. A ticketing system such as SCSM would also fulfill this function, but few customers have their SCOM system linked to a ticketing system.

You want to make a copy of the Windows Server Team subscription and send alerts to the Windows Server Team’s manager, if they not closed within one hour. To do this today is a very manual process. You would have to open up the subscription and take a screenshot of the configuration. Then create a new subscription with the same configuration and add the Windows Team Manager to the recipients. While this works, there is a possibility that you don’t select that exact same criteria and accidently send the windows team manager an informational alert in the middle of the night that the windows team never even saw.
So let’s show how this is done with the subscription copier tool:
As you can see we have 3 subscriptions
image
Step 1: Launch the Subscription Copier Tool
image

Step 2: Type in the name of your root management server
image


Step 3: The tool will then open
image

Step 4: Select the Subscription you would like to copy from the drop down.
image

Step 5: Select how may copies you would like to make. (In this scenario we will only create one.)
image

Step 6: Select how many minutes in between re-alerts. In this scenario we will leave it at the default of 0 (This will be used in scenario 2)
image

Step 7: Check this box if you want the copied subscription enabled. (In this scenario we are leaving it unchecked because we need to make some changes before it is enabled.)
image

Step 8: Click Create
image

Step 9: You should see a message telling you that the subscription was create successfully.
image

Step 10: Open the SCOM console and refresh the subscriptions screen. You should see the copied alert under the subscriptions screen.
image

Now back to our scenario we want to alert the windows team manager if an alert has stayed open for longer than one hour.
We go to the properties of the copied alert.
image
Change the name to “Windows Server Team (Escalated to manager after one hour)” and click next
image
As you can see all of our criteria has been copied from the original subscription.
image
Click Next

Remove the Windows Team E-Mail and add Windows Server Team Manager to the subscribers
image
On the channels screen set the alert aging to 60 minutes. This will only send alerts that have been open for longer than 60 minutes to the Windows Server Team Manager
image
On the Summary Page click “Enable this notification subscription.
image
Then click Finish
image

You want a subscription to re-alert on open alerts every 10 minutes for one hour. To do this today you would have to open up the subscription and take a screenshot of the configuration. Then create six new subscriptions with the same configuration and set the delay by adding an extra ten minutes to every subscription. This could take up to 10 minutes manually. If you were to do this for every subscription in your environment it could take many hours.
So let’s see how this is done with the subscription copier tool
Step 1: Launch the Subscription Copier Tool
Step 2: Type in the name of your Root Management server
Step 4: Select the Subscription you would like to copy from the drop down.

Step 5: Select how may copies you would like to make. In this scenario we will create six.
image
Step 6: Select how many minutes between each re-alert. In this scenario we will set it to 10 minutes.
image


Step 7: Check the enabled box to enable the 6 subscriptions we are going to create.
image

Step 8: Click Create
Step 9: It will take a short time as the copies are created. After it completes you should see a message telling you that 6 subscription copies were created at a 10 minute interval.
image

Step 10: Open the SCOM Console and refresh the subscriptions screen.
image


You should now see the copied subscriptions created by the tool.

  • When creating multiple copies with a re-alert interval. Set your subscription criteria to only include only
Reason: When your subscription criteria includes closed alerts, the closed alerts get delayed and you will get some a bunch of extra closed alerts that you won’t want.

  • If you have subscriptions with duplicate names you will get an error of “An entry with the same key already exists”.
Workaround: Delete subscription(s) with duplicate name
  • Copied subscriptions with a delay set. The delay doesn’t interval doesn’t get copied.
Workaround: Manually set the delay on copied subscriptions

Subscription Tool

Download: SubscriptionTool.zip
Source Code: SubscriptionTool Source Code.zip

Subscription Tool is a simple GUI based tool that lets you enable and disable all notification subscriptions.   This tool is useful if you need to do some major maintenance such as patches, upgrading hardware, redoing AD integration roles, or fixing a major problem. 
The real power of the tool is when you want to re-enable the subscriptions.    The tool will automatically re-enable all subscriptions using “Send notifications for alerts Generated after the subscription is enabled”.  This will save you from sending out huge alert storms your notification subscriptions.


updatetool
 
If you are not familiar with this, disable and then re-enable a subscription inside the ops mgr console.  You will notice when you re-enable the subscription you get the dialog box below.
enable
 
You could enable and disable all subscriptions with powershell using
“Get-NotificationSubscription | Disable-NotificationSubscription”
But powershell uses the default  “Send notifications for alerts Generated since the subscription is disabled  (potentially causing an Alert Storm).   There are no options inside powershell to do this unless you leverage the .net objects directly.