14 Kasım 2015 Cumartesi

SCOM 2012 R2 Test Event MP

MP and scripts to test that SCOM internal monitoring is working.
Zip file contains:
—Management Pack
—VBS Event Script
—Scheduled Task
DOWNLOAD Link: SCOM.Test.MP

Ref: ScomGod

PowerShell Script to Update Alert Resolution

I use this to regenerate reminder alerts for certain alerts. This script will trigger for alerts with “Disk” in the name.
$MS = “yourRMS.yourCO.com”
$connect = New-SCOMManagementGroupConnection –ComputerName $MS
Get-SCOMAlert -criteria ‘ResolutionState = “0” AND Severity = “2”‘ |
Where-Object {$_.Name -like “*disk*” -and $_.IsMonitorAlert -eq $true} |
Set-SCOMAlert -ResolutionState 0 |
out-null

VBS Script to get AD Group Members

‘Script begins here
Dim objGroup, objUser, objFSO, objFile, strDomain, strGroup, Domain, Group
‘Change DomainName to the name of the domain the group is in
strDomain = Inputbox (“Enter the Domain name”, “Data needed”, “Default domain name”)
‘Change GroupName to the name of the group whose members you want to export
strGroup = InputBox (“Enter the Group name”, “Data needed”, “Default group name”)
Set objFSO = CreateObject(“Scripting.FileSystemObject”)
‘On the next line change the name and path of the file that export data will be written to.
Set objFile = objFSO.CreateTextFile(“C:\” & strGroup & ” – Members.txt”)
Set objGroup = GetObject(“WinNT://” & strDomain & “/” & strGroup & “,group”)
For Each objUser In objGroup.Members
objFile.WriteLine objUser.Name & ” – ” & objUser.Class
Next
objFile.Close
Set objFile = Nothing
Set objFSO = Nothing
Set objUser = Nothing
Set objGroup = Nothing
Wscript.Echo “Done”
Wscript.Echo “Please check the c: for your output file”

SCOM 2012 R2 Close All Alerts Script

This script will close all alerts in the console.
$RMSrv = “RMSSERVERNAME”
Add-PSSnapin “Microsoft.EnterpriseManagement.OperationsManager.Client”
Set-Location “OperationsManagerMonitoring::”
New-ManagementGroupConnection -ConnectionString:$RMSrv
Set-Location $RMSrv
$alerts = get-alert |where-object {$_.ResolutionState -eq 0}
foreach($alert in $alerts)
{
resolve-alert -comment “Resolving Alert” -Alert $alert
}

SCOM 2012 Put URL into Maintenance Mode

$Time = ((Get-Date).AddMinutes(30))
$Instance = Get-SCOMClassInstance -DisplayName “http://www.microsoft.com”
Start-SCOMMaintenanceMode -Instance $Instance -EndTime $Time -Reason “PlannedApplicationMaintenance” -Comment “Swift App Maintenance”

SCOM 2012 Batch File to Clear Health Service Cache

net stop HealthService
cd\
cd C:\Program Files\System Center 2012\Operations Manager\Server\Health Service State\Health Service Store
del *.* /F /Q
net start HealthService

Monitor an agent - but run response on a Management Server

This is a concept that I have seen several examples of, but realize not everyone knows of this capability.
You can create a rule, that targets a class hosted by an agent (such as Windows Server Operating System), but have a script response run on the Management Server to take action.
Here is a simple example:
      <Rule ID="Custom.Example.ResponseOnMS.Rule1" Enabled="true" Target="Windows!Microsoft.Windows.Server.OperatingSystem" ConfirmDelivery="false" Remotable="true" Priority="Normal" DiscardLevel="100">
        <Category>Maintenance</Category>
        <DataSources>
          <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">
            <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
            <LogName>Application</LogName>
            <Expression>
              <And>
                <Expression>
                  <SimpleExpression>
                    <ValueExpression>
                      <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
                    </ValueExpression>
                    <Operator>Equal</Operator>
                    <ValueExpression>
                      <Value Type="UnsignedInteger">100</Value>
                    </ValueExpression>
                  </SimpleExpression>
                </Expression>
                <Expression>
                  <SimpleExpression>
                    <ValueExpression>
                     <XPathQuery Type="String">PublisherName</XPathQuery>
                    </ValueExpression>
                    <Operator>Equal</Operator>
                    <ValueExpression>
                      <Value Type="String">MM</Value>
                    </ValueExpression>
                  </SimpleExpression>
                </Expression>
              </And>
            </Expression>
          </DataSource>
        </DataSources>
        <WriteActions>
          <WriteAction ID="PSWA" TypeID="Windows!Microsoft.Windows.PowerShellWriteAction" Target="SC!Microsoft.SystemCenter.ManagementServer">
            <ScriptName>ScriptOnMS.ps1</ScriptName>
            <ScriptBody>
# Add the SCOM API and Log event
$api = New-Object -comObject "MOM.ScriptAPI"
$api.LogScriptEvent("ScriptOnMS.ps1",2222,0,"This event is created by a script running on the MS")
            </ScriptBody>
            <TimeoutSeconds>30</TimeoutSeconds>
          </WriteAction>
        </WriteActions>
      </Rule>
    </Rules>


This rule uses a simple event datasource looking for event 100, and source of “MM”. 
Then – it responds with a Write Action – but the Write Action has a Target of Management server.  This is the key part:
Target="SC!Microsoft.SystemCenter.ManagementServer">
My example is very simple – and runs PowerShell on the Management server, creating a single simple event in the OpsMgr log.

This design works in SCOM 2012 – where the response will execute on the Management Server that the agent is assigned to.
You can use this example to do things, like query the OpsDB and generate a specific alert in response to an agent side issue – or you can put the agent into Maintenance mode by passing the computername as a parameter to the script write action.
I will attach my MP example below.
Custom.Example.ResponseOnMS.xml.zip
Ref: Kevin Holman

Event Log rule to look for multiple reboots – a script WriteAction example

I had a customer looking for an example of how SCOM can monitor a server for multiple reboots in a period of time.
I previously wrote about the typical scenario of looking for repeated events in a defined time period here: http://blogs.technet.com/b/kevinholman/archive/2014/12/18/creating-a-repeated-event-detection-rule.aspx
However – this wont work across reboots.  The consolidator Condition Detection that keeps a count of multiple events across time is handled in memory, on the agent.  If the agent service or server is restarted – we lose the count because the workflow must reinitialize.
One way to handle this is via a script write action.  Essentially – a reboot is typically detected via a 6009 event in the SYSTEM log.  (Dirty shutdowns can be detected via 6008 event and you should already be monitoring for these)   However – in this example we don’t want an alert on every normal reboot.  We only want to know if a server is rebooted multiple times in a specific time period.
We can accomplish this via two rules.
One rule will use an Event datasource, but instead of alerting – we will execute a script WriteAction as the response to the event.  The script is a simple VBscript that looks in the system log for a specific duration of time, and counts the number of matching events.
Here is the rule:
      <Rule ID="Custom.Example.EventLogCheck.Event6009.Rule" Enabled="true" Target="Windows!Microsoft.Windows.Server.OperatingSystem" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
        <Category>Custom</Category>
        <DataSources>
          <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">
            <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
            <LogName>System</LogName>
            <Expression>
              <SimpleExpression>
                <ValueExpression>
                  <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
                </ValueExpression>
                <Operator>Equal</Operator>
                <ValueExpression>
                  <Value Type="UnsignedInteger">6009</Value>
                </ValueExpression>
              </SimpleExpression>
            </Expression>
          </DataSource>
        </DataSources>
        <WriteActions>
          <WriteAction ID="ScriptWriteAction" TypeID="Custom.Example.EventLogCheck.WA" />
        </WriteActions>
      </Rule>

The script is very simple:  You can reuse this just change the event ID, count, and time you want at the top.  You might also need to customize the events created by LogScriptEvent to suit your needs and provide a good message for the alert.
My log for a detection of 3 events looks like:
Call oAPI.LogScriptEvent("CheckEventLog.vbs",1001,1,": CRITICAL : Event " & EventId & " has been detected " & Count & " or more times in the past " & Minutes & " minutes")
This will log a critical event with ID 1001 in the OpsMgr event log on the agent, with the event description resembling this:
image

Here is the script:

'==========================================================================
'
' NAME: CheckEventLog.vbs
'
' COMMENT: This is a write action script to inspect the event log for previous events
'
' Change the values for EventId, Count, and Minutes for your write action example  (minutes is expressed as a negative number offset)
'
'==========================================================================
Option Explicit
SetLocale("en-us")

Dim EventId, Count, Minutes
EventId = 6009
Count = 3
Minutes = -20

Dim oAPI
Set oAPI = CreateObject("MOM.ScriptAPI")

Dim strComputer
'The script will always be run on the machine that generated the original event
strComputer = "."

Dim strTime 
strTime = Time

    'Check to see if this event has been logged x occurrences in n minutes
    Dim dtmStartDate, iCount, colEvents, objWMIService, objEvent
    Const CONVERT_TO_LOCAL_TIME = True
     Set dtmStartDate = CreateObject("WbemScripting.SWbemDateTime")
     dtmStartDate.SetVarDate dateadd("n", Minutes, now)' CONVERT_TO_LOCAL_TIME
     
     iCount = 0
     Set objWMIService = GetObject("winmgmts:" _
         & "{impersonationLevel=impersonate,(Security)}!\\" _
         & strComputer & "\root\cimv2")
     Set colEvents = objWMIService.ExecQuery _
         ("Select * from Win32_NTLogEvent Where Logfile = 'SYSTEM' and " _
            & "TimeWritten > '" & dtmStartDate & "' and EventCode = " & EventId & "") 
     For Each objEvent In colEvents
        iCount = iCount+1  
     Next
    If iCount => Count Then
        Call oAPI.LogScriptEvent("CheckEventLog.vbs",1001,1,": CRITICAL : Event " & EventId & " has been detected " & Count & " or more times in the past " & Minutes & " minutes") 
        WScript.Quit
    End If
        Call oAPI.LogScriptEvent("CheckEventLog.vbs",1002,0,": INFO : Event " & EventId & " was detected, but has not been detected " & Count & " or more times in the past " & Minutes & " minutes")
    Wscript.Quit

We just need to wrap this up into a write action:



      <WriteActionModuleType ID="Custom.Example.EventLogCheck.WA" Accessibility="Public" Batching="false">
        <Configuration />
        <ModuleImplementation Isolation="Any">
          <Composite>
            <MemberModules>
              <WriteAction ID="ScriptWrite" TypeID="Windows!Microsoft.Windows.ScriptWriteAction">
                <ScriptName>CheckEventLog.vbs</ScriptName>
                <Arguments />
                <ScriptBody><![CDATA[
'==========================================================================
'
' NAME: CheckEventLog.vbs
'
' COMMENT: This is a write action script to inspect the event log for previous events
'
' Change the values for EventId, Count, and Minutes for your write action example  (minutes is expressed as a negative number offset)
'
'==========================================================================
Option Explicit
SetLocale("en-us")

Dim EventId, Count, Minutes
EventId = 6009
Count = 3
Minutes = -20

Dim oAPI
Set oAPI = CreateObject("MOM.ScriptAPI")

Dim strComputer
'The script will always be run on the machine that generated the original event
strComputer = "."

Dim strTime 
strTime = Time

    'Check to see if this event has been logged x occurrences in n minutes
    Dim dtmStartDate, iCount, colEvents, objWMIService, objEvent
    Const CONVERT_TO_LOCAL_TIME = True
     Set dtmStartDate = CreateObject("WbemScripting.SWbemDateTime")
     dtmStartDate.SetVarDate dateadd("n", Minutes, now)' CONVERT_TO_LOCAL_TIME
     
     iCount = 0
     Set objWMIService = GetObject("winmgmts:" _
         & "{impersonationLevel=impersonate,(Security)}!\\" _
         & strComputer & "\root\cimv2")
     Set colEvents = objWMIService.ExecQuery _
         ("Select * from Win32_NTLogEvent Where Logfile = 'SYSTEM' and " _
            & "TimeWritten > '" & dtmStartDate & "' and EventCode = " & EventId & "") 
     For Each objEvent In colEvents
        iCount = iCount+1  
     Next
    If iCount => Count Then
        Call oAPI.LogScriptEvent("CheckEventLog.vbs",1001,1,": CRITICAL : Event " & EventId & " has been detected " & Count & " or more times in the past " & Minutes & " minutes") 
        WScript.Quit
    End If
        Call oAPI.LogScriptEvent("CheckEventLog.vbs",1002,0,": INFO : Event " & EventId & " was detected, but has not been detected " & Count & " or more times in the past " & Minutes & " minutes")
    Wscript.Quit
]]></ScriptBody>
                <TimeoutSeconds>60</TimeoutSeconds>
              </WriteAction>
            </MemberModules>
            <Composition>
              <Node ID="ScriptWrite" />
            </Composition>
          </Composite>
        </ModuleImplementation>
        <InputType>System!System.BaseData</InputType>
      </WriteActionModuleType>

Lastly – we create a simple Alert Generating rule – to look in the Operations Manager event log – to alert on the “1001” event ID with source “Health Service Script” and EventDescription contains “CRITICAL”

      <Rule ID="Custom.Example.EventLogCheck.MultipleReboots.Rule" Enabled="true" Target="Windows!Microsoft.Windows.Server.OperatingSystem" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
        <Category>Alert</Category>
        <DataSources>
          <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">
            <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
            <LogName>Operations Manager</LogName>
            <Expression>
              <And>
                <Expression>
                  <SimpleExpression>
                    <ValueExpression>
                      <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
                    </ValueExpression>
                    <Operator>Equal</Operator>
                    <ValueExpression>
                      <Value Type="UnsignedInteger">1001</Value>
                    </ValueExpression>
                  </SimpleExpression>
                </Expression>
                <Expression>
                  <SimpleExpression>
                    <ValueExpression>
                      <XPathQuery Type="String">PublisherName</XPathQuery>
                    </ValueExpression>
                    <Operator>Equal</Operator>
                    <ValueExpression>
                      <Value Type="String">Health Service Script</Value>
                    </ValueExpression>
                  </SimpleExpression>
                </Expression>
                <Expression>
                  <RegExExpression>
                    <ValueExpression>
                      <XPathQuery Type="String">EventDescription</XPathQuery>
                    </ValueExpression>
                    <Operator>ContainsSubstring</Operator>
                    <Pattern>CRITICAL</Pattern>
                  </RegExExpression>
                </Expression>
              </And>
            </Expression>
          </DataSource>
        </DataSources>
        <WriteActions>
          <WriteAction ID="Alert" TypeID="Health!System.Health.GenerateAlert">
            <Priority>1</Priority>
            <Severity>1</Severity>
            <AlertName />
            <AlertDescription />
            <AlertOwner />
            <AlertMessageId>$MPElement[Name="Custom.Example.EventLogCheck.MultipleReboots.Rule.AlertMessage"]$</AlertMessageId>
            <AlertParameters>
              <AlertParameter1>$Data/EventDescription$</AlertParameter1>
            </AlertParameters>
            <Suppression />
            <Custom1 />
            <Custom2 />
            <Custom3 />
            <Custom4 />
            <Custom5 />
            <Custom6 />
            <Custom7 />
            <Custom8 />
            <Custom9 />
            <Custom10 />
          </WriteAction>
        </WriteActions>
      </Rule>
After 3 reboots in 20 minutes – we get this:”"
image

I will attach my example management pack below:
Custom.Example.EventLogCheck.xml.zip

Ref: Kevin Holman

UR7 for SCOM 2012 R2

KB Article for OpsMgr:  https://support.microsoft.com/kb/3064919
KB Article for all System Center components:  https://support.microsoft.com/en-us/kb/3069110


27 Mayıs 2015 Çarşamba

Scom agent install error, Error Code: 80041010

The Operations Manager Server could not execute WMI
Query "Select * from Win32_OperatingSystem" on computer PPLKHIHO93.ppl.com.pk.
Operation: Agent Install
Install account: PPLNET\scom_admin
Error Code: 80041010
Error Description: IDispatch error #3600


Does this problem occur for specific client or all client? Try re-registering the Cimwin32.dll and recompiling Cimwin32.mof 

1. Stop WMI Service.

2. From the C:\Windows\System32\WBEM folder we ran the following commands

regsvr32 cimwin32.dll 
mofcomp Cimwin32.mof 

3. Start WMI Service.

4. Install Agent, restart agent

It the problem still remains, it maybe caused by WMI component damage. You can try to re-build client to see if it works.

Manuel Install, Event Id : 20070, 21016, 2023

21 Mayıs 2015 Perşembe

Troubleshooting the installation of the Operations Manager client agent

Just a quick note to let you know that we have a new Guided Walkthrough troubleshooter available that helps identify and resolve some of the more common issues related to the installation of the System Center 2012 Operations Manager (OpsMgr 2012 or OpsMgr 2012 R2) client agent.
You can find the troubleshooter here:
3041372 - Troubleshooting the installation of the Operations Manager client agent (http://support.microsoft.com/kb/3041372)

New UNIX and Linux management pack task to remove inactive file systems

The System Center 2012 R2 Operations Manager Update Rollup 5 management packs for UNIX and Linux introduce a new management pack task to remove inactive file systems from monitoring.
If a user decommissions a logical disk (file system) the UNIX and Linux agent reports a critical status and an alert is generated. If the decommission of the disk was purposeful, then removing the disk from monitoring with previous UNIX and Linux management packs consisted of the following options:
-          Restart the UNIX and Linux agent on UNIX/Linux computer
  • scxadmin --restart-all
-          Run an OMI invoke command on the UNIX/Linux computer
  • ./omicli iv root/scx { SCX_FileSystem } RemoveByName { Name FILE_SYSTEM_NAME }
These two options are still viable and are now joined with a new option - a management pack task that removes the logical disk from monitoring after the next logical disk discovery is run. Note: these options do not clear the critical alerts previously generated after the logical disk was decommissioned.
To run the management pack task from the Operations Console:
  • Navigate to the monitoring pane\UNIX and Linux Computers\Logical Disk State
  • Select the decommissioned disk
  • Run the Management Pack task “Remove inactive file system”

  • The agent will immediately stop monitoring the disk, and the logical disk instance will be removed when the next periodic discovery is run. This discovery has a default interval of four hours.

The Exchange Server 2013 Management Pack for System Center Operations Manager has been updated

Just a quick note to let you know that the Exchange Server 2013 Management Pack for System Center Operations Manager has been updated. The newest version of this MP has two bug fixes.
- A bug that was preventing discovery of Exchange 2013 on Edge servers in a DMZ. - A bug that caused MicrosoftExchangeCollectMBXStats.ps1 to throw “System.Management.Automation. MethodInvocationException: Exception calling "Add" with "2" argument(s):” exception when Mailboxes are soft-deleted. You can find all the details as well as a download link here: http://www.microsoft.com/en-in/download/details.aspx?id=39039

KB: Error 11823 when Operations Manager integration is refreshed from the VMM 2012 console

KB7334333232
When you try to integrate System Center 2012 Virtual Machine Manager (VMM 2012 or VMM 2012 R2) with System Center 2012 Operations Manager (OpsMgr 2012 or OpsMgr 2012 R2), the operation fails and the following error is returned: Error (11823)
One or more of the Virtual Machine Manager objects monitored by Operations Manager could not be discovered. This might be caused by a missing or outdated version of the System Center Virtual Machine Manager management pack in Operations Manager. You receive this error if more than one Virtual Machine Manager server is integrated with the same SCOM management group. For all the details as well as a resolution please see the following:
KB3040764 - Error 11823 when Operations Manager integration is refreshed from the VMM console (https://support.microsoft.com/en-us/kb/3040764)

How to troubleshoot agent connectivity issues in System Center 2012 Operations Manager

We have a new article published that guides you through how to troubleshoot agent connectivity issues in Microsoft System Center 2012 Operations Manager. If you’re having OpsMgr 2012 agent connectivity issues then this document is a great place to start.
KB3035262 - How to troubleshoot agent connectivity issues in System Center 2012 Operations Manager (https://support.microsoft.com/en-us/kb/3035262/)

KB: Error 800706D3 occurs and a push installation fails for an Operations Manager 2012 agent to Windows Server 2012

KB7334333232
When you try to push a Windows System Center 2012 Operations Manager agent from a Windows Server 2012-based management server to a Windows Server 2012-based agent server, the installation fails and you receive the following error message: The Operations Manager Server failed to open service control manager on computer server2012agent.contoso.local.
Therefore, the Server cannot complete configuration of agent on the computer.
Operation: Agent Install
Install account: contoso\scom_admin
Error Code: 800706D3 Error Description: The authentication service is unknown.
When you try to connect to the services console of the agent, the connection fails and you receive the following error message:
Windows was unable to open service control manager database on server2012agent.
Error 1747: The authentication service is unknown
For complete details as well as a resolution, please see the following:
KB3054347 - Error 800706D3 occurs and a push installation fails for an Operations Manager 2012 agent to Windows Server 2012 (https://support.microsoft.com/en-us/kb/3054347/)

KB: Event IDs 31551 and 31565 when the Operations Manager management server tries to contact the data warehouse database

KB7334333232
Consider the following scenario: - You had an instance of Microsoft SQL Server that no longer exists.
  • - The Operations Manager Data Warehouse database is moved to new instance of SQL Server.
  • - The Microsoft System Center 2012 Operations Manager management server tries to communicate with the instance of SQL Server that used to host the data warehouse database.
In this scenario, you receive event IDs 31551 and 31565 as follows:
Log Name: Operations Manager
Source: Health Service Modules
Date:
Event ID: 31551
Task Category: Data Warehouse
Level: Error
Keywords: Classic
User: N/A
Computer: ServerMGMT1.Contoso.MSFT
Description:
Failed to store data in the Data Warehouse. The operation will be retried.
Exception 'SqlException': A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)
One or more workflows were affected by this.
Workflow name: Microsoft.SystemCenter.DataWarehouse.CollectAlertData
Instance name: Data Warehouse Synchronization Service
Instance ID: {26BC200F-C4C9-F25C-8D8E-5AE8603C3782}
Management group: ManagementGroup1
===== Log Name: Operations Manager
Source: Health Service Modules
Date:
Event ID: 31565
Task Category: Data Warehouse
Level: Error
Keywords: Classic
User: N/A
Computer: ServerMGMT1.Contoso.MSFT
Description:
Failed to deploy Data Warehouse component. The operation will be retried.
Exception 'DeploymentException': Failed to perform Data Warehouse component deployment operation: Install; Component: Script, Id: 'ffdaf07a-73e1-892f-b687-89385b3744cf', Management Pack Version-dependent Id: 'de2dc89e-3efa-9865-fd1c-b0cf297cd8fd'; Target: Database, Server name: 'OLDSQLSERVERNAME', Database name: 'OperationsManagerDW'. Batch ordinal: 0; Exception: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)
One or more workflows were affected by this.
Workflow name: Microsoft.SystemCenter.DataWarehouse.Deployment.Component
Instance name: Data Warehouse Synchronization Service
Instance ID: {26BC200F-C4C9-F25C-8D8E-5AE8603C3782}
Management group: ManagementGroup1
For complete details regarding this issue as well as a resolution, please see the following:
KB3058923 - Event IDs 31551 and 31565 when the Operations Manager management server tries to contact the data warehouse database (https://support.microsoft.com/en-us/kb/3058923/)

Maintenance Mode scheduling at a future time in SCOM Technical Preview 2

Currently, many of you have to wait until the maintenance window arrives to put machines/devices to maintenance mode or have to use custom created Orchestrator runbooks/tools to achieve triggering maintenance mode at a future time. You expressed in your feedback that you would like to see a feature to schedule maintenance at a future time out of box in SCOM. We heard you and are excited to share that we released a feature in SCOM Technical Preview 2 that will enable you to put your monitored entities to Maintenance at a future time. The feature will give you the ability to create recurring maintenance schedules with options to schedule daily/ weekly/ monthly. It will also give you the ability to view all maintenance mode schedules created using this feature in one screen and also give you the ability to schedule multiple jobs for the same entity. Please watch out for this feature in System Center Technical Preview 2. You can find the Evaluation VHDs here and documentation about the feature here.

KB: "Error Code 800706D3" occurs when you perform an Agent push installation to Windows Server 2012 computers

KB7334333232
When you push a Microsoft System Center 2012 R2 Operations Manager (OpsMgr 2012 R2) agent from a Windows Server 2012 based management server to a Windows Server 2012 based agent server, you receive the following error message: The Operations Manager Server failed to open service control manager on computer server2012agent.contoso.local. Therefore, the Server cannot complete configuration of agent on the computer.
Operation: Agent Install
Install account: contoso\scom_admin
Error Code: 800706D3
Error Description: The authentication service is unknown.
Additionally, when you try to connect to the Services console of the agent, the connection is unsuccessful and you receive the following error message: Windows was unable to open service control manager database on server2012agent.Error 1747: The authentication service is unknown. For complete details as well as a resolution, please see the following:
KB3060495 - "Error Code 800706D3" occurs when you perform an Agent push installation to Windows Server 2012-based servers (https://support.microsoft.com/en-us/kb/3060495/)