Tuesday, June 27, 2017

Cross Post: Alternative Logical Disk Space Monitors

Tim McFadden authored a MP containing two new logical disk space Monitors, only working on the PERCENTAGE of remaining disk space left. These Monitors generate a warning Alert at 10% logical disk free space and a critical Alert at 5% logical disk free space.

These two Monitors are a better approach compared to the over complex Monitors present in the Server OS MP.

As such I advice anyone running SCOM to take a look at this MP and how it’s configured. Yes, when imported, some additional one-time tasks are required. After that, it’s simply Set & Forget.

Go here for more information about this MP. A BIG thanks to Tim McFadden for providing this MP.

Cross Post: Exchange Server 2013 Extension MP

Volkan Coskun has written an extension MP for Exchange Server 2013. This MP discovers individual Mailbox databases (stand alone  or DAG)  and Transport Queues on Exchange servers.

This MP also contains a few Monitors:

  • Check Database Mount Status: Checks if DB is mounted or not
  • Mailbox Database LastAnyBackup Check: This is  a modified version of 2010 MP. In my script  I check both incremental and full backup and if any backup exist in configured period monitor is healthy.
  • Active Preference Check: This monitor will check if database is mounted on Active Preference 1  if database failovers to any other node  monitor will become warning.

The same MP contains 7 performance collection Rules:

  • Database size
  • Database Whitespace
  • Number of Mailboxes in Database
  • Local Mail Flow latency  ( Test-Mailflow )
  • Login Latency  (Uses Test-MAPIConnectivity)
  • Last full  backup age
  • Last incremental backup age

Haven’t tested this MP myself yet, but it looks promising. Of course, as it goes with ANY new MP: TEST it first before rolling it out in production.

Go here for more information about this MP.

New MP: Microsoft Azure Stack (MAS) MP, Version 1.0.1.0

Sometime ago Microsoft released a MP for monitoring the availability of the Microsoft Azure Stack (MAS), version 1.0.1.0. There are some things you must know however:

  1. This MP monitors the availability of the MAS infrastructure running MAS TP3;
  2. Yes, the MAS nodes are totally locked down, so there is no SCOM Agent involved here;
  3. Instead some MAS APIs are leveraged to remotely discover and collect instrumentation information, such as a Deployments, Regions and Alerts;
  4. Out of the box, this MP doesn’t do anything. After import additional actions are required;
  5. Concurrent monitoring of multiple regions has not been tested with this MP;
  6. For MAS deployments using AAD, the SCOM Management Server requires a connection with Azure. This can also be done from the system running the SCOM Console, used for configuring the MAS MP;
  7. .NET Framework 4.5 MUST be installed on all SCOM Management Servers and systems running the SCOM Console;
  8. The SSL certificate provided for the Microsoft Azure Stack deployment of Azure Resource Manager, must be installed in the Trusted Root Certificate Authority Store of all SCOM Management Servers and the computer(s) with the SCOM Console used for configuring the MAS MP;
  9. When SPN is used for authentication, the same certificate created along the SPN must be installed on all SCOM Management Servers and the computer(s) with the SCOM Console used for configuring the MAS MP;
  10. The account credentials which have Owner rights to the Default Provider Subscription of MAS (mostly the Azure Stack Service Administrator account) are required when configuring the MAS MP.

The MP and it’s related guide (PLEASE RTFM!!!) can be found here.

Monday, June 19, 2017

‘Mobile First–Cloud First’ Strategy – How About System Center – 03 – SCOrch


Advice to the reader
This posting is part of a series of articles. In order to get a full grasp of it, I strongly advise you to start at the beginning of it.

Other postings in the same series:
01 – Kickoff
02 – SCCM
04 – SCDPM
05 – SCSM
06 – SCVMM
07 – SCOM


In the third posting of this series I’ll write about how System Center Orchestrator (SCOrch) relate to Microsoft’s Mobile First – Cloud First strategy. And as stated in the end of the second posting of this series, SCOrch isn’t in a good shape at all…

SCOrch
Sure, there is SCOrch 2016. And YES, it has the Mainstream Support End Date set on the 11th of January 2022, just like the whole SC 2016 stack. Also the Integration Packs for SCOrch 2016 are available for download. So on the outside all seems to be just fine. SCOrch is alive and kicking!

But wait! Hold your horses! Because here the earlier mentioned iceberg comes into play. Time to take a look what’s UNDER the water line, outside the regular view…
image

Yikes! x86 (32-bit) ONLY…
The day 64-bit workloads were special are long gone. All important Microsoft products and services are 64-bit based. Meaning, x86 (32-bits) isn’t default anymore. None the less, SCOrch 2016 is still x86 based and there aren’t any plans at Microsoft to rewrite the code to x64.

Therefore SCOrch native PowerShell (PS) execution runs in a V2.0, 32-bits PowerShell session, causing all kinds of issues. Sure, there are workarounds for it, but still they are workarounds.

Even though SCOrch packs some serious power, the x86 limitation is something to reckon with.

The ‘Engine’ & the ‘Graphical Editor’
These are crucial parts of any automation tool, SCOrch included:

  1. The ‘Engine’ enables the automation tooling to ‘translate’ the defined activities as stated in the runbook (eg. running a script, stopping a service, creating a folder, etc etc). SCOrch runs it’s own runbook engine, using it’s own proprietary runbook format.


  2. The ‘Graphical Editor’ allows for a ‘drag & drop’ experience when creating new runbooks/workflows (Eg: When the printer spooler service stops, restart it. Wait 2 minutes, check the state of the spooler service. When started, close the related Alert. When still not running create a ticket and escalate it to right tiers).

    SCOrch brought this ‘drag & drop’ experience to a whole new level because it doesn’t require any scripting. Just drag & drop the required activities – from the loaded integration packs - to your ‘canvas’, connect them as required, apply filters/criteria and so on and be ‘done’ with it. Of course, good Runbook authoring is far more complicated, all I am trying to do here to share the basics of how it’s done. The gest of this is to say that even without any scripting skills, one can build advanced runbooks with SCOrch.

However, things have moved on. In today’s world many times the on-premise/data center based workloads are connected to the cloud. Whether we’re talking Azure IaaS/PaaS/SaaS or Office 365 for instance here. Whenever automating management of cloud based workloads, PS is a hard requirement, whether you like it or not.

The challenges
And here SCOrch has two serious issues/flaws:

  1. By default SCOrch PS execution runs in 32-bits PowerShell session, missing out many advanced PS features introduced in the x64 editions;
  2. By default the SCOrch engine isn’t PS based.

As such, there will always be a translation from the native SCOrch engine to PS. On top of it, there will be ALSO a translation form x86 to x64 and vice versa…

And as it goes with every translation, there will be a performance penalty. Even worse, the whole chain (SCOrch > AA/SMA > targets to hit with a runbook/workflow) becomes longer and therefore more vulnerable to (human) errors. So why not cut out the ‘middle man’ or in this particular case, SCOrch and start directly with PS? Because SMA and AA both use an identical runbook format based on Windows PowerShell Workflow, x64 based.

No more translation, neither from a proprietary runbook format, nor from x86 PS execution to x64. Nice!

Port SCOrch to x64 and native PS?
For sure. Microsoft could solve it all by rewriting SCOrch in such a way that it would run natively x64 and use the identical runbook format based on Windows PowerShell Workflow. However, Microsoft isn’t going to do that.

Already in 2014(!) Microsoft was pretty clear about the ‘future’ of SCOrch. In 2015 Microsoft published the SCOrch Migration Toolkit (still in beta?!). Around the same date Microsoft also released the SCOrch Integration Modules, being converted SCOrch Integration Packs, ready for import in AA. In 2016 Microsoft published a blog posting about how to use the previously mentioned tools and modules.

And that’s about all the efforts Microsoft aimed at SCOrch specifically… Instead Microsoft tries to push you to AA or (in some cases) SMA, when using WAP. For most people however, AA is the future (at least Microsoft hopes).

Verdict for SCOrch and it’s future
Yes. SCOrch 2016 is available. And it still packs a lot of power. BUT at the end of the day, SCOrch 2016 is dead in the water. Not too many efforts, budget nor resources are allocated to it. Only the bare minimum. Sure it has gotten the 2016 boiler plate AND the related Integration Packs (IPs) are updated to support the 2016 Windows Server workloads. But that’s it.

Nothing new coming out of that door. End of the line for SCOrch 2016 after the 11th of January 2022. Even the recent posting of Microsoft about the new delivery model for the System Center stack is pretty clear about SCOrch: Not a single word about it. Which is a statement on it self.

What to do?
When not using SCOrch, but using other System Center 2016 components of the stack: Think twice. Sure, you already got the licenses for it. But please keep in mind that every effort and investment for SCOrch must be doubled: One time to get it into SCOrch and the second time to get it out to another automation tooling, no matter what you choose for.

When using SCOrch already, it’s time to look for alternatives. Also look OUTSIDE the Microsoft boundaries please. POC the alternatives and look at the possibilities to export the SCOrch based runbooks to your alternative choices. Also test the connectivity with the cloud and on-premise/datacenter based workloads. And TEST and EXPERIENCE how the graphical editors are functioning, how easy they are to operate and last but not least, how easy it is to catch errors and act upon them. AA still has some challenges to address, like the easiness of operation and capturing errors…

Coming up next
In the fourth posting of this series I’ll write about SCDPM (System Center Data Protection Manager). See you all next time.

Friday, June 16, 2017

!!!Hot News!!! Frequent, Continuous Releases Coming For System Center!!!

Wow! For some time Microsoft told their clients that one day the SCCM release cycle, also known as Current Branch (CB), would come (in one form or another) to the rest of the System Center stack.

And FINALLY Microsoft has released more information about how the System Center stack is going to adapt to a faster release cadence.

In a nutshell, this is going to happen:

  1. Microsoft will be delivering features and enhancements on a faster cadence in the next year;
  2. Main focus here will be on the highest priority needs of Microsoft’s customers across System Center components;
  3. There will be releases TWICE per year, in allignment with the Windows Server semi-annual channel;
  4. A technical preview release is planned in the fall with the first production version available early next calendar year;
  5. There will be subsequent releases approximately every six months;
  6. These releases will be available to System Center customers with active Software Assurance;
  7. SCCM/ConfigMgr will continue to offer three releases per year.

In the first release wave the main focus will be on three SC components:

  1. SCOM(!);
  2. SCDPM;
  3. SCVMM.

Key areas of investment will be:

  1. Support for Windows Server & Linux;
  2. Enhanced performance, usability & reliability;
  3. Extensibility with Azure-based security & management services.

What’s in the pipeline for SCOM specifically?

  1. Expanded HTML5 dashboards (FINALLY!!!);
  2. Enhancements in performance & usability;
  3. More integrations with Azure services (eg. integration with Azure Insight & Analytics Service Map);
  4. Improved monitoring for Linux using a FluentD agent.

On top of it all, YOU can influence the upcoming releases! Therefore Microsoft encourages you to join the System Center Tech Community and UserVoice forums to provide your feedback and suggestions.

Go here to read the posting I got all this information from. A BIG thanks to Peter Daalmans who pointed this posting out to me.

Recap
For me this is THE sign that Microsoft has FINALLY decided about the future of the System Center stack, by delivering insight in how they’re going to execute on their previously made promisses to port the SC release cycle more to the Current Branch (CB) model.

As such I expect the end of the notation like SC 2016. It makes sense to introduce a new naming scheme, like YYMM. Example: System Center 1806, refers to the SC release of June 2018. As a result I expect that there will be a new support model as well, just like the one in place for SCCM/ConfigMgr CB.

For now Microsoft is silent about it but to me it looks like the next logical step in it all. It makes no sense to support the new release cadence like the current SC 2016 with a Mainstream Support End Date. Even for a company like Microsoft, it would cost far too much money and resources, better used elsewhere (read: Azure Smile).

None the less, this development is a huge step forward and makes the future of the SC stack much more brighter. For sure, it doesn’t have an eternal live expectation. It never had. But at least there is something of a roadmap. And yes, one day the SC stack will be fully incorporated into Azure, which makes sense as well. But at least for now, Microsoft has recognized the significance of the SC stack.

Wednesday, June 14, 2017

SCOM 2016 Must Haves

Good to know:
This posting is based on the power of the community since it advices MPs, Best Practices and so on, all publicly available for free, shared under the motto:  ‘Sharing is caring’. So all credits should go to the people who made this possible. This posting is nothing but a referral to all content mentioned in this posting.

Why this posting?
’SCOM 2016 is just a little bit more complex compared to Notepad’ I many times say to my customers. Just trying to get the message across that even though SCOM packs quite awesome monitoring power, it still needs attention and knowledge in order to get the most out of it.

Even with the cloud in general and OMS to be more specific, SCOM still deservers it own place and delivers ROI for the years to come. And NO, OMS isn’t SCOM! Enough about that, time to move on…

None the less, everything making SCOM 2016 more robust and/or easier to maintain is a welcome effort. And not just that, but should be used to the fullest extend.

Therefore this posting in which I try to point out the best MPs, fixes, workarounds, tweaks & tricks all aimed at making your life as a SCOM admin more easier. Since content comes and goes, this posting will be updated when required.

I’ve grouped the topics in various area’s, trying to make more accessible for you. There is much to share, so let’s start.


01 – SCOM Web Console REPLACEMENT
Ouch! If there is a SCOM component I really dislike it’s the SCOM WEB Console. Why? It’s too slow, STILL has Silverlight dependencies (yikes!) and misses out on a lot of functionality. As such it’s quite dysfunctional and quite likely to become a BoS (Blob of Software) instead of a many times used SCOM component… Therefore, most of the times I simply don’t install it Smile.

Still, a FUNCTIONAL SCOM Web Console would be great. And when done right, it could be used as a replacement for the SCOM GUI (SCOM Console). But what to use? And when there’s an alternative, for what price?

Stop searching! The SCOM Web Console (and even SCOM GUI) alternative is already there! And yes, it’s a commercial solution. But wait! It has a FREE version, titled Community Edition! It’s HTML5 driven, taps into BOTH SCOM SQL databases, enabling the user to consume both data in ONE screen. So can look at current operational data and cross reference it with data contained in the Data Warehouse!

And not just that, but it’s FAST as well! And I mean REALLY fast!

For many users this product has become a full replacement for BOTH SCOM Consoles. As a result the SCOM GUI is only used for SCOM maintenance by the SCOM admins. The consumption of SCOM data, state information and alerts however is mostly done by using the HTML5 Console.

Yes, I am talking about SquaredUp here. Go here to check it out. Click on pricing to see the available versions, ranging from FREE(!) to Enterprise Application Monitoring.

Oh, and while you’re at it, check out their new Visual Application Discovery & Analysis (VADA) proposition, enabling end users(!) to automatically map the application topologies they’re responsible for, all in the matter of minutes!

Advise: Download the CE version and be amazed about how FAST and good a SCOM Console can be!


02 – Automating SCOM maintenance & checks
I know. The name implies SCOM 2012. But guess what? SCOM 2016 is based on SCOM 2012 R2. As such the MP I am about to advice works just fine in SCOM 2016 environments as well.

Whenever you’re running SCOM 2016 I strongly advise you to import AND tune the OpsMgr 2012 Self Maintenance MP. It helps you to automate many things AND is capable of preventing SCOM MS servers being put into Maintenance Mode (MM). When that happens (and the MP is properly configured!), this MP will remove these SCOM MS servers from MM! Also it’s capable of exporting ALL MPs on a regular basis and keep an archive of these exports for just as many days you prefer.

Please know that ONLY importing this MP won’t do. It requires some tuning, otherwise nothing will happen. Gladly Tao Yang (the person who made this MP) provided a well written guide, explaining EVERYTHING! So RTFM is key here.

Advise: This MP is a MUST for any SCOM 2016 environment. Import and TUNE it.


03 – Prevent SCOM Health Service Restarts (on monitored Windows servers)
The name I am about to mention is of a person who has made SCOM a far more better product then it ever was. Without his efforts, time and investments SCOM would be far more of a challenge to master.

Yeah, I am talking about Kevin Holman. For anyone working with SCOM he doesn’t need any introduction. One of his postings is all about unnecessary restarts of the SCOM Health Service, the very heart of every SCOM Agent installed on any monitored Windows based system.

The same posting refers to TechNet Gallery containing a MP, addressing the causes of this nagging issue. Please RTFM his posting FIRST before importing the MP. As such you’ll differentiate yourself from the monkey in the zoo pushing a button in order to get a banana without ever understanding the mechanisms behind it…

Advise: Import this MP in EVERY SCOM 2016 environment you own.


04 – Registry tweaks for SCOM MS servers
And yes, he also wrote a posting about recommended registry tweaks for SCOM 2016 Management Servers. And YES, he also provided the commands in order to rollout those tweaks.

Again: RTFM first before applying them. Alternative: Press the button and be amazed when a banana appears out of thin air Smile

Advise: Make sure to run these registry tweaks on ALL your SCOM 2016 Management Servers.


05 – SQL RunAs Addendum MP
Like I already stated, we – the SCOM users – own one man in particular a lot of thanks, even when he doesn’t want to hear about it. So it’s the same person here as well we’re talking about.

Until now I haven’t seen any SCOM environment NOT monitoring SQL instances. The SQL MP delivers tons of good information and actionable Alerts on top of it. As such, the SQL MP is imported and configured. The latter WAS quite a challenge, all about making sure SCOM has enough permissions to monitor the SQL instances.

Luckily this difficulty is addressed with the SQL RunAs Addendum MP. Again RTFM! But when read, import the MP and be amazed! Sure, this MP came to be with the effort of many people, so a BIG word of thanks to all the people involved here.

Advice: IMPORT this MP and USE it! It makes your life much easier and saves you lots of time, to be used elsewhere.


06 – Agent Management Pack (MP)
Sure. When SCOM monitors something a Management Pack is required. Without it, NO monitoring. Period. But still, the SCOM Agent running on the monitored Windows Server is also crucial. So all available information on those very same SCOM Agents is welcome, combined with some smart tasks in order to triage or remedy common issues.

Therefore it’s too bad that SCOM out of the box, lacks many of those things. Sure the basics are covered, but that leaves a lot of ground uncovered.

Gladly, a community based MP solves this issue. Again RTFM first before importing this MP, to be found here.

Advice: RTFM, import this MP and soon you’ll find wondering yourself how you ever got along WITHOUT it.


07 – Enable proxy on SCOM Agents as default
Whenever SCOM wants to monitor workloads living outside the boundaries of a server (like SQL, AD and so on) it has to look ‘outside’ that same Windows server. By default the SCOM Agent isn’t allowed to do that, because of security reasons.

Sure, people can hack into anything. But to think that a hacker would impersonate a SCOM Health Service workload, is something else all together. Why? Well the moment a hacker is already that deep into your network changes are far more likely he/she will have found something far more lucrative AND easier to grasp.

None the less, by default the SCOM Agent proxy is disabled by default. Sure, you can enable the Agent Proxy with a scheduled script. But when you’re already applying that workaround (that’s what it is…), why not change the source instead and be done with it?

Go here and follow the advice and apply the scripts. From that moment on the SCOM Agent proxy is ENABLED by DEFAULT. Problem solved. Next!

Advice: Enable the SCOM Agent proxy and forget about it Smile.


08 – SCOM 2016 System Center Core Monitoring Fix
The System Center Core MP from SCOM 2016 (up to UR#3!) contains some issues, as stated by Lerun on TechNet Gallery: ‘…temporary fix for rules and monitors in the System Center Core Monitoring MP shipped with SCOM 2016 (UR3). Issues arise when using WinRM to extract WMI information for some configurations. The issue is reported to Microsoft, though until they make a fix this is the only workaround except from disabling them…’

RTFM his description and import the MP from TechNet Gallery.

Advice: Import this MP and forget about this issue.


09 – SCOM Health Check Report V3
Okay. This MP is written when SCOM 2016 was only a dream. But still this MP works with SCOM 2016. Again RFTM is required here. But again, the guide tells you all there is to know and to DO before importing this MP.

This MP gives you great insight into the health of your SCOM environment and is made by people I highly respect (Pete Zerger and Oskar Landman). Download the MP AND the guide from TechNet Gallery, RTFM the guide, do as stated in the guide, import the MP and be amazed about the tons of worthwhile insights you get.

Advice: Is the MP already in place? If not, please do so now Smile.


As you can see, for now there are 9(!) tweaks, advices, MPs and so on all enabling you to have a better life with SCOM 2016. Feel free to share your experiences, best practices, tweaks and so on.

When double checked, I’ll update this posting accordingly with your name as well of course!