Quantcast
Channel: Operations Manager - General forum
Viewing all 11941 articles
Browse latest View live

Log on as a service account.

July 4, 2019, 6:21 am
$
0
0

Hello All,

An inquiry.  i'm trying to start the SCOM service using a service account. However, i'm getting below error

The account is scom action account. It is a part of Administrators group. I have also checked the local policies to allow log on locally and log on service. This account exists. 

In the event viewer i see the below error.

The Health Service only supports running as the local system user account.  The service was configured to run under a different user account so it cannot start.  Please reset the service configuration back to the default setting.

Does this mean i cannot start the service with any other account other than local system ? Please advise. 

The purpose to start using action account is  to monitor SSRS. i have a scom agent installed in server A. SSRS is on server A but the SSRS "report server" database is actually sitting on a SQL instance on server B. SCOM agent is running on local service on server A and whenit tries to connect to server B SQL instance instance to report server database the connection fails because a local service on server A does not have access to SQL server on server B. If i can run the service using a service account, i can give the service account access to server B.

Please advise. 


-py

Search

Gateway server - Antivirus Error

July 22, 2019, 6:38 am
$
0
0

Hi Team,

Got this error in on of the gateway server "Instance count of the mcshield.exe process is outside specified range with a value of 0 ." Please find the below screenshot for reference. 

Can I create 1 unit monitor for several services having the same label except at the end?

July 29, 2019, 7:10 pm
$
0
0

Hello guys?

I'm looking for an organized way to monitor several simple services but having the same characters except at the end. 

Example: These are 3 services running on a server XYZ, 

VMware cloud-vCenter-1, VMware cloud-vCenter-abc, VMware cloud-vCenter-xya

I would want to create only 1 monitor for these 3 services and not 3 monitors. 

What do you suggest?

Thanks in advance

SCOM 2019: DMZ agents wont communicate with Gateway server - Error 20071 & 21016

July 29, 2019, 6:23 am
$
0
0

Hello everyone,

I've found browsed tons of guides and figured I would reach out here now. 

Background: 

I have a gateway server (GW) in a DMZ zone which communicates with my Management server (MS). From what I can tell the GW server communicates successful with the MS, since I find similar events in the eventlog (I'll upload picutres when my account is verified):

'New configuration became active. Management group...'

There is a warning in the Operations manager console, but they are from the installation and does not appear to go away - even though I've changed the default action account & re-installed the agent on the GW server. ¯\_(ツ)_/¯ 

"The Health Service could not log on the RunAs account 'domain\ServerActionAccount' for management group Groupname. The error is The user name or password is incorrect.(1326L). This will prevent the health service from monitoring or performing actions using this RunAs account"

But, the real problem is that my first (of many) DMZ client server (Lets call the client 'DMZserver') can't communicate with the GW. I was a little confused during the MOMCertImport.exe stage if I should import the GW certificate or create one for the server itself, so I tried both options - without any luck. 

In the eventlog from the DMZServer I can see the follow errors (20071 & 21016).

'The OpsMgr Connector connected to GW, but the connection was closed immediately without authentication taking place.  The most likely cause of this error is a failure to authenticate either this agent or the server .  Check the event log on the server and on the agent for events which indicate a failure to authenticate.'

&

'OpsMgr was unable to set up a communications channel to GW and there are no failover hosts.  Communication will resume when GW is available and communication from this computer is allowed.'

I have checked:

  • Telnet 5723 between DMZserver & GW
  • Telnet 5723 between GW & MS (Please note that I have not configured the '/ManagementServerInitiatesConnection=True'-parameter during the 'Microsoft.EnterpriseManagement.gatewayApprovalTool.exe'-phase from the MS server.)
  • I have also confirmed that 'HKLM\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Machine Settings\ChannelCertificateSerialNumber' value of the certificate is matching the thumbprint. 
  • There is DNS resolution between DMZServer & GW.
  • There is DNS resolution between GW & MS
  • There is nothing under Administration-> pending management' in the Operation Console. 
  • I have imported the Root & Intermediate certificates on all 3 servers.

I am clearly missing something, but I've looked in to a few guides and none of those I've looked at have any additional steps. 

Anyone have any tips?

best regards,

TB


SCOM 1807 - Management Server Fail-over Mechanism

August 8, 2019, 2:33 am
$
0
0

Hi,

I have setup SCOM with different resource pools, including 2 MSs in each one for load and fail-over purposes.

I have noticed that when the RMS server goes down for any reason, all SCOM Health Status goes Grey and the Windows Agents go Critical / Grey as well. Is this a normal behavior in SCOM ? To note that all agents have their primary and fail-over host set successfully. The OPSDB confirmed through script that is enabled as a score for the fail-over mechanism as well.

Is there a way to confirm whether Fail-over between MSs within the same resource pool is actually working?

Are there any further settings to set / confirm with regards to MSs Fail-over mechanism ?

Thanks in advance

A scheduled discovery task was not started because the previous task for that discovery was still executing

July 22, 2019, 6:03 am
$
0
0

Hi, I'm getting these messages on specific servers and the monitoring service just hangs and doesn't report alerts. If I restart the service, it errors on the stop, then restarts fine and seems to be OK, until these messages appear again a few days later and it just hangs again. Other servers that have the same build appear to be fine. Can anyone advise what's causing this please?

We're running SCOM 2012 SP1.

Thanks.

A scheduled discovery task was not started

April 11, 2013, 11:51 am
$
0
0

Event ID 10000: A scheduled discovery task was not started because the previous task for that discovery was still executing. 

Discovery name: Microsoft.SystemCenter2012.ConfigurationManager.ClientDiscovery.

I get these warnings on all managed servers for the same discovery type. They come every 1.5 to 4 hours on each system, which makes a mess of the event logs. The default appears to be 14400 seconds, which I have not modified.

Has this been problematic for anyone? Is there a recommended setting if this threshold is too low, or does the fact that discovery is not completing in 4 hours indicate a bigger problem?

Thanks.

Audit Collection Services - Collect 2016 server events on OpsMgr 2012 R2

August 9, 2019, 8:36 am
$
0
0
I just enabled Audit Collection services forwarding from a Windows 2016 Server. I am not seeing any events for this machine in the ACS database. Does anyone know if OpsMgr 2012 R2 supports collecting events from a Windows 2016 Server?
Search

Monitor Physical Hard Disk on HP Servers through SCOM

March 12, 2019, 4:34 am
$
0
0

Hi,

I need to monitor the physical discs in our HP ProLiant server machines to detect any failures and we intent to do this using SCOM 1801.

appreciate let me know recommended approach/steps or the recommend management packs to achieve this task by using SCOM.

Thanks,

Dilan


GW - Error 7000: The Health Service could not log on the RunAs account

August 12, 2019, 3:10 am
$
0
0

Problem: 

I have an action account for my domain joined servers. The same account is also used as a SQL MP account. For my GW server (and the other servers in DMZ which connect to the GW server) I get error messages in the event logs that the account failed to login.

  • 7000: The Health Service could not log on the RunAs account <domain\action account> for management group <group>.  The error is The user name or password is incorrect.(1326L).  This will prevent the health service from monitoring or performing actions using this RunAs account
  • 7015: The Health Service cannot verify the future validity of the RunAs account <domain\action account> for management group <group>.  The error is The user name or password is incorrect.(1326L).
  • 7021: The Health Service was unable to validate any user accounts in management group <group>.

Setup:

      • During my GW installation, I picked the 'Local System'-option, not the 'Domain or Local Computer Account'-option during the 'Gateway Action account'-step in the wizard. 
      • Also, under Run as configuration->Profiles->Default action account, the GW and DMZServer use 'Local System Action'.

      The warning displayed in the Operation manager console is:

      "The Health Service could not log on the RunAs account <'domain\action account'> for management group <group>.  The error is The user name or password is incorrect.(1326L).  This will prevent the health service from monitoring or performing actions using this RunAs account"

      From the GW & connected servers I can also see these event ID:

      • 7023:  "The Health Service has downloaded secure configuration for management group <group> successfully."
      • 7025: "The Health Service has authorized all configured RunAs accounts to execute for management group <group>.
    • 7028: All RunAs accounts for management group <group> have the correct logon type.

    Also, the Run as account used for the SQL MPs seems like the logical place to begin, but:

    • I have a group (LAN Group) that exclude DMZ IP-addresses.
  • For each 'Profile' under Administration->Run As Configuration, where the 'SQL MP account' is used, I have selected the LAN Group as a target.

For exampel, the 'Microsoft SQL Server 2014 Discovery Run As Profile'-profile use the 'SQL MP account'. If I edit this account there is a option to select a class, group or object. I have selected the 'LAN Group' option - which exclude the DMZ servers.


Run As Profile Microsoft.SystemCenter.Apm.Csm.EncryptionProfile cannot be resolved

August 12, 2019, 2:29 am
$
0
0

Hi All,

I am working on SCOM Project where we are facing a issue in which the Management Groups are showing as unhealthy where as the individual Management Servers are all healthy. We have checked the individual profiles and after much research we have found that the Microsoft.SystemCenter.Apm.Csm.EncryptionProfile Run As account has been deleted. 

How is this profile created? Is this Run As Account created due to importing some of the Management Packs and could have been deleted due to the import or deletion of any Management Pack? How could this issue be resolved?

Thanks in advance.

Management Servers are showing healthy but the Operation Manager Management Group is showing unhealthy

August 12, 2019, 5:02 am
$
0
0

Hi All,

I have a SCOM running up in the servers. The Management Servers are showing as healthy but the Operations Manager Management Group and the Data Access Service Group is showing as Critical. What could be the probable cause of this issue?

Thanks in advance.

SCOM agent data is not getting inserted to SCOM Data Warehouse DB

August 12, 2019, 9:17 am
$
0
0
We have a SCOM 2012 R2 Environment. For few of agents no data is getting stored in SCOM Data Warehouse database. The agents(Server OS version WIN 2012 R2) are reporting healthy in SCOM. And in Console, if open the performance view of these agents and select the underlying objects like CPU, Memory, Logical disk etc (the collection rules), I can see the graph populating and also can extract these data from SCOM Operations Manager DB.

Interesting fact, If I try to pull any report from reporting pane in console,  while adding a group, when I search for the group/object with these server names, nothing shows in the Available Items section. Where as for other agent, it able to search.
I've tried to pull Performance(hourly/Daily/Raw) and alert data extract from DW DB for these servers but query return no data. It seems noting  is getting stored in DW DB for these problematic servers, whereas for other servers data is getting stored in DW DB without any issue.

I've also verified that there is no override set for these servers for these collection rules. Also I have tried flushing scom agent cache, re-installing agents and tried below steps but still no luck. Also there is no such error or warning event appearing in Operations manger logs in these agents.

i. Stoped SCOM agent on these servers
ii. Deleted the Health State Folder
iii. Removed the offline agent entry from scom console
iv. Executed PS command- 'Remove-SCOMDisabledClassInstance' on Management server
v. Started SCOM agent

So to conclude, agent is healthy, data is reflecting in Operation Manager DB and in console also able to see the graphs but no data is reflecting in DW DB for these agents.
If any one have encountered similar issue or any leads will be great help.

data access service group in critical state

August 12, 2019, 11:40 pm
$
0
0

hello,

i have scom 2016 environment with 10 management servers ,the health status of all management server is health but the data access service group showing critical.



One Or More Accounts Provided Could Not Be Validated

August 13, 2019, 3:51 am
$
0
0

I'm setting up a SCOM lab and am getting the "one or more accounts provided could not be validated" error during the install wizard. My lab setup is consisting of: 1 domain controller / 1 scom server / created the 4 scom accounts / created domain scom group to contain the 4 scom accounts / scom group has been added to the local admin group on the scom server.

I have also logged each of these 4 scom accounts into the server successfully to verify they can login and am manually typing everything into the wizard.

Please advise........

Jason

Jason

Search

List SCOM 2012 Custom Fields details

August 13, 2019, 6:53 am
$
0
0

Hi Team,

How to list the all rule/monitor Custom filed details available in SCOM.

SQL query to Pull the Custom Fields

August 13, 2019, 8:10 am
$
0
0

Hi

SQL query to get the Custom Fields details of SCOM rules


Azure MP 1.7.0.0 Full Scan Option

July 15, 2019, 4:42 am
$
0
0

Thoguht I would put this out there in case anyone has found a solution but I am unable to retrieve the 'Full Scan' option from the Latest Azure MP . 

The guide has the below information though it isn't clear where this needs to be created 

I have add this key to all management servers but still don't get the 'full scan'  option 

In order to enable Full scan option the following registry key must be created on host with SCOM server installed: 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Azure Management Pack

String “EnabledFullScan” value “true” 

Full Scan option will become available in Wizard.

Richard Scott

Integrating SCOM 2019 with SCVMM 2019

July 24, 2019, 10:44 am

Data was written to the Data Warehouse staging area but processing failed - 31553 error

August 14, 2019, 11:09 am
$
0
0

Hi All,

I am getting Event Id: 31553 event on all three Management Servers (SCOM 1801). Please let me know how to fix. In few blogs, it was mentioned for ManagedEntity table, but in my case it is "EventProcessStaging" table. I have checked the rows count on Event.EventStage and Event. Event2Process tables, where it is less than 10000 only. So, help me to fix.

Both Event Staging and Alert Staging tables are increasing in count after truncating the tables, but not being processed at all. 

Event Id: 31553

Data was written to the Data Warehouse staging area but processing failed on one of the subsequent operations.
Exception 'SqlException': Sql execution failed. Error 777971002, Level 16, State 1, ProcedureEventProcessStaging, Line 398, Message: Sql execution failed. Error 8115, Level 16, State 1, Procedure -, Line 1, Message: Arithmetic overflow error converting IDENTITY to data type int. 

One or more workflows were affected by this.  

Workflow name: Microsoft.SystemCenter.DataWarehouse.CollectEventData 
Instance name: MS1.domain.com
Instance ID: {B85006FB-F9A9-A524-D7D1-3CF431AA933D} 
Management group: Prod

Regards, Suresh

Viewing all 11941 articles
Browse latest View live
Search