Thursday, February 28, 2013

HOT NEWS!!! Whitepaper ‘The Saga Continues’ Available For Download!

The FREE whitepaper, all about Service Pack 1 for System Center 2012 is NOW available for download!
image

This whitepaper is a joint effort between Savision and Insight24. I had the honors to write that paper which was a good experience.
image

Anyone working with any System Center (2012) product should read this whitepaper since it contains no marketing mumbo jumbo. It has a different angle. Instead of describing only the technology behind SP1 for System Center 2012 it focuses also on the why behind it all, like:

  1. Why does Microsoft invest so much into System Center 2012 (SP1)?
  2. Why did SP1 for System Center 2012 come out so soon after System Center 2012 went RTM?

And also the BIG PICTURE behind it all: of course there is a strategy behind System Center 2012 and its related SP. This strategy is also described in the same white paper.

The whitepaper can be downloaded from the website Savision and from the website of Insight24.

Let me know what you think about it.

Updated MP: Network Load Balancing MP, 6.0.7004.0

Yesterday Microsoft released an updated version of the Network Load Balancing (NLB) MP, version 6.0.7004.0.

This MP supports Windows Server 2008, Windows Server 2008 R2, and Windows Server 2012 NLB clusters.

MP can be downloaded from here.

Updated MP: Failover Cluster MP, 6.0.7005.0

Yesterday Microsoft released an updated version of the Failover Cluster MP, version 6.0.7005.0.

It supports now Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, and Windows Server 2012 clusters.

MP can be downloaded from here.

Tuesday, February 26, 2013

A Gift From Veeam: Free Full Pass To TechEd 2013

Veeam is going crazy! They’re giving away a FREE full pass to TechEd 2013, North America or Europe, depending on the winner’s location.
image

The winner will be selected on March 18. Want to win it? Go here.

System Center 2012 Operations Manager UNLEASHED book is AVAILABLE!!!

The book System Center 2012 Operations Manager UNLEASHED is available from today!
image

I co-authored this book by writing chapter 9, Complex Configurations. It was a unique experience and learned a lot from it. A BIG word of thanks to Kerrie Meyler, Cameron Fuller and John Joyner.

I already respected them but now even more. And an extra special word of thanks to Kerrie for all her patience with me. Much appreciated Kerrie and hopefully we meet at MMS 2013. If so, I’ll buy you a drink!

Paperback can be bought here (at Amazon UK) and the Kindle edition here (also Amazon UK). It seems like the Amazon.com shops aren’t updated yet, but when they are I’ll update this posting.

System Center 2012 SP1 Server-side Components Trouble Shooting Tool

Some days ago Microsoft released a tool targeted at troubleshooting System Center 2012 SP1 Server-side components, System Center 2012 SP1 Configuration Analyzer. This tool is an add-on for Microsoft Baseline Configuration Analyzer 2.1.

As Microsoft describes this tool (taken directly from the related website):

‘…The System Center 2012 SP1 Configuration Analyzer is your first line of defense in troubleshooting issues with System Center 2012 SP1 server-side components. The System Center 2012 SP1 Configuration Analyzer is a diagnostic tool that you can use to evaluate important configuration settings for computers that are running any of the following System Center 2012 SP1 components: Operations Manager, Virtual Machine Manager (VMM), Service Manager, Orchestrator (plus Service Provider Foundation), Configuration Manager, and Data Protection Manager (DPM)

There are some things to reckon with:

  1. The tool is an add-on for Microsoft Baseline Configuration Analyzer 2.1
    Basically meaning this tool has to be installed FIRST. This tool can be found here.

  2. The download webpage states it’s version 2.0?
    Yes, that’s correct. It’s apparently the most current version (2/7/2013) and works with System Center 2012 SP1 Configuration Analyzer.

  3. First things first
    Install Microsoft Baseline Configuration Analyzer 2.0 (MBCA) afterwards System Center 2012 SP1 Configuration Analyzer. Then run MBCA > under the header Select a product select System Center 2012 SP1 Configuration Analyzer and of you go.
    image

  4. Error: Something about Credssp to be enabled on remote servers to check configurations
    Yes, the security in Windows Server 2012 is tight (don’t know whether the same issue is at play on Windows Server 2008 R2 SP1 servers) and when trying to check a remote server (the MS02) I got this error: ‘…Microsoft Baseline Configuration Analyzer 2.0 for System Center 2012 SP1 requires Credssp to be enabled on DB01 to check configurations for the module CM_CA. You must enable Credssp or run Microsoft Baseline Configuration Analyzer 2.0 from the local machine…’
    image

    Gladly, the solutions are shown as well which is a two step process:
    Step 01: Run this PS command on the server you’re running MBCA from:
    Enable-WSManCredSSP -Role Client -DelegateComputer [target machine name]
    image

    Step 02: Run this PS command on the server you’re going to scan with MBCA:
    Enable-WsManCredssp -Role Server
    image
    Now MBCA will run just fine.

    When scanning a whole set of servers it’s better to create a GPO for those servers, saves you a lot of time, also partially explained in the same error message shown by MBCA: ‘…Use gpedit.msc and look at the following policy: Computer Configuration -> Administrative Templates -> System -> Credentials Delegation -> Allow Delegating Fresh Credentials.  Verify that it is enabled and configured with an SPN appropriate for the target computer. For example, for a target computer name "myserver.domain.com", the SPN can be one of the following: WSMAN/myserver.domain.com or WSMAN/*.domain.com. For more information, see the about_Remote_Troubleshooting Help topic…’

This tool can aid you when troubleshooting issues with your SC 2012 SP1 management servers. However, the good old Event Viewer still packs tons of solid information for troubleshooting as well. Combined they pack a lot of power.

Monday, February 25, 2013

OM12 SP1 Operations Manager Shell: Renamed CMDLETS

In OM12 (SP1) many SCOM 2007 PS CMDLETS are renamed. This is a list of those CMDLETS. Bookmark this posting so you always have them at hand.
SCOM 2007 OM12
Add-ConnectorToTier Add-SCOMTierConnector
Add-RemotelyManagedComputer Add-SCOMAgentlessManagedComputer
Add-UserToUserRole Set-SCOMUserRole
Approve-AgentPendingAction Approve-SCOMPendingManagement
Disable-NotificationSubscription Disable-SCOMNotificationSubscription
Disable-Rule Disable-SCOMRule
Enable-NotificationSubscription Enable-SCOMNotificationSubscription
Enable-Rule Enable-SCOMRule
Export-ManagementPack Export-SCOMManagementPack
Get-Agent Get-SCOMAgent
Get-AgentPendingAction Get-SCOMPendingManagement
Get-Alert Get-SCOMAlert?
Get-AlertHistory Get-SCOMAlertHistory
Get-Connector Get-SCOMConnector
Get-DefaultSetting Get-SCOM<SettingName>Setting
Get-Diagnostic Get-SCOMDiagnostic
Get-Discovery Get-SCOMDiscovery
Get-Event Get-SCOMEvent
Get-FailoverManagementServer Get-SCOMParentManagementServer
Get-GatewayManagementServer Get-SCOMGatewayManagementServer
Get-MaintenanceWindow Get-SCOMMaintenanceMode?
Get-ManagementGroupConnection Get-SCOMManagementGroupConnection
Get-ManagementPack Get-SCOMManagementPack
Get-ManagementServer Get-SCOMManagementServer
Get-Monitor Get-SCOMMonitor
Get-MonitorHierarchy Get-SCOMMonitor
Get-MonitoringClass Get-SCOMClass
Get-MonitoringObject Get-SCOMClassInstance
Get-MonitoringObjectGroup Get-SCOMGroup
Get-NotificationAction Get-SCOMNotificationChannel
Get-NotificationEndpoint Get-SCOMNotificationChannel
Get-NotificationRecipient Get-SCOMNotificationSubscriber
Get-NotificationSubscription Get-SCOMNotificationSubscription
Get-Override Get-SCOMOverride
Get-OperationsManagerCommand Get-SCOMCommand
Get-PrimaryManagementServer Get-SCOMParentManagementServer
Get-Recovery Get-SCOMRecovery
Get-RelationshipClass Get-SCOMRelationship
Get-RelationshipObject Get-SCOMRelationshipInstance
Get-RemotelyManagedComputer Get-SCOMAgentlessManagedComputer
Get-ResultantCategoryOverride Get-SCOMOverrideResult
Get-ResultantRuleOverride Get-SCOMOverrideResult
Get-ResultantUnitMonitorOverride Get-SCOMOverrideResult
Get-RootManagementServer Get-SCOMRMSEmulator
Get-Rule Get-SCOMRule
Get-RunAsAccount Get-SCOMRunAsAccount
Get-Task Get-SCOMTask
Get-TaskResult Get-SCOMTaskResult
Get-UserRole Get-SCOMUserRole
Install-Agent Install-SCOMAgent
Install-AgentByName Install-SCOMAgent
Install-ManagementPack Import-SCOMManagementPack
New-LdapQueryDiscoveryCriteria Install-SCOMAgent
New-MaintenanceWindow Start-SCOMMaintenanceMode
New-ManagementGroupConnection New-SCOMManagementGroupConnection
New-Tier Add-SCOMTieredManagementGroup
New-WindowsDiscoveryConfiguration Install-SCOMAgent
Reject-AgentPendingAction Deny-SCOMPendingManagement
Remove-ConnectorFromTier Remove-SCOMTierConnector
Remove-DisabledMonitoringObject Remove-SCOMDisabledClassInstance
Remove-ManagementGroupConnection Remove-SCOMManagementGroupConnection
Remove-RemotelyManagedComputer Remove-SCOMAgentlessManagedComputer
Remove-Tier Remove-SCOMTieredManagementGroup
Resolve-Alert Set-SCOMAlert
Set-AlertDestination Set-SCOMAlert
Set-DefaultSetting Set-SCOM<SettingName>Setting
Set-ManagementServer Set-SCOMParentManagementServer
Set-ProxyAgent Set-SCOMAgentlessManagedComputer
Start-Discovery Install-SCOMAgent
Start-Task Start-SCOMTask
Uninstall-Agent Uninstall-SCOMAgent
Uninstall-ManagementPack Remove-SCOMManagementPack

OM12 SP1 Operations Manager Shell Fails With Error: “Import-Module : The specified module 'OperationsManager' was not loaded”

Bumped into this issue with my one of my test labs. It ran SCOM 2007 R2 CU#6, was upgraded to OM12 RTM then to OM12 SP1. Afterwards the underlying Windows Server OS was upgraded to Windows Server 2012.

Issue
Even though everything seemed to working just fine, OM12 SP1 Operations Manager Shell failed to work afterwards. All I got was this annoying error when trying to run it: ‘…Import-Module : The specified module 'OperationsManager' was not loaded because no valid module file was found in any module directory…’
image

And no matter what I did or tried, this error kept coming back biting me. Both OM12 SP1 Management Servers had the same issue. Also recreating the shortcut as stated here didn’t make any difference so it was time for another approach.

Cause
Since these Management Servers were the ‘victim’ of so many upgrades (SCOM 2007 R2 > OM12 RTM > OM12 SP1 and Windows Server 2008 R2 SP1 > Windows Server 2012) I suspect something went wrong during one of those upgrades. Also because the other OM12 SP1 Management Server had the same issue as well.

Solution
I made a snapshot of both OM12 SP1 Management Servers opened Programs and Features, removed the Console and reinstalled it. Afterwards all was fine again and the OM12 SP1 Manager Shell loads and runs as expected!
image

Detailed steps:

  1. In Windows Server 2012 go to Programs and Features
    image
  2. Right click System Center 2012 – Operations Manager > Uninstall/Change > Remove a Feature;
    image
  3. Select ONLY the feature Operations Console > Uninstall. The Console (and the faulty PS module!) will be installed now;
    image

    Removal is completed within a few seconds:
    image
    > Close.
  4. Now it’s time to reinstall the Console (and the PS module): Go to Programs and Features > right click System Center 2012 – Operations Manager > Uninstall/Change > Add a Feature;
    image
  5. Select the feature Operations Console > Next > Next > make your choices for CEIP and Error Reporting > Next > Install. The Console (and a brand new PS module!) will be installed now;
    image

    The Console and the PS module are successfully installed now (takes a few seconds):
    image
    > Close.
  6. Run the OM12 SP1 Operations Manager Shell and be amazed Smile:
    image
  7. Don’t forget to apply any UR# so everything in your OM12 SP1 MG is on the same level.

Recap
When the OM12 SP1 Operations Manager Shell doesn’t work, no matter what you try to fix it, a reinstall of the OM12 SP1 Console will fix the issues Smile.

Thursday, February 21, 2013

OM12 & WS 2012: Making The OM12 Management Console High Available

Since OM12 Management Servers do share the same functionality which was hosted originally by the RMS in SCOM 2007 (RTM/SP1/R2), it’s easy to make the OM12 Management Console high available by using Network Load Balancing.

Yes, you’ll need at least two OM12 Management Servers for it. But IMHO – based on experiences out of the field – any serious OM12 MG should have at least two OM12 Management Servers. Otherwise the Resource Pools won’t be able to function properly.

This posting is based on OM12 SP1 and Windows Server 2012. Both OM12 SP1 MS servers do have only one NIC available, so it’s important to configure the NLB Cluster for multicast. When you don’t do that and use the default setting instead (unicast) the servers might become unreachable.

There is much to tell, so let’s start.

Step 01: Installing NLB on both OM12 MS servers
This is very easy since it’s all wizard driven. Yes, it can be done by PS as well of course. In this posting however I use the GUI for it.

  1. Open Server Manager > Manage > Add Roles and Features > a wizard kicks in now;
  2. Before you begin screen > Next;
  3. Select installation type screen > default selection Role-based or feature-based installation > Next;
  4. Select destination server screen > select the local server > Next;
  5. Select server roles screen > nothing to do here, since NLB is a feature > Next;
  6. Select features screen > select Network Load Balancing > Add Roles and Features Wizard screen appears now, about requiring extra tools to be installed > Add Features
    image
  7. Confirm installation selections screen > Install.
  8. The NLB functionality will be installed now and soon this message will appear: Installation succeeded on <FQDN>.
    image
    > Close.

Repeat these steps for the other OM12 SP1 MS server which will become part of the NLB Cluster.

Step 02: Creating a NLB Cluster
Now it’s time to create the actual NLB Cluster which will be configured in such a manner that it will reroute all the OM12 SP1 Management Console traffic (TCP 5724) to one of the members of the NLB Cluster.

Again, this can be done by PS, but I have configured it all by using the GUI.

  1. Open Server Manager > Tools > Network Load Balancing Manager > a wizard kicks in now;
  2. Click right on Network Load Balancing Clusters and select New Cluster;
    image
  3. Enter the name of the first server which is going to be part of this new NLB Cluster > Connect;
    image
  4. Now the available interfaces will be shown. Select the interface you’re going to use for this NLB Cluster > Next
    image
  5. This screen doesn’t require any modifications > Next;
    image
  6. > Add
    image
  7. Enter the IPv4 address that’s going to be used by the NLB Cluster. I used an IPv4 address in a range outside the IP addresses I use normally for my servers, so it’s easier to differentiate;
    image
    Enter the subnet mask > OK. The screen looks like this now:
    image
    > Next;
  8. Enter the FQDN of the NLB Cluster. In this example I used OM12Console.sc.local. Also select the option Multicast. With servers using a single NIC selecting Unicast will most likely render them inaccessible over the network… > Next;
    image
  9. Now the Port Rules are shown. By default one Port Rule is added but requires some additional attention. Otherwise NLB won’t work as expected…
    image
    > Edit > unselect All so only the IPv4 address of the NLB Cluster is shown;
    > modify Port range to 5724, used by the OM12 Management Console connection;
    > Set Protocols to TCP only;
    > Set Affinity to None;
    Now your screen should look like this:
    image
    > OK > Finish.
  10. Now the NLB Cluster will be created and the first NLB node added to it. This might take a few minutes and during this time your network connection will bounce a few times. But when the NLB Cluster is configured properly, the connection will be OK again;
  11. In the Network Load Balancing Manager screen the progress will be shown, when all is OK you should see something similar to this:
    image
  12. In the same screen you’ll see also this:
    image
    So you know for sure the NLB Cluster is OK and the first NLB node is up & running!

Before we add the second OM12 SP1 MS server to the NLB Cluster we’re going to do something else first: adding a new Host record on our DNS server so the IPv4 address is properly resolved.

Step 03: Creating a proper Host (A or AAA) record for the NLB Cluster
This is easy as well. Open the DNS snap-in and simply add a host record for the NLB Cluster. In this case the name is OM12Console (sc.local will be added automatically) and the IPv4 address is 192.168.137.200:
image

Before we add the second OM12 SP1 MS server to the NLB Cluster, it’s better to test the functionality of the NLB Cluster first. When only one NLB node is added, it’s easier to troubleshoot.

Step 04: Testing the NLB Cluster for the OM12 SP1 Management Console connection
Also easy. Simply add the feature Telnet Client to your server and start a cmd-prompt.

  1. Enter this command: telnet <FQDN of NLB Cluster> 5724 and hit enter.
    image
  2. When all is well you should see a black cmd-prompt screen, basically telling you the NLB Cluster is up and running and handling OM12 SP1 Management Console connections!
    image

Step 05: Adding the second OM12 SP1 MS server to the NLB Cluster
Yeah, I know, finally! But at least we know by now all is working as intended, which is very important.

  1. In Network Load Balancing Manager right click on the NLB Cluster you created earlier in Step 02  > Add Host to Cluster;
  2. Enter the name of the second OM12 SP1 MS server you want to add to the NLB Cluster > Connect > select the interface you want to use for the NLB Cluster > Next;
    image
  3. Don’t modify anything in this screen > Next;
    image
  4. The Port Rules are good as they are, so no modification required > Finish;
    image
  5. Now the second OM12 SP1 MS server will be added to the NLB Cluster. Again this can take some minutes and during this time your network connection will bounce a few times. But when the NLB Cluster is configured properly, the connection will be OK again;
  6. In the Network Load Balancing Manager screen the progress will be shown, when all is OK you should see something similar to this:
    image
  7. In the same screen you’ll see also this:
    image
    So you know for sure the whole NLB Cluster is OK and the both NLB nodes are up & running!

Step 06: The Real Word
So now we have our NLB Cluster in place. Let’s test it with the OM12 SP1 Management Console.

  1. Start the OM12 SP1 Management Console. By default it will connect to the OM12 SP1 MS server it connected to the last time;
  2. In the OM12 SP1 Management Console go to Tools > Connect;
    image
  3. Enter the FQDN of the NLB Cluster in the Server name box > Connect;
    image
  4. Since it’s the first time this connection is used it will take a few seconds extra, so be patient. But soon enough you’ll see this in the left bottom of the OM12 SP1 Management Console:
    image
  5. And then you’ll see this:
    image

Three tests to see it’s really working:

  1. Open a cmd-prompt, enter this command: netstat <enter>. Scroll through the list and you’ll see an entry like this:
    image
  2. In the OM12 SP1 Management Console go to Tools > Connect
    image
    You’ll see the Recent Connections (only the successful connections will be shown here!) and among them the FQDN of the NLB Cluster will be shown!
  3. The REAL TEST:
    1. Open an OM12 SP1 Management Console on a system which isn’t an OM12 SP1 MS server; 
    2. Connect the Console to the FQDN of the NLB Cluster;
    3. When the connection is made and the Console is working, look for EventID 26328, source OpsMgr SDK Service in the OpsMgr event logs of the OM12 SP1 MS servers in order to know to what OM12 SP1 MS server the Console is connected to;
    4. Stop the Data Access service (System Center Data Access Service) on that server and set it (temporarily!) to Manual so OM12 won’t start it for you;
    5. Go back to the OM12 SP1 Management Console. It will throw a SDK error;
    6. After a minute or so the OM12 SP1 Management Console will continue working since it’s reconnected to the other node of the NLB Cluster. Test it by clicking on any View in the Console;
    7. In order to check it, look for EventID 26328, source OpsMgr SDK Service in the OpsMgr event log of the OM12 SP1 MS which is the node of the NLB Cluster with the running Data Access service.
    8. Don’t forget to start the Data Access service again on the OM12 SP1 MS server where you stopped it previously (Step 3.4) and set it to start Automatically again.

Recap
Configuring NLB for the OM12 Management Console isn’t hard at all and will make your OM12 environment even more robust, without making huge investments. One thing to reckon with though: in this posting I used servers with only one NIC. In real life it’s better to use a dedicated NIC for it.