Tuesday, August 25, 2015

RANT! Like ‘Developers, Developers, Developers!’ But Instead: ‘IP! IP! IP! IP!’

Spoiler Alert
This posting is not something like you’re used from me since it’s a genuine RANT. Until now my blog has stayed away from rants. But this is a ‘special’ situation, calling for special counter measures.

image

Suppose
You’re gifted with programming. You feel yourself comfortable with different kinds of programming languages, SDK’s and the lot. Also PowerShell hasn’t too many secrets. And when something is lacking, you’re skilled enough to build it yourself. So in a few years time you build your self a kick ass kit packed with add-ons, extensions, workflows, management packs and so on.

All produced in an ever ongoing effort to lighten the work load and let the products work for you instead the other way around.

On top of that…
You’re also someone who likes to share and contribute to the community out there. So – without being obliged in any kind of way – you share some quite nice and awesome stuff. And not just the ‘word’ like ‘…Hey! I fixed this issue, but I am only telling you, not giving it away!’ but the WHOLE deal. So with the word comes the ‘package’ e.g. the related add-ons/extension/MP/workflow.

In this case the community benefits from it. They acknowledge the mentioned issue and are free to download the ‘fix’ for it as well. Based on their experience they deliver feedback, enabling the ‘developer’ to fix some issues, add new functionality and so on. And a newer version sees the light, is shared, receives feedback, is updated and so on.

This is something which I highly appreciate. With my blog I do my utmost best in order to contribute to that very same community and mechanism.

No leprechauns….
Even though a blog posting is written pretty fast, it takes TIME to write good and fully functional PS scripts, develop MPs, add-ons, extensions or workflows. 99 out of 100 times this happens outside the regular working hours. All done without the help of those epic leprechauns.

As it turns out, they don’t show themselves that easy in the real world! So the persons sharing their knowledge, experience and self developed software, do this in their OWN time.

But that’s what it takes to contribute to the community. Not an issue what so ever. The community, or the fast majority that is, respects this. They download it, use it and – when they find the time – they say thanks.

IP (Intellectual Property)
Whether a MP/add-on/extension/workflow is for sale or available for free in the community, there is still something like Intellectual Property. And no matter what, people have to respect that.
image

 

 

 

 

 

 

<Rant>
A minority however, has less respect for those community efforts in general and IP in particular. And even here one finds different levels of that ‘disrespect’.

Example: Sometimes people ‘use’ (PS) scripts, add their own name to it and ‘forget’ to refer to the source. This is minor and will only create challenges for the people involved in that kind of ‘using’ community based efforts. Simply because they create an image of themselves being capable to write such (PS) scripts. Apparently they lack a certain degree of confidence in themselves, so they pretend to be the very author of it. Sooner or later they will be noticed, for example a (PS) script needs to made in the matter of minutes in order to fix a Prio 1 issue. For copy cats this isn’t the place to be Smile.

With the previous mentioned example, there is already a dent in that respect for IP. Still, it’s minor. Now we’ll skip many degrees of disrespect for IP and take a deep dive. Where does it end?

Rock bottom!

Let’s go into the very sewers of disrespect for IP. Please zip up in a protective suit, duck tape the gloves to your sleeves and your trousers to your boots. Put on your gasmask and carry a bottle of oxygen, since this is really really a dirty swamp environment where poisonous gasses and fumes have replaced the normal breathable air. Never ever go alone out there, but in pairs and let the people above know where you’re going. And when you aren’t back within an hour, let them raise the alarm and send in the rescue teams!

As it turns out, some ‘people’ live here! Seriously! I expected some bacteria living of the foul. Microbes, totally adjusted to this environment. But humans?

However the ‘humans’ living here, do have a special ‘trade’:

They ‘borrow’ IP from other persons, ‘shrink wrap’ it
& SELL it as their OWN SOLUTION!!!

image

Kaboom! Rock bottom it is!

</Rant>

Recap
All this happened to a person who I highly respect. Not only for his skills, but also as a person and for his contributions to the community as a whole. I am a member of the very same community, hence this rant.

He has posted an article about this issue on his blog. PLEASE read this posting, since it will help you saving money, refraining you from buying software which IP is stolen. And even more, the very same software is available for FREE from the community!

Friday, August 21, 2015

Nano & Windows Server Containers: TP3 SC 2016 & WS 2016 Released

Yesterday Microsoft released Technical Preview 3 (TP3) of System Center 2016 and Windows Server 2016.

For any one working in IT I highly recommend to take a closer look at two of the new technologies present in TP3 Windows Server 2016 (some of them were already present in earlier TP versions). IMHO these two technologies are really groundbreaking and will have a huge impact as we ‘do’ IT today.

01: Nano Server
As Jeffrey Snover states: ‘…It's like Server Core, except that it's 20 times smaller. The compressed size or reduced server "footprint" brings a number of benefits, including fewer security vulnerabilities to address, reduced patch and reboot times, and scalability improvements…’

02: Windows Server Containers
A technology known in the Linux world for some time. It’s also known as stateless (Server) OS virtualization. It’s more lightweight & efficient because it uses the shared resources of a host OS - rather than "heavier" virtual machines (VMs) - to run applications in. A Windows Server Container is deployed in the matter of seconds!

Other useful links
Besides Nano and Containers there is much more to TP3 of System Center 2016 & Windows Server 2016. Since there are many articles on those topics to be found on the internet, there is no need to repeat it here. Therefore I’ve put together some of the most interesting links all about this topic.

DPM 2012 R2 UR#7: Hotfix

Yesterday Microsoft published a hotfix to resolve an issue when you’ve got UR#7 installed for System Center 2012 R2 – Data Protection.

UR7 DPM 2012 R2 might result in DPM not being able to cleanup expired disk based recovery points.

The hotfix to resolve this issue can be found here.

Thursday, August 20, 2015

Issue With Update Rollups& OMS Based Agents

Issue
When applying any SCOM 2012 R2 Update Rollup (UR), you might bump into an issue where you can’t update some Microsoft Monitoring Agents (MMA).

When trying to apply the related UR locally on the server, this error message will be shown: The upgrade patch cannot be installed by the Windows Installer service because the program to be upgraded may be missing, or the upgrade patch may update a different version of the program:
image

Cause
As it turns out, this may happen on servers where the OMS based MMA is installed AND is configured not only to communicate with the OMS Workspace but also with an on-prem SCOM 2012x MG. MMAs like these can’t be updated with any UR for SCOM 2012x.

Solution 01 – Maintaining the OMS Connection
The most recent version of the OMS based MMA is 7.2.10375.0. So check the version of that OMS MMA on that server:

  1. On that server: Go to the folder C:\Program Files\Microsoft Monitoring Agent\Agent and check the file version of the HealthService.exe file. When it’s version 7.2.10375.0, no additional actions are required.
  2. When it’s older, download the latest OMS MMA by using the OMS portal > Sign in > select your workspace (upper right corner) > click it with the settings icon > Connected Sources.
  3. Download the OMS MMA for the correct architecture (x64 or x86) and install it by choosing the Upgrade option when the installer is run.

Solution 02 – Breaking the OMS Connection
This ‘solution’ breaks the OMS connection, so think twice before continuing!

  1. On that server: Remove the OMS based MMA through the Programs and Features control panel applet;
  2. From the SCOM 2012x Console: Start a push installation and the SCOM Agent will be installed with the latest UR as well.

PowerShell: HTML Reports UR Level SCOM Agents

Challenge
When running a SCOM environment, it’s already a bit of a challenge to apply an Update Rollup (UR) package. And this challenge is mostly caused by the fact that EVERY monitored Windows system has to be ‘touched’ because the Microsoft Monitoring Agent (MMA) requires that UR.

So Change Management is required. But even when the related RFC’s have passed the CAB, another challenge remains: WHICH Windows systems are patched, and which aren’t?

Yes, the SCOM Console has a nice view all about the patch level of the MMAs. But making a quick count of those systems (which are and which aren’t updated) can take some time which could be spend better. And the bigger your SCOM environment, the more time it takes.

Again: PowerShell to the rescue!
Gladly enough there is PowerShell. And with some basic PS scripting a lot can be achieved.

So I’ve made a PS script which queries the SCOM MG for ALL the MMAs and their UR level. These results are piped into TWO HTML reports: one containing all the MMAs not on the expected UR level and the second one containing all the MMAs on the expected UR level.

In order to visualize it even better, both reports use other formatting by using two different CSS files. Both reports show additional information on the MMA’s as well:

  1. Version level;
  2. Patch List;
  3. Whether the MMA is manually installed or not.

Some examples
The HTML report containing the MMAs NOT on the expected UR level:
image

The HTML report containing the MMAs on the expected UR level:
image

What it needs in order to run
Besides the obvious (it must be run from a system where the SCOM 2012x Console is installed AND under an account which has SCOM permissions), this PS script requires only two inputs from you:

  1. The FQDN of the SCOM 2012x Management Server to connect to:
    Line 9, replace <FQDN OF THE SCOM 2012 MS SERVER> with the MS server of your SCOM MG.
    image

  2. The UR Level to check for.
    Line 114, replace the number (6 in this example) with the UR level to check for.
    image

That’s all there is to it. And to make it easier, the HTML files have the name of the Management Group it touched and the UR level checked for. Also the MG name and UR level checked for are displayed in the HTML reports themselves.

Script can be downloaded from here.

Remark
This PS script is tested only in SCOM 2012 R2. It should work in SCOM 2012 SP1/RTM as well but it hasn’t been tested.

New Kid In Town? Not Quite…

Some background information
I guess many people already know him. He’s a former UK based MVP and ran his own blog all about System Center. He has a very good track record and knows a lot about other – SC related – technologies as well. Before he started blogging he was very active on the TechNet forums for System Center. He answered many questions, thus helping many people along in dealing with the every day challenges of managing the System Center products.

Then for a while his blog became silent. Also his presence on the TechNet forums took a dip.

The famous Terminator quote: ‘I’ll Be Back…’
But now he’s BACK! In a new position that is, since he has joined Microsoft UK as a PFE! So that’s good news for Microsoft UK and all other System Center PFE’s, since their team has gained a member who has a huge experience with the System Center stack.

But there is more. He’s also back on the blogging scene since he’s contributing to the PFE UK Manageability team blog, AKA The Manageability Guys. A blog I pointed out earlier to keep an eye on since the content of that blog is really good. And with his contributions it got even better!

These are his three latest postings:

  1. Distributed Applications in a Snippet
  2. Dynamic SQL Computer Group with Health Service Watcher Objects
  3. State Tiles Widget + PowerShell Widget

And there is more to come! So keep an eye out on the blog of the PFE UK Manageability team.

Who is he?!
Okay, here is his name: Graham Davies. Welcome back!

Updated MP: Server OS Version 6.0.7297.0

A few days ago Microsoft released an updated version of their ‘bread & butter’ MP, the Windows Server OS MP, version 6.0.7297.0.

Changes in this updated MP are (taken directly from the MP guide):

  • In 2008, 2012 platforms, the “Logical Disk Free Space (%) Low” monitor do not alert as expected when free space is 0%. With this fix, this monitor will alert when free space is 0%
  • In all platforms, logical disks are un-discovered if we configure them as Asymmetric storage on Failover Cluster. With this fix, this issue will be resolved
  • The Windows Server OS Management pack collects logical disk size is megabytes. During discovery this value used to be assigned to integer property. When logical disk size is significantly large (for example, when disk is of several petabytes), in megabytes format it goes out of boundaries of integer type. As a result the workflow fails while trying to insert discovery data. To support large logical disk another double properties was introduced, since double type has much more wide values range. Old integer property with constant “-1” value is preserved for upgrade compatibility and marked as DEPRECETED
  • “Volume Mount Points on Dynamic Disks” aren’t discovered by Microsoft Windows Server 2012 Discovery MP. With this fix, this issue will be resolved
  • MP has been modified to not discover System Reserved volumes on Windows Server 2012 to ensure it is consistent with the rest of the OS versions.

The MP can be downloaded from here.

Wednesday, August 19, 2015

MMA 2012 R2 Update/Uninstall Error: This Patch Package Could Not Be Opened

Issue
When trying to update/uninstall a SCOM 2012 R2 Microsoft Monitoring Agent (MMA) this error can be thrown: This patch package could not be opened. Verify that patch package exists and that can access it.

Cause
Registry corruption.

Fix
Simple and straight forward. Follow this procedure:

  1. Start regedit. For SCOM 2012 R2 MMA locate this key: HKEY_CLASSES_ROOT\Installer\Products\5C0796876F6E14A42B83EA524D9BE1AE\Patches.
  2. Make an export of this key before proceeding!!!
  3. Find the REG_MULTI-SZ entry Patches, open it and REMOVE all entries > OK.
  4. The update (UR installation) or removal of the MMA runs just fine now.

Tips & Tricks
When running SCOM 2012 RTM MMA, the regkey should be: 9D603783EC87E0E49B25825AC0.

When running SCOM 2012 SP1 MMA, I don’t know the regkey, but the registry edito will help you:

  1. Start regedit. For SCOM 2012 R2 MMA locate this key: HKEY_CLASSES_ROOT\Installer\Products
  2. Hit <CTRL> <F> and type Monitoring Agent in the search box > Find Next;
  3. Soon the correct key will be found. To be sure, check the ProductName entry. It should have this entry: Microsoft Monitoring Agent. When it does: Follow Steps 2 to 4 of the Fix.

Thursday, August 13, 2015

Windows 10? YES Thank You. Using Dedup On W8.1? Hold Your Horses!!!

Ouch!
When Windows 10 came out I upgraded my home systems right away. No sweat. Walk in the park. Next > next > finish experience. Still happy about those upgrades.

HOWEVER…
When I decided to upgrade my work system I FORGOT to check ONE thing: dedup. I know. It’s not officially supported on W8.x but it WORKS and does an AWESOME job. Saves a LOT of space on the SSD containing the VMs I run on the laptop.

But AFTER the system was upgraded, those dedup volumes started having issues. Like… VMs not working. Ouch!

And before W10 became GA, there was a workaround for it in order to get it working on W10 (Preview) as well. But now with W10 being GA, that workaround doesn’t do the trick anymore…

Back to W8.1 it is!
So after giving it some quick thoughts I decided to do a roll back from W10 to W8.1. And that worked as a charm as well. Within 30 minutes I had my good ol’ W8.1 system back WITH dedup!

Make dedup a SUPPORTED feature in W10 please
Vote here and here in order to try to make dedup a supported feature in W10. IMHO, since W10 supports the Hyper-V ‘role’, dedup should be part of it simply because many W10 systems don’t have that much storage to go around…

SCOM 2012 R2 UR#7 Released!

As stated earlier, SCOM 2012 R2 UR#7 was withdrawn by Microsoft since some issues were reported.

Yesterday Microsoft released the ‘fixed’ version of UR#7 for SCOM 2012 R2 as KB3064919. It contains some security updates as well this UR, among quite a few fixes.

Also the new branding of Operations Management Suite (OMS) is to be found in this UR. So Operational Insights is no more in SCOM 2012 R2 after applying this update.

Even though this UR is highly recommended, I urge you to TEST it first in a SCOM test environment before applying it in production. But that’s just me…

Friday, August 7, 2015

PowerShell: Identifying SCOM Operational Alerts & Modifying Resolution State

Case
In my line of work I see quite a few SCOM 2012x environments. And most of the times these environments do share many similarities, besides the obvious ones of course. The one that stands out the most are Alerts related to the operation of SCOM itself.

Some examples of the Alerts I am talking about:

  • Operations Manager Failed to convert performance data
  • Operations Manager failed to run a WMI query
  • Operations Manager failed to start a process
  • Power Shell Script failed to run

The ‘funny’ thing is that Alerts like these do have a huge change of slipping through the system. Not because the people want them to slip through, but because it’s just how the system ‘works’. Meaning, SQL Alerts are forwarded to the DBA’s, Exchange/Lync Alerts are forwarded to the communication experts and so on.

But many times the management of SCOM itself is done by people who have tons of other stuff on their plate. And since the SCOM Console still functions, and the other disciplines (like DBA’s and the communication experts) don’t complain about SCOM, those people think SCOM is just okay, so they just ignore those Alerts.

And that’s bad since many times these Alerts are tell tale signs SOMETHING is not 100% okay with your environment. And additional attention is required. When not, changes are more than likely sooner or later SCOM will start having serious issues, like a performance hit or a ‘dent’ in the availability or total coverage of the monitoring solution.

Therefore it’s important to filter out those Alerts, pipe them into their own View and have a HTML Report on them. Much of this can be done by using two PS scripts. One of them needs to be run by the Task Scheduler on a regular basis, another can be run manually when required.

What it does and DOESN’T do…
No. These PS scripts WON’T solve the operational SCOM Alerts for you. However, it will help you to identify them much quicker and get a count on them as well in order to see what type of operational SCOM Alerts are happening the most, enabling you to quickly identify the most urgent matters at hand.

How these scripts work
As stated before, two PS scripts are needed here. The first one is the PS script (Flip Alerts to SCOM Operational Alert ResState.ps1) which must be run by the Task Scheduler or software which does just that (System Center Orchestrator for instance).

This PS script identifies the SCOM operational Alerts and ‘flips’ their Resolution State to one specifically made for SCOM operational Alerts. This PS script reads the text file (SCOMOpertionalAlerts.txt) containing the names of all SCOM operational Alerts.

Reason for this separate text file is simple. Every SCOM environment is different, so you might have different SCOM operational Alerts at hand. So the PS script has to check for different Alert names. By putting those Alert names in a dedicated text file, it’s way much easier to modify it. Instead of modifying the PS script, all you’ve got to do is to modify the related text file.

The second PS script (Sort all open SCOM Operational Alerts - Highest on top - HTML Report.ps1) is run manually. It will enumerate the SCOM operation Alerts, count them, put the highest count on top and pipes the output into a CSS formatted HTML file (Overview SCOM Operational Alerts.html) which will opened by the same PS script as well.

Required preparations
Before you start using these PS scripts some preparations are required. I will only share the highlights since I safely presume you know perfectly how to do this. So no need to repeat the obvious…

  1. Create a new Resolution State, especially for the SCOM operational Alerts, like ‘SCOM Operational Alert’:
    image
  2. Create a new View (not in the Default MP!) showing these new SCOM Operational Alerts:
    image

All set, ready to rock!
Now all is set. Just download the required PS scripts, modify them as required (name of the SCOM 2012x MS server to connect to, text file location, Resolution State number and so on…), and run them.

The PS script Flip Alerts to SCOM Operational Alert ResState.ps1 is the one to be scheduled to run once per our , 24/7. It uses the text file SCOMOpertionalAlerts.txt, which must be saved in a folder. Don’t forget to modify the scheduled PS script so it’s capable to locate it in the correct folder!

The PS script Sort all open SCOM Operational Alerts - Highest on top - HTML Report.ps1 is run manually when required.

Some examples (screenshots)
The Alert View itself in the SCOM Console, fed by the scheduled PS script:
image

The HTML report Overview SCOM Operational Alerts.html, shown after the other PS script is manually run:
image

Feel free to download these PS script (don’t forget the related txt file!) and use them as required. Please let me know when you’ve modified it into something better. I’ll update this posting accordingly.

Monday, August 3, 2015

Cross Post: SCOM (Web) Console Examples

A blogger by the name vmcharlie published a very interesting posting all about visualizing SCOM data to the correct owners.

In this posting it’s all about the Veeam MP and the power of it. Still it can be leveraged to SCOM 2012x in general.

IMHO this is the true power of any monitoring solution: VISUALIZING the collected data to the correct owners so they know – with a single glance – what’s going on and what to do.

A BIG thanks to @VMhenk for sharing this posting with me. Much appreciated.

Cross Post: SCOM & SQL – Which Came First?

The causality dilemma ‘The chicken or the egg’ is known to everyone. And even today it can lead to some good discussions. And after a few beers it can end up quite hilarious…

With SCOM & SQL one could almost ask the same question. However here one thing is clear: Without SQL there is simply NO SCOM. And without SCOM, many SQL instances happily exist. So this isn’t a really dilemma.

Maintenance please!
However, as it’s evident SCOM requires SQL in order to simply function, it goes without any question that the very same SCOM SQL databases need to be in top notch condition. When there something amiss, rather sooner than later you’re going to notice it in the overall performance of SCOM for instance.

Out of the box SCOM 2012x already runs a some maintenance jobs against it’s own databases. It’s important to know EXACTLY what these jobs do and what tables are touched. Because when you don’t and your DBA’s are doing the same, it will work counter productive, resulting in a various set of SCOM issues.

Some explanation is required…
Gladly Kevin Holman has rewritten a blog posting he published some years ago. In that blog posting he wrote about the maintenance jobs SCOM 2007x performs out of the box.

The new updated posting is all about these jobs executed by SCOM 2012x. So ANYONE running a SCOM 2012x environment this posting is a MUST read. And don’t hesitate to discuss it with your DBA’s.

Thanks Kevin for sharing it with us. Much appreciated.

SCOM 2012 R2 UR#7 Release Delayed For Some Time…

Update 13th of August 2015: UR#7 has just been released.

On a quarterly basis Microsoft releases Update Rollups for all components of the System Center 2012 R2 suite. So as expected UR#7 came out at the end of July 2015.

Not for SCOM 2012 R2 that is. For sure, UR#7 was built but it turned out it contains some ‘unhidden features’. Therefore Microsoft decided to pull it, address the issues and republish it.

Even though it’s not that good that an update rollup package is pulled I prefer it way above the situation where it’s published, causes harm/damage to your SCOM environment and then it’s pulled.

What I also appreciate is that Microsoft even published it. So I appreciate their openness about it since I can imagine they would have loved to roll out UR#7 for SCOM 2012 R2 on time…

Community MP Just Got MUCH Better!

Some years ago two very experienced SCOM people published a MP containing SCOM Health Check Reports. These Reports were special from day one, since they gave - with nothing but a single click - a deep insight into the health of all the SCOM components making up your SCOM environment.

When this MP came out, it was targeted at SCOM 2007x, simply because SCOM 2012x was something of the future. And when it became GA, this MP wasn’t updated. There was no rush actually since the very same MP works very well with SCOM 2012x as well.

Of course, SCOM 2012x is a beast of it’s own, with it’s new functionality and related quirks as well. And those new features, whether wanted or unwanted, weren’t covered by this MP.

Gladly the two men I am talking about, found the time and decided to REWRITE this MP for SCOM 2012x environments.

Of course, the people working with SCOM on a daily basis know what MP I am talking about: the SCC Health Check MP. And the two men are Pete Zerger and Oskar Landman.

Go here and here to check the new version out. The reports have become sexier as well. An awesome job guys, thanks a lot!

Additional information
This MP also requires the additional data source in order to connect to the SCOM Operational database. The new MP has an updated document as well, clearly explaining what to do. Please RTFM this document when this MP is new to you. When you don’t and simply import the MP BEFORE you’ve created the new Data Source, many Reports won’t be uploaded to the SSRS instance…

When you already have the SCOM 2007x version, the correct Data Source is already in place so you can simply import the new MP. It won’t upgrade the existing MP since it’s a total new MP of it’s own. Both MPs can co-exist happily in your SCOM environment. However, the new MP is way much better so IMHO it’s better to remove the older version after you’ve imported the new one and verified it’s working as intended.