Quantcast
Channel: Operations Manager - General forum
Viewing all 11941 articles
Browse latest View live

SCOM 1807 - Certificate Mutual Authentication

$
0
0

Hi,

Setup Description.

2x MS within All Management servers resource Pool - with certificates for Windows agents and setup as primary and fail over for all windows agents. 

2x MS in a separate Resource pool for Linux monitoring

1x MS in a separate Resource Pool for Web Application Monitoring. 

I am in the process of changing the CA currently used for SCOM with another one. My Plan was to have one of the 2x MS servers certificates changed and migrate all agents, and once done replace the certificate for the other MS. 

The problem i faced was that during testing, i have issued a certificate from the new CA to the MS serving the Web Application Monitoring and as soon as i imported it with momcertimport the resource pools served by that MS went unavailable, and all websites went grey. All was resumed to normal as soon as i removed the cert. 

I am still unaware of what might have caused such behavior, but i think it might be that the MS is not within the All management server resource pool. Any ideas ?


All reports fail in SCOM Auditing Reports

$
0
0

Hi,

I want to configure "Auditing Collection Services" on SCOM 2019.

All installation was successful. Ich could connect also Reporting Services and Reports with following URL

https://reporting.mydomain.com/Reports_SCOMRS/

Then I want to confugure first"Audit Reports" and selected"DB Audit".

And selected under "Credentials" the option "Windows user name and password".

To create an auditing report I selected any report under "Audit Reports" and then"Access_Violation_-_Account_Locked" report.

I tried to generate report using "View Report", but this generates the following error:

  • An error has occurred during report processing. (rsProcessingAborted)
    • Cannot create a connection to data source 'DB_Audit'. (rsErrorOpeningConnection)
      • Cannot open database "OperationsManagerAC" requested by the login. The login failed. Login failed for user 'DOMAIN\User'.

DOMAIN\User has definetly rights on SQL Reporting Services and on ACS database.

I noticed the database name. In the error, the database name is "OperationsManagerAC", but our ACS database has a different name. I think that is the issue. But I don't know how I can solve it.

Best regards

Birdal

scom 2016 creating dashboard not seeing general computer data module

$
0
0

hello,

i have scom 2016 up and running, I'm at the point of creating a dash board, its pretty straight forward but I do not see computer and or server general data info, like hard drive space, cpu utilization, ram, etc. pointing me in the right direction would be great. thx. I found this good link but it does not have that info, do I need to install that 1801, I think thats for html pages. thx in advance. 

Logical Disk performance collection issue for agents for Instance: _Total

$
0
0

Hi,

I have below rule configured in SCOM to gather the performance data from agents.

RuleName: Logical Disk Free Megabytes Windows Server 2012

Object: LogicalDisk

CounterName: %Free Space

Instance: _Total, C, D

I'm seeing the performance data for C and D drives but _Total instance data is not coming up with respect to counters.

Please note that I have set the frequency for every 15 mins. Max Sample Seperation value is set to 1 and Tolerance is set to Zero. This stats that performance should be collected in every 15 mins. I'm getting the data for C & D drives but not receiving any data for _Total.

Can someone explain me on this.

Thanks,

Ramu Chittiprolu

SCOM ACS Cache Size?

$
0
0

Morning All,

Just wondering when a server loses connectivity to the ACS collector or database do all the security events then cache on the local server? If so where do they cache and is there a size limit? 

We are planning on migrating some servers in to our new environment shortly but we can't afford to lose security events. I was hoping that they would cache and then when they re-connect to an ACS collector it would send those cached events and any new ones in.

Can anyone clarify?

Hardware monitoring performed through the SCOM agent installed in the Windows OS?

$
0
0

A basic question here.

Isn't hardware monitoring performed through the SCOM agent installed in the Windows OS?  

I'm aware we have hardware specific management packs. We are currently using Dell and HP management packs. But just want an expert opinion before i can present it to my folks. 

Kindest Regards


-py


SCOM - Multi-tenancy

$
0
0

Hi guys,

My company is looking to use SCOM for multi-tenancy for various customers, my question is has anyone done this in the past and have any problems that they ran into?

My number one question is around gateways, is it possible\best to set up a gateway over the internet or do you HAVE to have a gateway on each customer connected by a site to site VPN?

SCOM Audit Reports contain no data

$
0
0

Hi,

I deployed SCOM Audit Reports, and then run any audit report.

None of audit reports contains any data.

Example: report "Usage_User_Logon"

How can solve this issue?

How can I check in Audit database if it contains any data?

Best regards

Birdal



Can't see if a Agent is in Maintenance Mode

$
0
0

Hi

I have a Question about the SCOM Maintenance Mode. I use two different options to set a maintenance Mode on Agents.

Option nr. 1:
Monitoring-->Maintenance Schedules-->Create Maintenance Schedule

Option 1

Option nr. 2:
Monitoring-->Operations Manager --> Agent Details --> Agents by Version i have the State Action "Start Maintenance Mode"

When I use option nr. 2, I can't see the Maintenance Mode in my Dashboards. When i use the option nr. 2 I can see the Maintenance Mode in the Dashboards.

The reason, why I use to ways is, that the users can only see their own Maintenance Schedules in the "Maintenance Schedule" View. But when they go to the "Agents by Version" view, they can stop a Maintenance, which is started by another user.

Anybody know, why i can't see the Maintenance Mode from option 2 in my Dashboards?

Best Regards

All manually installed agents suddenly disappeared from "Agent Managed" - SCOM 1807

$
0
0

Hi !

There is almost a catastrophy in SCOM environment  8(

All the manually installed agents for non-domain Windows servers (which has been installed  succesfully)suddenly  disappeared from an "Administration-Agent Managed" pane. But they are still presented in a "Windows Computer"  all in a healthy state ! No alerts at all, I realized it when I tried to get performance info from some of them. I can't start any task on them from console, despite their visual healthy status.

Those agents have been working for over half of year with no of issues. All certificates installed on them are valid until 2021 . All of them were connected to the same SCOM server.

Our OpsManager logs exploration from both sides didn't make things clear. From the SCOM server side the log full of messages that servers who aren't a part of a management group tried to establish a connection between. From agent sides  the logs have a similar bunch of messages that a Health service tried to establish a connection with the main SCOM server, then with failover ones but those connections inmmediately closed (Code 20000 as far as I remember). Looks like they have no certificates to connect but those certificates are right on the place as well on all SCOM servers as on all agents. Additionally the healthy status all of those servers in "Windows Computers" and their comlpete absence in "Agent Managed" makes me embarrased. 

All the rest of agents who works on domain servers work on a normal way.

I tried to

- flush and restart Health Service on some of those non-domain servers on a way we all know (stop the agent service, kill the Health folder, start the service). No luck at all.

-flush and restart Health Service on the SCOM server made with tools provided by an Operations Manager pane. The same sh.t.

Things looks like a certificate authentication doesn't work at all. But earlier I've seen that when such kind of issue happened server objects immediately turn into grey state and critical alert has raised. Nothing of it here, the objects looked  healthy. No alerts.

I need some help to resolve it. What may be a root of problem ? Any help would be appreciated

Thanks in advance.

SCOM 2012 R2 support

$
0
0

Dear all,

Will SCOM 2012 R2 support Windows server 2019 ?

Thanks,

Is Silver application/Plug in required for SCOM servers and Live maps servers

$
0
0

Hi Team,

Please let me know if silver light plug in is required for SCOM Installed servers. If it doesn't require, shall I remove it from the servers. 

disabling all subscriptions

$
0
0

I have seen a few posts regarding disabling SCOM subscriptions but all seem to involve a lot of manual effort and ensuring you know which were enabled in the first place 

as such I have built the below script which will backup your subscription MP with a date and timestamp and then disable all subscriptions by editing the 'enabled' field, increment the version then re-upload to SCOM 

This script can be ran 'as is' from any management server and will save the MP's to 'c:/temp'

to re-enable your subscriptions you need only rename your date stamped file name and re-import into SCOM 


Import-Module OperationsManager;
New-SCOMManagementGroupConnection 'localhost'
 $path  = "c:\temp"
 $LiveFile = "$path\Microsoft.SystemCenter.Notifications.Internal.xml"
 $NewFile  = "$path\Microsoft.SystemCenter.Notifications.Internal.new.xml"
 #Export Current notifications MP 
 Get-SCOMManagementPack | where {$_.name -like '*notification*internal*'} | Export-SCOMManagementPack -Path $path

 #edit and resave notifications MP with all set to false 
 (Get-Content $LiveFile).replace('Enabled="true"', 'Enabled="false"') | Set-Content  $NewFile
 # rename the original file with a datestamp
 $datestring = (Get-Date).ToString("s").Replace(":","-")
 $Newname  = "$path\Microsoft.SystemCenter.Notifications.Internal_$datestring.xml"
 Rename-Item -Path "$LiveFile" -NewName $Newname 

 #rename the new file for importing into SCOM 
 Rename-Item -Path $NewFile -NewName $LiveFile

 
 #update version number of MP

 #convert the file to xml 
[XML]$XMLLiveFile = Get-Content -Path $LiveFile

#select the current version number and increment by one 
foreach ($a in $XMLLiveFile.ManagementPack.Manifest.Identity.Version) 
{ 
    $a = $mpversion.split('.')
    $a[3] = [int]$a[3] + 1
    $mpversionincr = $a -join '.'
    $mpversionincr   
 } 

#set the new version number as the version attribute 
$XMLLiveFile.ManagementPack.Manifest.Identity | foreach{$_.version = $mpversionincr}

#Save the XML Update 
$XMLLiveFile.Save($livefile)

#upload the MP back to scom 
Import-SCOMManagementPack $LiveFile

Write-Host "waiting MP Import"
Start-Sleep -s 30

$enabled = Get-SCOMNotificationSubscription | ? {$_.enabled -eq $true}

Write-Host Management pack enabled count is $enabled.Count


Richard Scott

Moving SCOM 2012 R2 Standard v7.1.10226.1360 (Retail) from Server 2008 R2 Standard to Server 2012 R2 STD

$
0
0

I need some advise from anyone that has performed a move of SCOM 2012 R2 to another server. I have to perform this operation for SCOM Gatweway servers and the management and RMS servers.

All host names will change as well as IPs. I should be able to get away with this so the new servers run in parallel. I will ensure the same firewall rules are in place for new servers. Gateway servers should be relatively eaqsy I think with port 5723 that needs to be open. Does anyone have the steps for the install and the cert side?

I was pleased to learn that the SCOM management packs do not need to be re-installed and are stored in SQL. I also know that SCOM 2012  that we use can only be moved to Server 2012 and not compatible with Server 2016. 

We have servers in the DMZ which are not on a domain so I guess the host file will need to be updated to match new servers names. Anything else I need to know?

Can anyone provide any steps and tips for getting this done? How easy is it?

A list of steps would be ideal. 

Health Monitors not monitored extended monitoring Network Device

$
0
0
In the screen shot below you can see objects that are recognized but not monitored by SCOM 2019.  The device is a checkpoint firewall which is on the extended monitoring list.  What do I need to do to ensure that the Memory, CPU, File System and other unmonitored objects are monitored?  Do I have to add it to a specific group like critical network adapters group?



Certified Network Devices Extended Monitoring

$
0
0

The screenshot below lists devices that SCOM 2019 is aware of but not monitoring.  How do I enable monitoring for these objects?

Agent less machines monitoring info

$
0
0
Help me with the powershell commands to get the agent less machines that are reporting to management servers, proxy agents, resource pool and management group

Thanks, Shiva ravichandran.


Upgrade SCOM servers OS from 2008 R2 to 2012

$
0
0

Hi,

I am looking to upgrade the SCOM 2012 R2 to 2016. Before I go for it I have to upgrade the OS of management and database servers to 2012 which are currently on 2008 R2.

I am looking for an in place upgrade and following the below approach.

Clone the Management servers, upgrade the OS on clones servers and power off the old servers. Is this the right approach to go for an in place upgrade and will there be any data loss in this process as the cloned servers will take 8-9 hours to upgrade.

Also, please suggest what can go wrong in this process. 

Regards,

Daya Ram 

cmd Command to uninstall SCOM Agent that can be run locally in installed agent machine.

$
0
0

Hello Expert,

I need cmd Command to uninstall SCOM Agent (SCOM 2012 Agent)that can be run locally in installed agent machine.No need to go SCOM Management server.

Rich

SCOM 2016 won´t start Data Access Service after server restart

$
0
0
Hello,

I am sorry about repeating this similar article. But I google it across this forum and nothing helped me. I have newly installed SCOM 2016 for testing purpose. I did some settings inside SCOM Console and decide to restart whole windows server. Data Access Service can´t be started. Next 3x errors are in Event Log:

EVENT 26380:

The System Center Data Access service failed due to an unhandled exception.  
The service will attempt to restart. 
Exception: 

Microsoft.EnterpriseManagement.ConfigurationReaderException: Feature of type 'Microsoft.EnterpriseManagement.ServiceDataLayer.IAuthorizationFeature, Microsoft.EnterpriseManagement.DataAccessService.Core, Version=7.0.5000.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' cannot be added to the container. ---> System.ServiceModel.FaultException`1[Microsoft.EnterpriseManagement.Common.UnknownAuthorizationStoreException]: The creator of this fault did not specify a Reason.
   at Microsoft.EnterpriseManagement.Mom.Sdk.Authorization.AzManHelper.Initialize(String pathToStore, String appName, AzManHelperModes helperMode, String storeDesc, String appDesc)
   at Microsoft.EnterpriseManagement.Mom.Sdk.Authorization.AuthManager.Initialize(AuthManagerModes authMode)
   at Microsoft.EnterpriseManagement.ServiceDataLayer.AuthorizationFeatureImplementation.InitializeAzmanAccessCheckObject()
   at Microsoft.EnterpriseManagement.ServiceDataLayer.AuthorizationFeatureImplementation.Initialize(IContainer container)
   at Microsoft.EnterpriseManagement.SingletonLifetimeManager`1.GetComponent[K]()
   at Microsoft.EnterpriseManagement.FeatureContainer.GetFeatureInternal[T](Type type, String featureName)
   at Microsoft.EnterpriseManagement.FeatureContainer.AddFeatureInternal[T,V](ActivationContext`1 context, String featureName)
   --- End of inner exception stack trace ---
   at Microsoft.EnterpriseManagement.ConfigurationReaderHelper.ReadFeatures(XPathNavigator navi, IContainer container)
   at Microsoft.EnterpriseManagement.ConfigurationReaderHelper.Process()
   at Microsoft.EnterpriseManagement.ServiceDataLayer.DispatcherService.Initialize(InProcEnterpriseManagementConnectionSettings configuration)
   at Microsoft.EnterpriseManagement.ServiceDataLayer.DispatcherService.InitializeRunner(Object state)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart(Object obj)

EVENT 26339:

An exception was thrown while initializing the service container.
 Exception message: Initialize
 Full exception: Feature of type 'Microsoft.EnterpriseManagement.ServiceDataLayer.IAuthorizationFeature, Microsoft.EnterpriseManagement.DataAccessService.Core, Version=7.0.5000.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' cannot be added to the container.

EVENT 26325:

An authorization store exception was thrown in the System Center Data Access service. Exception message: Unable to perform the operation because of authorization store errors.

Looks like it is connected with SQL Server authorization like in this toppics:

https://social.technet.microsoft.com/Forums/en-US/425fee0a-2c48-4645-8129-c3407642154c/failed-to-connect-to-server-quotthe-data-access-service-is-either-not-running-or-not-yet?forum=operationsmanagergeneral

But I already deleted all SQL Server users and turn off mixed authentication.

I have also increased OperationsManager database size to 5 GB and 2,5 GB 

And final step I tried to "repair" installation, but nothing helped me.

System Center Data Access Service and System Center Management Configuration Service is running using CITTIV\scom_da account

I realy appreciate any hints

Jan
Viewing all 11941 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>