SCOM 1807 Universal Linux Monitoring

Recently discovered that some of the CentOS boxes that I've pushed the agent into came up as “Version Unknown” at the UNIX/Linux Computers within the Administration space in the SCOM console.

Checking further, there’s no monitoring data for the usual CPU / Memory / Logical Disk and Network from the servers.

Did a bit of troubleshooting and realized that from the “Microsoft System Center 1807 MP for UNIX and Linux” downloaded here, it seems to be missing the “Microsoft.Linux.Universal.Monitoring.mp”

Once imported the relevant mp from the SCOM 1801 media (notice the version difference), all started to work again

Monitoring SNMP v1 Trap

Creating a post on some work I'd done couple of year ago so that it won’t be forgotten.

I know SNMPv1 is definitely obsolete by now but what if there are still some requirements to monitor SNMPv1 traps with SCOM ?

One of the way is to

1. Create a custom MP on the trap you are going monitor with SCOM
2. Export that custom MP as an XML
3. Within the XML file, locate the version tag (<version>…</version>)
4. Replace the string within the tag to 1, refer samples below

Before

After

and that should do the trick

Setting OneDrive folder to be Always Available Offline

Was recently thrown with a challenge during a Windows 10 migration project for a client to set certain folders in their OneDrive for Business to be always available offline, once user’s data has been successfully migrated (to OneDrive) from on premise file server.

For the benefits of  everyone, latest version of OneDrive for Business client comes with improved features that allows you to either set files / folders to be always available offline or online (to free up spaces of your local storage)

While this option is available out of the box when the OneDrive sync client has been successfully setup, how do we further automate it so that certain files / folder can be set to “Always keep on this device (available offline)” without user’s intervention ?

Referring to the details online, we can create a PowerShell script using the attrib.exe, but based on my testing, “attrib -U +P /s” sets all the files / subfolder of the target folder you performed the command at to be available offline but not the parent folder.

To fix this, you can include a /D switch, as in “attrib -U +P /s /D”.

I’ve included a humble script of mine to apply the settings when the folder exists and the settings had not been applied.

$targetFolder = "<Target Folder>"

$rootDir = $env:userprofile + "\<your OneDrive Path>"
$FolderPath = $rootDir + "\" + $targetFolder

if (test-path $FolderPath)
{
     set-location $rootDir

    $Attrib = attrib $targetFolder

    $Attrib = $Attrib.trim()

    $arrayAttrib = $Attrib.Split("C:")

    $fileAttib = $arrayAttrib[0]
     $fileAttib = $fileAttib.TrimStart()
     $fileAttib = $fileAttib.TrimEnd()

    if ($fileAttib -ne 'P')
     {
         Set-Location $FolderPath
         attrib.exe +P -U /S /D

        Set-Location $rootDir
         attrib.exe +P -U /S /D $targetFolder
     }
}

Linking this script to a GPO logon script will make sure that the desired folder is always set available offline when user logs into their machine.

Enjoy…

SCOM PowerShell Script Monitors

I was recently asked if there’s a way to raise a SCOM alert when a scheduled task is not in “Running” state. From the community MPs, I reckoned it is only giving an alert when the tasks return a “Failed” state. I might be wrong, but if there’s one out there, appreciate if someone can enlighten me on this.

Have tried using vbscript via WMI calls but it worth taking note that, while it makes a query from “Win32_ScheduledJob” class, tasks created in the Windows Task Scheduler will not be listed.

We ended up exploring PowerShell and managed to write a simple script for this, but setting up the monitor was not as straight forward as it seemed.

Out of the box, SCOM provides the functionality to create VBScript based monitors, but if you are to create a similar monitor with PowerShell, first impression is that the monitor seemed working as expected (giving you a green tick), but as you test further, you will notice that the health state does not get updated, even when it qualifies for an unhealthy condition.

Looking at the OperationsManager event logs, you should see event 21405, saying the process failed to create System.PropertyBagData…, and interestingly, SCOM was trying to execute your PowerShell script using cscript.exe

Command executed:    "C:\Windows\system32\cscript.exe" /nologo "<your ps script>.ps1", as you can see below

To fix this, you either create a new custom MP to include the PowerShell script monitor (either Silect , VSAE) OR import a PowerShell script community based MP. I chose the latter since it is only a simple monitor and didn’t want to spend more time into it.

Once imported, you should be able to create a script based monitor, only this time, instead of VBScript, it will be in PowerShell.

Hope this helps :)

SCOM Dynamic Groups and Regex

Came across the need to create SCOM groups that consist of both Development and Production servers. While it is easier to have them explicitly populated into the correspondent groups but that would required exhaustive administrative effort from the SCOM admins to always validate the membership of the groups from time to time.

Most of you may know that not every organization has a standard naming convention for their servers like XXX-XXX , and the question now is what will be the regex expression for servers that either ends with d or p indicating whether this is a development or production servers ?

Well it might sound complicated (or at least to me) where how many characters or numbers that we need to consider, since the server names do no have a fixed length.

After some trials and errors, turned out to be quite a simple fix. The following expression will fit in

(?i:p$) –> means case insensitive and ending with a p (or P). Feel free to change the expression to suit your needs.

SCCM 2012 R2 Clients failed downloading content

Was required to manage clients in untrusted domain in a recent SCCM deployment and one of pilot machine (Windows 7) was not able to have the published app successfully installed, while the other got installed successfully.

Checking on the DataTransferService.log, it includes log saying “DAV request. HTTP code 401, status 'Unauthorized'”

Checked and verified that the network access account for SCCM has been configured and there’s no firewall restriction between the client and SCCM server.

Googled around and found out that KB2522623 might be able to fix the problem, and it really did once the patch was applied.

Automated Profile Migration with SCCM–Orchestrator

Had a chance to be involved in a project whereby a client had requested to implement user state and profile migration via SCCM / USMT.

This basically requires configuring the State Migration Point in the SCCM site server and creating computer association, determining from which machine (Source) the user’s profile and data files are being migrated over to (Target)

Then, there will be 2 separate Task Sequences to capture and restore user’s profile and files via USMT scanstate and loadstate executions. As the rule of thumb, the Task Sequence to restore user’s data should only be run after the data capture has successfully executed.

I decided to take a step further by further automating the entire process via System Center 2012 R2 Orchestrator.

It consists of several runbooks, ranging from

• Performing readiness check, making sure both machines are ready for user’s profile and data transfer
  
  
• Performing user’s profile and data migration by
  • creating the computer association
  • pushing the task sequences to both source and target machines and verify its execution
  
• Replicating all the SCCM direct membership collections from the source to destination, ensuring additional software / applications are successfully pushed to the target machine
  
  

which are all called from a main runbook