Thursday, April 28, 2016

SQL MP: No Pain, No Gain. But NOT Anymore!

Wh00t! For many years I am a follower of the blog written by Kevin Holman. This blog is a HUGE resource for in-depth information about SCOM and has aided me in resolving many issues. It also helped me to get my own blog on a good level.

So yesterday I was more than happy to find a nagging issue to be resolved. This is all about the SQL MP.

On one side I really love this MP since it shows what SCOM can do for any environment, but in the same time it can be a pain in the preverbal backside in order to get it up and running.

Why? Because you need to configure the Run As Accounts in a proper manner. Without it, no SCOM monitoring of your SQL instances and related workloads. It always took a lot of time to get the SQL MP configured properly and many times involved many talks and even discussions…

But those days are GONE! Thanks to Kevin AND a colleague of his, Ralph Kyttle! Awesome!

So whenever you run SCOM AND the SQL MP is imported, go to his blog and read the posting all about how they solved this nagging issue!

A BIG thanks to Kevin and Ralph!

Thursday, April 14, 2016

Office 365 MP & Proxy: The One & Only Solution For ‘Connection to EndPoint Service failed’ Alert

Issue
Even though the Office 365 MP isn’t that good (duh!), there are still some organizations who require this MP in their SCOM environment. The import and configuration of this MP is straight forward and quickly the Alerts (AKA noise?) come in…

However, when there is a proxy required for internet access, it can be a challenge to make sure all works fine. Otherwise the Office 365 MP can’t connect to the Office 365 Endpoint, resulting in an Alert like this one:
image

Cause
Even when the proxy is correctly configured in IE for the correct account used by the Office 365 MP Run As Profile, on the SCOM Management Servers participating in the Resource Pool used by the Office 365 MP, it doesn’t work.

Underwater the HealthService.exe process spawns a new MonitoringHost.exe process, under the credentials defined in the Office 365 MP Run As Profile. But it doesn’t pick up the proxy settings defined in IE for the same account.

Instead it doesn’t use a proxy at all, resulting the previous mentioned Alert.

Solution
First an foremost, ascertain there is a working internet connection on the MS servers who are member of the Resource Pool used by the Office 365 MP:

  1. Log on to the related MS server(s), open IE and configure the proxy as required;
  2. Try to open this website:https://office365servicehealthcommunications.cloudapp.net/
  3. When all is okay, you’ll get an 403 - Forbidden: Access is denied message:
    image
  4. Repeat these steps on ALL SCOM Management Servers participating in the Resource Pool used by the Office 365 MP.

At least you know now the internet connection to the Office 365 Endpoint is functional. Time to move on to the next phase, editing the MonitoringHost.exe.config file, found on the Management Server in folder C:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Server.

Mind you, even though these actions could be limited to only the SCOM Management Servers participating in the Resource Pool used by the Office 365 MP, it’s Best Practice to modify ALL SCOM Management Servers of the related SCOM Management Group. This way all your SCOM Management Servers are configured in the same manner. Also Change Management should be applied here. So make sure to log this change and to follow the change procedures required by the company you’re working for.

Action PER SCOM Management Server:

  1. Start a RDP session and log on with local admin permissions;
  2. Locate the file MonitoringHost.exe.config (on a SCOM 2012 R2 MS server: C:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Server), make a copy of it and store it in a safe place. This way there is always a way back;
  3. Open the file in an editor like Notepad++, and add these lines just below the element <configuration>:
    image
  4.   <system.net>
        <defaultProxy enabled="true" useDefaultCredentials="true">
          <proxy      
            proxyaddress="http://proxyaddress:8080"
            bypassonlocal="true"
          />
          <bypasslist>       
          </bypasslist>
        </defaultProxy>
      </system.net>

  5. Modify the entry http://proxyaddress:8080 as required by your proxy configuration. Now the file looks like this:
    image
  6. Save the file;
  7. Restart the Health Service;
  8. Repeat these steps on ALL SCOM Management Servers.

Now the Office 365 MP will be able to connect to the Office 365 Endpoint.

Used sources
Based on these sources I found the solution as described:

  1. TechNet Forum, comment posted by MMF1971. So all credits should go to him/her.
  2. KB3026285, which didn’t help at all Smile.

Friday, April 8, 2016

Beware: MP Catalog Contains Old Versions Of SharePoint 2013 MPs

Issue
A customer of mine reported an error with their SharePoint Foundation 2013 MP. Somehow it couldn’t upload a Report to the SSRS instance. This Alert was shown in the SCOM Console:
image

This made me wonder. Since I had seen this error in the past, related to an OLD version of the SharePoint Server/Foundation 2013 MP. But this bug had been fixed in later releases of these MPs…

Time to investigate
So I asked what version they used. And to my surprise, they used the old version (15.0.4420.1017). They told me they downloaded it from the MP Catalog, accessible from the SCOM Console. And indeed, this OLDER version (with the bug!) is offered by the MP Catalog:
image

When you look at the normal TechNet download pages for these MPs, they contain the latest version (15.0.4557.1000):

SharePoint Foundation 2013 MP:
image

SharePoint Server 2013 MP:
image

Advise
Whenever needing the SharePoint Server 2013 MPs, DO NOT use the MP Catalog. I’ve already notified Microsoft about it. When it’s solved I’ll update this posting accordingly.

Thursday, April 7, 2016

Skype for Business Server 2015 MP (9319.247) Issues

Yesterday Microsoft updated the Skype for Business Server 2015 MP to version 9319.247.

However, it looks like the sealing process went wrong, because this error is thrown when one tries to import this MP:

‘…This management pack cannot be imported.: Cannot load the management pack from the specified sealed assembly file: C:\Program Files\Skype for Business Server 2015\Management Packs\Management Packs\Microsoft.LS.2015.Monitoring.ActiveMonitoring.mp. This assembly is not fully signed. Cannot verify the strong name signature of the file: C:\Program Files\Skype for Business Server 2015\Management Packs\Management Packs\Microsoft.LS.2015.Monitoring.ActiveMonitoring.mp…’

image

This error can be reproduced in other (test) SCOM environments as well. I’ve already notified Microsoft about this issue. So I hope it will be fixed soon.

When it’s fixed, I’ll update this posting accordingly.

Wednesday, April 6, 2016

Incremental Update For MAS TP1

Yesterday Microsoft released the first (?) incremental update for Microsoft Azure Stack (MAS), aka MAS Update 1.

Improvements are (taken directly from the website):

  • Faster VM deployment times;
  • Better performance in VM-related actions such as stop, start, delete;
  • Incremental stability and reliability improvements to the portal experience;
  • Updated extensions for Desired State Configuration and Docker (for purposes of Azure alignment).

For anyone running MAS it’s recommended to roll out MAS Update 1.

Please know that a REBUILD of your MAS environment is required since – like any other TP build – an inplace upgrade/update isn’t supported.

Some useful links:

Thursday, March 24, 2016

SCCM 1511 Update Is Available (SCCM 1602)

Introduction
When Microsoft introduced SCCM 1511, they referred to the SaaS approach of the latest SCCM version. Basically meaning that from SCCM 1511, Microsoft will help you BIG time with updating and maintaining the SCCM core components and infrastructure.

Every 3 to 4 months a new version is to be expected and with just a few actions of the SCCM admin, the whole SCCM infrastructure can be updated to this latest & greatest version.

As a result SCCM is rebranded to SCCMYYMM, where YY stands for the year released and MM for the month number the version is released. So SCCM1511 means it’s released in November (11) 2015.

It made me wonder. Since many times Microsoft has shown brilliant ideas but sometimes failed to deliver because of poor or lacking proper execution. But imagine when it works as intended. That would be awesome since it takes away so much hassle!

Now it’s time to put it to the test since SCCM 1602 is General Available now!

Say hello to SCCM 1602
When I opened the SCCM 1511 Consoles in one of my test labs, I was greeted by this screen:
image
Nice! Time to check it out in the Console!

In the SCCM Console under \Administration\Overview\Cloud Services\Updates and Servicing, the SCCM 1602 update is shown:
image

Under the Feature tab the features of this update are shown:
image

Please take note of the workaround when the download seems to hang:
image

Time to put the new update mechanism to the test. How easy is it to upgrade SCCM 1511 to SCCM 1602?

Let’s upgrade to SCCM 1602!
First I run the Run prerequisite check workflow, in order to see whether all is upgrade ready. This option is available in the context menu when right clicking on the update:
image

Or in the ribbon:
image

Either way starts the same workflow:
image

This runs for some time and when ready the State will updated in the Console. This State can be found in two places: \Administration\Overview\Cloud Services\Updates and Servicing and \Monitoring\Overview\Site Servicing Status:
image

Now it’s time to install the whole package. Right click the update and select Install Update Pack option. In the ribbon there is also a button for it:
image

Now the Configuration Manager Updates Wizard will start. Follow it through and adjust the options as required by your organization and SCCM environment requirements:

image

image

image
Since it’s a test lab I can upgrade the Clients without validating. In a production environments this is a NO GO and you should ALWAYS test it by selecting the option Validate in pre-production collection.

image

image

image

When done with the wizard, the SCCM 1511 environment will be upgraded to SCCM 1602. Please know this might take several hours, depending on the size of your environment and the available resources.

To see the actual progress of the update go in the Console to \Monitoring\Overview\Site Servicing Status, right click the Update Package and click on Show Status. Soon you’ll see the progress of your update:
image

Please note that during the upgrade the Console will also be upgraded to the latest version. When the Console is still running but ready for the upgrade you’ll be notified about it. When not updating the Console AND working with it, there is a change some data will be corrupted…
image

So click on OK and let the Console be upgraded as well:
image

After a while all is upgraded to SCCM 1602 (Build number 8355):
image

Recap
It looks very good this new upgrade feature of SCCM. And in my test lab it works as intended. But when upgrading your PRODUCTION environment, please follow the normal procedures as with any other upgrade. So follow the Change Management procedures as required by your company, and before upgrading production – when possible – test it first in a test environment so you know what to expect.

Like any other updates/upgrades of SCCM, while in progress it affects the availability of your SCCM environment. So run this upgrade outside the regular business hours.

And make sure you know what you’re doing, so READ the available resources before starting the upgrade.

Some resources I used:

  • Wednesday, March 23, 2016

    Busy

    Since I run this blog I’ve posted many articles, most of them about SCOM. Lately however, the total amount of postings has dropped significantly. Not because there isn’t anything to blog about, but simply because I don’t find the right time and mind for it lately.

    Reasons are (but not limited to):

    • About to move home
      (Yes! It takes a lot of time & energy in order to get it all right, but I can’t wait);
    • Busy with many good assignments with new challenges
      (Many new projects for new customers going on, which I really like);
    • A lot of studying
      (Back to school it is for me, so I study a lot in the evenings and weekends. Already 4 new certifications have been achieved by me, more are coming!);
    • Reinventing myself with a strong focus on Azure, also involving studying & training;
    • And just enjoying private life besides my work.

    Therefore my blog is a bit more silent then people are used to. However, after a few months from now I expect to have found a new balance, thus allowing me to blog more and more again.