SCOM 2012 Maintenance Mode Scheduler

We believe that core to any monitoring system is the ability to send out accurate alerts. SCOM sends out many valuable alerts but will flood e-mail boxes and paging systems during maintenance windows.  We set out to build a maintenance mode scheduler that anyone can quickly and easily use to prevent these floods of useless information.


  • Easily access the new web based maintenance mode scheduler from any browser.
  • End users will thank you at how easy it is to pick a computer, group, object, and even a subscription with a start time and end time. The app calculates the minutes for them and schedules a future maintenance window.
  • The manage tab will make it easy to see and manage any upcoming maintenance windows and identify any gaps.
  • The new integrated dashboards make it feel like the scheduling maintenance mode was always there.
Download Free Trial



Schedule a group of Computers, Databases, or any objects in the group into maintenance Mode.

One Click Maintenance Mode

Another great feature is the ability to do one click maintenance mode from any server.  This means is you can place the same shortcut on the desktop of your all your servers.  With one click, the IT administrator can put the server into maintenance mode.


After the shortcut is clicked, the web page automatically detects what server you are on and puts the server into Maintenance Mode with no interaction.


Dashboards Integrated Into The SCOM Console




Most organizations only use the alerts from SCOM.  Now you can schedule your complex subscriptions into maintenance mode.  You can choose to send the alerts that where queued up or discard them.


Manage any upcoming maintenance windows and identify any gaps



Windows 8 App

The Windows 8 app can be download from the Windows App Store.  It uses the existing the same infrastructure and web service as the Web based version.

Download Now from the App Store





Click Here to Purchase

Any problems, bugs, or issues please e-mail:


Related Posts

SCOM 2012 Maintenance Mode Scheduler Installation Guide –

SCOM 2012 Maintenance Mode Scheduler User Guide

Securing SCOM 2012 Maintenance Mode Scheduler –


Continue Reading

Remote Desktop Connection Manager 2.7

Anyone running lots of remote desktop sessions will want to check out Remote Desktop Connection Manager 2.7


I have been using this build for a few months and it has lots of nice features over 2.2

The feature I use the most is the Reconnect Feature.



Other features include

  • Virtual machine connect-to-console support
  • Smart groups
  • Support for credential encryption with certificates
  • Windows 8 remote action support
  • Support for Windows 8, Windows 8.1 / Windows Server 2012, Windows Server 2012 R2





Continue Reading

Useful Links






Kevin Holman Key Blog Articles


Backup and Recovery





Powershell script examples;

Adding Powershell Snap-in

Windows PowerShell in System Center Operations Manager

System Center Operations Manager 2007: Powershell Scripts

Powershell basics:

Powershell script examples;

Proxy Settings (Agent)

Each Management Pack guide states if the agent proxying setting is a requirement, so it is best practice to check for this, prior to importing a management pack.

The following management packs (and additional ones not listed here) require the respective servers to have the agent proxying setting enabled:

–          Physical nodes of clusters

–          Domain Controllers

–          Exchange Servers

–          SQL Servers

–          BizTalk Servers

–          DNS Servers

The agent proxying tool can be extremely useful for enabling the proxying setting on multiple agents:

Queue Size

The default size of the Queue on agents is 15360kb (15MB) and the default size of the Q on an MS is 102400KB (100MB)

The size of the queue (in kb) can be configured at this registry key on both agents and management servers:

HKLM\SYSTEM\CurrentControlSet\Services\HealthService\Parameters\Management Groups\[MGname]\MaximumQueueSizeKb

Renaming Default Management Pack to ‘DO NOT USE – Default Management Pack’

A golden rule of Operations Manager is not to store anything in the Default Management Pack.  When creating overrides or new rules and monitors, the default management pack appears as the first option.

Therefore it is a recommended good practice to change the display name of ‘Default Management Pack’ to ‘DO NOT USE – Default Management Pack’ which adds an extra safeguard, making it less likely for users to store elements in the default management pack.

Reporting Overview

Steps for running reports can be found in the 101 document I created –

Run as accounts and Run as profiles

A Run as Account is a set of credentials (username and password) that is stored in Operations Manager and distributed to agents for use.

A Run as Profile is a collection of Monitoring – for instance AD Replication Monitoring.

A Run as profile can be associated with a run as profile, so that all the monitoring that is part of that profile, runs under the associated run as account.

By default, local system (default agent action account) is used for all local monitoring on an agent, unless any of that monitoring is part of a run as profile that has a run as account specified.

If monitoring that is part of a run as profile is actively running on an agent, and no run as account has been specified, the default action account (local system by default) is reverted to for use.

The steps for managing Run as accounts and profiles are as follows:

1) Create a run as Account by specifying the credentials.

2) Distribute the run as accounts to agents that will be using it.  (In the Runs As account, use the ‘Distribution’ tab)

3) Associate the appropriate run As Profile with the newly specified run as account.

SCCM Dashboard for Operations Manager:

SCOM Tricks

Security Auditing Events

The following links list Security Event Details for Events that occur when a given Security Scenario occurs.  This is useful for creating Security auditing style event-collection or alert-generating rules (or both):

Server Overview Report

This is a report that I see many customer’s getting a lot of use out of.  Just download the samplereportslibrary.xml and import it like a normal management pack.  Once the Sample Reports folder comes up and you see Server overview report, run it against the Agent Managed Computer Group, and change the ‘From’ parameter from ‘Today’ to ‘Yesterday’.


It is important to note the difference between ‘Alerts’ and ‘Notifications’.  Alerts are seen in the console.  Notifications are items such as emails that users receive outside of the Operations console.  Notifications are created based upon the configured subscriptions that map alerts to notifications.  Very granular subscriptions can be created using the ‘Created by Specific Rules or Monitors’ options.  These subscriptions can be created or added to, using the ‘Create’ and ‘Modify’ Subscription tasks that are available on the Actions Pane in the right-hand side of the console, when clicking on any alert in the monitoring space.

There is also an advantage of creating a ‘catch-all’ subscription (criteria = all alerts) and having those notifications go to a mailbox for that specific purpose (service account mailbox for example) .  And then the mailbox can be reviewed for identifying alerts that are good candidates to add to the more important granular  subscriptions with wider audiences.

Subscription Channel Format

The subject format can be modified by moving $Data/Context/DataItem/ResolutionStateName$ to the front of the subject line and getting rid of the words ‘Resolution State’ like so:

With this change, notification emails will appear as New Alert: Alert Name or Closed Alert: Alert Name.

A great list of available variables is available here:

Support for System Center Operations Manager 2007 R2 that runs on a SQL Server 2008 R2 database

Synthetic Transactions

A Synthetic Transaction is monitoring from the client perspective.  For example, web sites are monitored using the IIS Management Pack and although a website shows as healthy from the IIS perspective, a client may not be able to get to it, due to a network issue.  This is where synthetic transactions can be used.  As part of creating Synthetic transaction monitors, it is possible to specify one or more watcher nodes, which is where the synthetic transaction is ran from.

Wizards are provided (Authoring>Management Pack templates) for creating Synthetic transaction monitors for

  • OLE DB Data Source
  • TCP Ports
  • Web applications

Targeting Best Practices

In Operations Manager, we should not use groups for the purposes of targeting.  Instead, we should always target rules and monitors at a singular object.  For instance ‘All Windows Computers’ (which is a group) is not a valid target to use when creating a rule or monitor that you wish to become active on all Windows Computers.  However the singular object ‘Windows Computer’ is an appropriate object that could be used in this scenario.  The best-practice poster for targeting can be found here:

Troubleshooting gray agent states in System Center Operations Manager 2007 and System Center Essentials

Troubleshooting ‘Script or Executable Failed’ Alerts or ‘WMI Probe Execution Failed’ Alerts

These alerts occur as a result of a script or executable in a different workflow (rule, monitor or object discovery) failing.

It can be difficult to ascertain from this alert which rule, monitor or discovery’s script or executable caused the alert.

In order to find this out, take the workflow name from the alert details. For instance:

Workflow name: Microsoft.SQLServer.2005.ReportingServicesDiscoveryRule.Server

Then Open SQL Management Studio and click the connect button.

Hit the “New Query” button at the top left then just underneath that, change the dropdown where it says “master” to “OperationsManager”.

Then in the query window on the right hand side (where you should see a flashing cursor) type:

select * from localizedtext where elementname like ‘%workflowname%’

In the example provided, use:

select * from localizedtext where elementname like ‘%2005.reportingservicesdiscoveryrule.server%’

(note the % is a wildcard for any characters before or after the string. Also note the localized text table is just a place where we store display names that you see in the console.)

Then click the !Execute button or press F5 to execute the query.

In most cases, this returns 2 results.

One is the workflow  name and one is the workflow’s description.

Scroll across to view the LTValue which will contain the ‘friendly name’ of the discovery name and description.

Once we have the LTValue for the discovery / rule / monitor name, we need to search for it in the console.

In the ops manager console, go to authoring>Management Pack Objects>Object Discoveries. (note – it can be a trial and error process to discover whether the workflow is a monitor, rule or an object discovery – in this case it is an object discovery. If it is a monitor or rule, you will need to click monitors or rules and search in those nodes)

Make sure the view is not scoped and in the look for box, type the friendly name of the rule, monitor or discovery and hit search.

The monitoring object will be returned and can be overridden to increase the timeout.

After overriding it, resolve the alert and then see if it reoccurs.

If there is still a problem after increasing the timeout, it may be necessary to investigate other reasons why that particular workflow may be failing, but knowing which monitor, rule or discovery is the root cause helps in this troubleshooting process.

Unix / Linux Agent Deployment

High-Level Steps for Deployment:

Manual Installation required on Unix Server

Manually Sign and deploy Certificate, then Discover Server in Operations Manager

If you don’t have SSH enabled, you will need to manually sign the certificates (used for communication) and also manually install the agents as per the steps in the links above.

Unix Privileged Account vs. Unix Action Account and root-level access context

User Roles

User roles can be used to control security for operators, authors and administrators.

There are three levels of operator:

  • Read-only Operator  – can only read data in the console
  • Operator – can set alerts to new, closed or other resolution states
  • Advanced Operator – can override to configure /enable or disable rules and monitors.

Consider creating additional User Roles to further open up the specific areas of the console, to those who need it.

Which hotfixes should I apply

Technet homepage:

Product documentation

Security Guide (includes how to change account passwords)

Supported Configurations

Hotfixes – Which hotfixes should I apply

Admin Resource Kit

Authoring Resource Kit

CU4 Service Restart issue:;EN-US;2526113

SCCM Dashboard – Using for Operations Manager:

Powershell Cheat sheet

Regular Expressions

Unseal a Management Pack:

Introducing the Next Version of Operations Manager (GREAT VIDEO TO WATCH TO SEE WHAT’S COMING J)

Visio Stencils for Operations Manager 2007 R2

R2 sizing guide

DW Retention and grooming:

DW retention tool

Useful Queries

Boris Yanushpolsy’s blog (wrote effective config viewer, Mp viewer and Override Explorer, and the Proxy UI tool)

System Center Marketplace (New MP Catalog):

Publishing Reports to SharePoint

MOF Reliability Workbook for System Center Operations Manager:


Microsoft Download Notifications (New MPs / Updates):

Webcasts and Virtual Labs:

Override Explorer (was used in more prominently in the previous SP1 version, which did not have the ‘overrides’ node available in the authoring Space):

Logfile Monitoring

Adding Custom Information to alerts and Notifications:

Some great resources on R2 and the new features available on the right hand side of this page:

(There is also a great video there that walks through the new features of R2.)

ACS for Cross Platform Agents

Estimating Database Sizes!3D3B8489FCAA9B51!171.entry

Grooming settings!3D3B8489FCAA9B51!176.entry?sa=875476383

Operations Manager Product Team Blog:

Recovery Task to Restart a service:

System Center Operations Manager Blog Search:

Group membership:

Management Group Configuration tool:

How Microsoft Does IT (includes MOM 2005 and Ops Mgr documents):


Certificates for Windows 2008 and Ops Mgr:

Last contact time Style reports:

What Thresholds Monitors Have

DB IOPS Performance

DW Backup and Grooming:,295582,sid68_gci1316214,00.html

Creating tasks:

Planning and designing the infrastructure:

Operations Manager Training Videos:

Operations Manager Reporting Guide:

Cross Platform Extensions

Clustering Support

Troubleshooting gray agent states in System Center Operations Manager 2007 and System Center Essentials

Useful Queries

ESX Monitoring (SNMP Network Devices)


Manually Installing Agents from the Command Line:

Continue Reading

Update Rollup 4 for System Center 2012 R2 Operations Manager

Lots of of good fixes in the latest UR.  Especially  if you are using APM then this update rollup  is a must for making this work.   Working with Sensitive Data for .NET Applications


Issues that are fixed in update rollup 4

Issue 1

It takes many minutes for the Microsoft.Windows.CheckNTServiceStateMonitorType function to determine that the service is down.

Issue 2 

An attempt to apply sensitivity rules fails, and you receive the following error message:

The monitoring configuration contains errors and cannot be applied.
Exception: System.ApplicationException: Attribute ‘regexCompare’ is null
at Microsoft.EnterpriseManagement.Modules.Apm.LibraryConfigManager.Tools.XmlTools.GetMandatoryAttribute(String attributeName, XmlNode node)
at any attempt to apply sensitivity rules fails with the errorMicrosoft.EnterpriseManagement.Modules.Apm.LibraryConfigManager.Modules.ApmModule.Core.Actions.AgentHandlersConfig.HiddenRuleXmlDeserializer.Deserialize(XmlNode rowData)

Issue 3

GSM locations are geotagged incorrectly on Map Widget.

Issue 4

The MonitoringHost.exe process issues too many calls to System Center Failover Clustering.

Issue 5

The re-synchronization of all managed entities from Operations Manager to the Operations Manager Data Warehouse database causes duplicate entries, and an exception that resembles the following is thrown:

Data was written to the Data Warehouse staging area but processing failed on one of the subsequent operations.
Exception ‘SqlException': Sql execution failed. Error 2627, Level 14, State 1, Procedure ManagedEntityChange, Line 367, Message: Violation of UNIQUE KEY constraint ‘UN_ManagedEntityProperty_ManagedEntityRowIdFromDAteTime’. Cannot insert duplicate key in object ‘dbo.ManagedEntityProperty’.

Issue 6

If data is truncated and is in Terminal status to a workflow, event ID 31551 is logged, and an exception that resembles the following is thrown:

Failed to store data in the Data Warehouse. The operation will be retried.
Exception ‘InvalidOperationException': The given value of type String from the data source cannot be converted to type nvarchar of the specified target column.
One or more workflows were affected by this.
Workflow name: Microsoft.SystemCenter.DataWarehouse.CollectAlertData

Issue 7

An arithmetic overflow error occurs, and an exception that resembles the following is thrown:

Data was written to the Data Warehouse staging area but processing failed on one of the subsequent operations.
Exception ‘SqlException': Sql execution failed. Error 8115, Level 16, State 2, Procedure RelationshipChange, Line 180, Message: Arithmetic overflow error converting expression to data type int.

Issue 8
You experience poor performance when Operations Manager searches for attributes. Additionally, when doing more than one search in a row, the cache file (momcache.mdb) keeps increasing.

Issue 9
SCX agent generates lots of warnings in the log file when a user is using Security-Enhanced Linux (SELinux).

Issue 10
By default, the Rpcimap monitor for Red Hat Enterprise Linux 6 is disabled.

Continue Reading

SCOM 2012 Maintenance Mode Scheduler 4

Here are the new features in V4:

  • Multi-select Computers  This has been the most requested feature as end users often want to schedule multiple computers at a time without having to create groups.
  • Multi-select Computers in Integrated dashboard  Now you can select multiple computers in the dashboards without getting an error
  • New Search in Computers and Groups  Now instead of scrolling up in down the list you can just start to type in the name of the group or computer and results will be filtered.
  • One Click MM now accepts parameters   Some environments One Click MM was not working as the client security was high or there were DNS issues.  Now you can just add the computer as a parameter.
  • New Configuration backup tool for easier upgrades  Now you can back your configuration and upgrade to the latest version of SCOM 2012 Maintenance Mode Scheduler with have to reconfigure all of your settings.
Download Free Trial

Multi-select Computers

Now you can select multiple computers at a time for maintenance mode.


Multi-select Computers in Integrated dashboard


New Search in Computers and Groups


One Click MM now accepts parameters


New Configuration backup tool for easier upgrades


Continue Reading

Discovery bug in MP Author SP2 when discovering the 32-Bit registry keys

There is a bug in Silects MP Author SP2 tool.  If you select a 32-Bit registry key for discovery.



When you save the MP it will automatically remove the Wow6432Node


Most 32-Bit applications don’t write to multiple locations so It won’t discover anything.



**As pointed out by Kevin Holman there is an XML element called <registryview>32bit</registryview> that will accomplish the same thing but will work with 32-bit servers and 64-bit servers.**

Open up the XML and add the <registryview>32bit</registryview>

My XML would look like this.

<Path>SOFTWARE\Research In Motion\BlackBerry Enterprise Server\Setup\ConfigProductCode</Path>

More info on this can be found here.


The following workaround will work as well, but is not perfect as you might have apps installed on both 32-bit and 64-bit servers.

Open up the XML and edit it back to what it should be.




I have reported this to Silect.  Hopefully they will fix it in the next version.

Continue Reading