I have updated the scripts for SCOM Remote Maintenance Mode Scheduler 2.0 to properly support SCOM R2.


Download: MaintenanceModeV4_R2.zip


The old scripts worked ok but if you had a large group of servers it would take a long time with R2. The old scripts would try to put the HealthService and the HealthServiceWatcher in maintenance mode which is no longer necessary with R2.

Another thing I added to the scripts was to not re-set the maintenance mode of a server if it is already in maintenance mode.  I have seen instances where a particular server is put into maintenance mode for a long period of time and then a scheduled maintenance mode job will re-set the maintenance mode causing noise and skewed reports.

To install the scripts just rename the old scripts and then copy the new scripts into the same “C:\MaintenanceModeV4” directory.

**You will also might need to Remove the Security from the Downloaded PowerShell Scripts

Please let me know if you come across any issues.

You might have noticed that the SCCM Reporting Dashboard was released.  But what most of you don’t know is that you can use the dashboard for SCOM data.  The cool thing with the SCCM dashboard is that it’s and OPEN platform.  You can feed it a SQL query and it will display a live gauge or a graph.  This can be used query data from  the SCOM Operations DB, the Data Warehouse DB or any DB you want.

So how do we do it?

First we need to download and install the SCCM dashboard. You can download it at http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=27fe0d80-38c6-464a-953a-1c2edcf35c2d

Install the dashboard using the guide that comes with the download.

** If you don’t have SCCM that’s ok.  The install is just asking for a database.  So just type in the name of the Operations Manager Database.  Make sure the username and password has permissions or the install will fail.

Input the information from the SharePoint installation.

After it’s installed your dashboard will look blank like this.  That OK it’s just because it doesn’t have any data to pull from.  So lets give it some data.

Go to Site Actions Edit Page

You should now see this configuration editor

Enter in a Name for the data and then enter in SQL Server and Database Name

Then input a SQL query that you want to graph.

Here is the query I used to return back # of Agents Responding and # of Agents not responding.

SELECT ‘Responding’ as Status,  COUNT(*) as TotalMachines FROM ManagedEntityGenericView INNER JOIN ManagedTypeView
ON ManagedEntityGenericView.MonitoringClassId = ManagedTypeView.Id
WHERE (ManagedEntityGenericView.IsAvailable = ‘True’) AND (ManagedTypeView.Name = ‘Microsoft.SystemCenter.Agent’)
Union
SELECT ‘NotResponding’ as Status,  COUNT(*) as TotalMachines FROM ManagedEntityGenericView INNER JOIN ManagedTypeView
ON ManagedEntityGenericView.MonitoringClassId = ManagedTypeView.Id
WHERE (ManagedEntityGenericView.IsAvailable = ‘false’) AND (ManagedTypeView.Name = ‘Microsoft.SystemCenter.Agent’)

Now choose the type of graph you want.  I choose PieChart

Give it a Title

Then Choose Save and Close

Now go to one of the Web Parts and Select edit Modify Shared Web Part

In the top corner under “Select data set configuration”,  select the data set we just created. Then click OK

The Agent Status should now show up in the web part.

Click Exit Edit Mode in the top right corner

Repeat the process with any other data set you want to display in a graph or gauge.

Are you getting this error when trying to install reporting? 

Here are the steps to resolve it.

1.  Check to User Permissions.

-  Verify the user you are running the installer as is a member of the Operations Manager Administrators.
-  Verify the user has sysadmin access to the database in SQL.

2.  Check the SPN of the SDK Service.

- http://wchomak.spaces.live.com/blog/cns!F56EFE25599555EC!824.entry?sa=646856610
- http://blogs.technet.com/jonathanalmquist/archive/2008/08/14/operations-manager-2007-spn-s.aspx
- http://blogs.technet.com/kevinholman/archive/2007/12/13/system-center-operations-manager-sdk-service-failed-to-register-an-spn.aspx

3.  Check the Operations Manager database.

- Go into SQL Enterprise Management Studio 
- Expand Databases, OperationsManager, and Tables
- Right click on MT_ManagementGroup
- Click Open Table if you are using SQL Server 2005 or click Edit Top 200 Rows if you are using SQL Server 2008.
- Look at the Value in column SQLServerName_6B1D1BE8_EBB4_B425_08DC_2385C5930B04
- This should be the name of your operations manager database server.  (If you ever moved your operations manager database to a new SQL server there is a chance that this step got missed.)

With the arrival of Windows Server 2008 R2 it seems that more administrators are keeping UAC enabled.  I ran into an issue where I installed the certs for a gateway server and ran the cert import tool but kept getting this error

Event: 21016

OpsMgr was unable to set up a communications channel to scomrms1.scom.com and there are no failover hosts.  Communication will resume when scomrms1.scom.com is available and communication from this computer is allowed.

and

Event: 21007

 The OpsMgr Connector cannot create a mutually authenticated connection to scomrms.scom.com because it is not in a trusted domain.

I ran MOMCertImport and everything seemed to be fine.  After taking a look into HKLM\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Machine Settings\ I realized that there was no reg key for ChannelCertificateSerialNumber.

This told me there was a problem with running the MOMCertImport tool as nothing was being written to the registry.

It turns out that running MOMCertImport doesn’t call the UAC dialog box the application runs and lets you select you cert and exits normally.  So what you must do is right click on MOMCertImport.exe and click on Run as administrator.

Then click Continue in the UAC dialog box.

After installing the scom agent on a Red Hat 5.3  server and importing the management packs I started getting a bunch of  Secure Reference Override Alerts in my ops manager console.

The Health Service on computer SCOMMS.mydomain.com failed to resolve Secure Reference override. This issue may affect multiple instances. Additional details: Account for RunAs profile in workflow “Microsoft.Linux.RHEL.5.Process.Klog.Restart”, running for instance “Red Hat Enterprise Linux Server release 5.3 (Tikanga)” with id:”{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}” is not defined. Workflow will not be loaded. Please associate an account with the profile. Management group “MG”

So how do we fix these problems?  After searching for a solution I came across Marius Sutara’s Secure Reference Helper tool.   http://blogs.msdn.com/mariussutara/archive/2009/04/09/tool-opsmgr-2007-r2-what-to-do-with-secure-reference-override-alert.aspx

I downloaded the 64-bit version of the program but when I tried to install it, the installation failed.

I tried it on another RMS server and it failed there too.  So we can’t even use the tool because the installer doesn’t work.  Not so fast.

Lets extract the files from the MSI and see what it does.

msiexec /a “c:\temp\SecureReferenceSetup.x64.msi” /qb TARGETDIR=”c:\securefiles”

Here are the files from the MSI.

Microsoft.SystemCenter.Community.SecureReferenceHelper.xml - This file just creates the task in the actions pane.  (Not all that useful to me)
SecureReference.exe – This is the meat of the application.  You can run this program standalone as long as you have the .net 3.5 framework installed.
SecureReference.SetupAction.exe -  This is the installer that was failing.
So lets see what this puppy does.

I launch the SecureReference.exe app and get a login screen.  If you have admin access to the RMS you can just type in the RMS server name in the box.

I uncheck perform removal of duplicate alerts automatically.

Using the tool and I can plainly see that the problem is with the Unix Privileged Account.  I set the Unix Privileged Account to my Unix Action Account and my problem is solved.

**Update** some people were still having problems extracting the files so I posted the executable for the application on my blog.

http://www.scom2k7.com/downloads/SecureReference.zip