Thursday, 28 July 2011

Orchestrator Runbook Design, Planning and Validation

Anders Bengtsson has done it again and written another stunning blog post about validating your runbook designs.

This ties in nicely with a discussion that I was having with a customer yesterday where I was stealing a comment made at the Best of MMS 2011 UK event where Adam Hall (I'm sure it was Adam, if not I apologise to whoever it was) coined a phrase about a day of design roughly equates to an hour in the runbook designer.

The point I was trying to get across to the customer is that while setting up SCORCH (or to some extent Opalis) is relatively simple and you can dive into the console and knock up runbooks very quickly too, it's very important to take that step back, map out your process first fully, exploring all angles, then create the runbook from this plan, and then like Anders says, build it out with resilience, checking and logging.

Back to the initial point...

Anders now has a trilogy of posts that I would really recommend reading, even if you feel really confident creating runbooks, I'd bet you don't use half the methods fully like Anders recommends.

Post 1: Fault Tolerance in Runbooks
Post 2: Building a log for Runbooks
Post 3: Validate your Runbook Design (He also includes a runbook which automates some checking!)

Thursday, 21 July 2011

Simple Orchestrator Runbook to move software to a Definitive Media Library (DML)

While trying to think of an example that I could use to create a runbook in SCORCH using only the standard activities I remembered a situation in my previous role where the Service Desk were responsible for gathering the software and documentation required for calls from users to upgrade systems/install new software.

Because we used the Microsoft Deployment Toolkit 2010 and specifically the Applications part of the deployment share as our Definitive Media Library (DML) it was a multi stepped approach to gathering the software from the users, assessing it and then moving it into a structured area via the MDT console.

So I started to knock together an example runbook to help with this process.

Originally I wanted to utilise the PowerShell functionality in MDT, but ran into an issue as Orchestrator uses the 32-bit powershell but being a 64-bit only OS (2008 R2) meant I couldn't install the MDT PowerShell snap-ins to work with the 32-bit PS.

So I went for a more basic runbook that monitors for a definition file (text file with a specific name and specific content) which would then kick off the process of moving and structuring the files in a DML.

Watch the video for the runbook in action:

While this is a very simplistic runbook, it shows the processes of reusing the data on the databus.

I'm limited in my testlab with what I can do for demonstration purposes, but as an example of how this could be enhanced, you could add a SQL query rather than monitoring for a file to query a service desk application for a new Service Request or Change Control being raised of a certain category and take the information from that call using the SQL query and use that in the runbook instead of a text file.

Exported runbook:

Wednesday, 20 July 2011

Operations Manager (SCOM) 2012 Beta now available

Microsoft released the first public beta of Operations Manager 2012 yesterday.

Main Beta page is here:

Downloads are here:

It's a bit strange that a public beta has just been released, especially since the CEP hasn't yet started, but I won't complain too much as that now completes my System Center 2012 test lab :)

Main new areas in the 2012 beta (taken from the TechNet Beta docs):

  • Setup

    Operations Manager 2012 has a new Setup wizard. For important instructions about how to install Operations Manager 2012, see Install Operations Manager 2012 Beta.

  • Upgrading to Operations Manager 2012

    Operations Manager 2012 provides an upgrade wizard to help you upgrade your System Center Operations Manager 2007 R2 environment to Operations Manager 2012. For more information, see Upgrading to Operations Manager 2012.

  • Removal of root management server

    In Operations Manager 2012, all management servers are peers; there is no root management server. The workload is split among all management servers in a management group, which provides high availability without requiring a cluster.

  • Resource pools

    A resource pool provides the ability to distribute workloads across multiple management servers, such as availability, network device monitoring, distributed monitor health rollup, and group calculation.

  • Agent Configuration

    Operations Manager 2012 provides an easy method for configuring agents to report to multiple management servers by adding an Operations Manager Agent application to Control Panel on each agent-managed Windows-based computer.

  • Operations Console

    You will notice some subtle changes to the Operations console. The Actions pane is now the Tasks pane, and includes a new section called Navigation Tasks that makes it easy for you to open views for a selected object. The Tasks pane offers two tabs: one for actions and one for resources and Help links. The Navigation and Tasks panes can be minimized or expanded instantly by clicking the arrow in the title bar of the pane.

  • Web console

    Operations Manager 2012 introduces a new web console. In Operations Manager 2012, all Operations Manager views are available in the web console.

  • Network monitoring

    Operations Manager 2012 provides the ability to discover and monitor network routers and switches, including the network interfaces and ports on those devices and the virtual LAN (VLAN) that they participate in. You can also delete discovered network devices and prevent the deleted network devices from being rediscovered the next time discovery runs. For more information, see Monitor Network Devices.

  • Application monitoring

    In Operations Manager 2012, you can monitor ASP.NET applications and web services from server- and client-side perspectives to get details about application availability and performance that can help you pinpoint solutions. Allowing you to specify settings, the types of events to collect, the performance goals to measure, and which servers to monitor, Operations Manager 2012 application monitoring provides insight into how web-based applications are running. You can see how frequently a problem is occurring, how a server was performing when a problem occurred, and the chain of events related to the slow request or method that is unreliable. This is the information needed to partner with software developers and database administrators to help ensure that application availability and performance are at optimal levels. For more information, see Monitor an ASP.NET Application.

  • Dashboard views

    Operations Manager 2012 includes new comprehensive dashboard views that combine multiple panels of information into a single view. In Operations Manager 2012, you can add the new dashboard views to My Workspace and the Monitoring workspace.

  • Display dashboard views using SharePoint

    The Operations Manager web part displays specified dashboard views and can be added to Microsoft SharePoint 2010 sites. For more information, see Add a Dashboard View to a SharePoint Site.

  • Creating dashboard views

    Dashboard views have been significantly upgraded in Operations Manager 2012 from their capabilities in Operations Manager 2007 R2, including custom layouts and nested dashboard views. For more information, see Create a Dashboard View.

  • Operations Manager Module for Windows PowerShell

    Operations Manager 2012 provides a Windows PowerShell 2.0 module containing a full set of new cmdlets. The cmdlets in this module are only compatible with Operations Manager 2012. You can recognize the Operations Manager 2012 cmdlets by the "SC" preceding the noun. For additional information about the Operations Manager 2012 cmdlets, open the Operations Manager command shell and type Get-Help about_OpsMgr_WhatsNew. For information about how the Operations Manager 2007 cmdlets map to the Operations Manager 2012 cmdlets, type Get-Help about_OpsMgr_Cmdlet_Names.

    To use the Operations Manager 2012 cmdlets, you must establish a connection to an Operations Manager management group. You can establish either a persistent connection in which you can run multiple cmdlets, or a temporary connection when running a single cmdlet. For more information about connections, open the Operations Manager Shell and type Get-Help about_OpsMgr_Connections.

  • UNIX- and Linux-based computers

    In Operations Manager 2012, you can perform privileged operations on UNIX-based and Linux-based computers using unprivileged Run As accounts by combining with “sudo” elevation on the target UNIX-based and Linux-based computers. This capability avoids the need for UNIX or Linux root passwords to be known on the management server, and keeps the privilege control entirely within the domain of the UNIX or Linux administrator. Operations Manager 2012 also includes new Windows PowerShell cmdlets for performing agent maintenance functions on UNIX-based and Linux-based computers, allowing for scripting and background operations. In addition, the resource pool feature supports computers running UNIX and Linux. If a management server fails, another management server in the resource pool can take over the monitoring, providing high availability.
  • Wednesday, 13 July 2011

    SCOM 2012: Setup and Config Part 2

    Just found another video around the setup and config of Operations Manager 2012.

    It's presented by Rob Kuehfus, a Microsoft Program Manager and the well known MVP Maarten Goet.

    Since the video doesn't embbed very well, you can also find it here:

    Friday, 8 July 2011

    SCOM 2012: Overview, Setup and Configuration

    Just found this video of Operations Manager 2012 that sneaked under my radar:

    It doesn't show much more than I saw at the Best of MMS UK on OpsMgr 2012, but I still can't find the videos from that session.

    Thursday, 7 July 2011

    Using the Microsoft Solutions Accelerator Dashboards with SCOM

    I've done a few of posts on using the SCCM dashboards to display SCOM information, but Kevin Greene has taken it to a whole new level......

    His series of posts not only cover in great detail how to install and configure both the ConfigMgr Dashboard and the OpsMgr Service Level Dashboard but also shows how to customise the look and feel as well as integrate the SLA Dash into the main SCCM Dash to provide a much more seamless approach.

    My hat is well and truly tipped to you Kevin :)

    How to find activities in your runbooks that have changed in the new Orchestrator

    Adam Hall has just posted a really useful SQL query that can be run against your existing Opalis database to help you understand what objects you currently use that are no longer available in Orchestrator.

    This is a brilliant piece of information as it could save you a boat load of time before you upgrade by identifying which run books you need to tweak in advance rather than having to import each one with fingers crossed hoping it doesn't break.

    The original post is here, but I've replicated the SQL code below for my own benefit so I know where it is without having to search ;)

    Please bear in mind that Orchestrator is still in Beta, so by RTM there could be more objects to add to this SQL query.

    policies.[Name] as [Policy Name],
    objects.[Name] as [Object Name]
    [Objects] objects join
    [Policies] policies
    on objects.[ParentID]=policies.[UniqueID]
    objects.objecttype = '2081B459-88D2-464A-9F3D-27D2B7A64C5E' or
    objects.objecttype = '6F0FA888-1969-4010-95BC-C0468FA6E8A0' or
    objects.objecttype = '8740DB49-5EE2-4398-9AD1-21315B8D2536' or
    objects.objecttype = '19253CC6-2A14-432A-B4D8-5C3F778B69B0' or
    objects.objecttype = '9AB62470-8541-44BD-BC2A-5C3409C56CAA' or
    objects.objecttype = '292941F8-6BA7-4EC2-9BC0-3B5F96AB9790' or
    objects.objecttype = '98AF4CBD-E30E-4890-9D26-404FE24727D7' or
    objects.objecttype = '2409285A-9F7E-4E04-BFB9-A617C2E5FA61' or
    objects.objecttype = 'B40FDFBD-6E5F-44F0-9AA6-6469B0A35710' or
    objects.objecttype = '9DAF8E78-25EB-425F-A5EF-338C2940B409' or
    objects.objecttype = 'B5381CDD-8498-4603-884D-1800699462AC' or
    objects.objecttype = 'FCA29108-14F3-429A-ADD4-BE24EA5E4A3E' or
    objects.objecttype = '7FB85E1D-D3C5-41DA-ACF4-E1A8396A9DA7' or
    objects.objecttype = '3CCE9C71-51F0-4595-927F-61D84F2F1B5D' or
    objects.objecttype = '96769C11-11F5-4645-B213-9EC7A3F244DB' or
    objects.objecttype = '6FED5A55-A652-455B-88E2-9992E7C97E9A' or
    objects.objecttype = '9C1DF967-5A50-4C4E-9906-C331208A3801' or
    objects.objecttype = 'B40FDFBD-6E5F-44F0-9AA6-6469B0A35710' or
    objects.objecttype = '829A951B-AAE9-4FBF-A6FD-92FA697EEA91' or
    objects.objecttype = '1728D617-ACA9-4C96-ADD1-0E0B61104A9E' or
    objects.objecttype = 'F3D1E70B-D389-49AD-A002-D332604BE87A' or
    objects.objecttype = '2D907D60-9C25-4A1C-B950-A31EB9C9DB5F' or
    objects.objecttype = '6A083024-C7B3-474F-A53F-075CD2F2AC0F' or
    objects.objecttype = '4E6481A1-6233-4C82-879F-D0A0EDCF2802' or
    objects.objecttype = 'BC49578F-171B-4776-86E2-664A5377B178'

    Friday, 1 July 2011

    Scripted Install of System Center Orchestrator Beta and all pre-reqs

    There's been a few posts floating around now showing how to do a standard setup of the new System Center Orchestrator Beta (SCORCH) so I thought rather than doing yet another that it was time to do something different.

    So I thought it might be a good idea to try automating the installation of SCORCH, which is rather fitting for an automation product.

    So I wrote a quick powershell script that not only silently installs SCORCH, but will also setup a fresh built server with all required pre-reqs, SQL, create a service account and setup necessary rights for it.

    I also thought I'd get it all on video as well!

    Basically the script will go through and install/setup in this order:

    .Net Framework 3.5
    .Net Framework 4.0
    Required IIS Role & Features
    SQL 2008 R2
    Create a Local Service account called SCORCH_SA
    Add it to the local admin group
    Assign it logon as a service rights (using ntrights.exe from the 2003 resource kit)

    The script then silently installs Orchestrator, with all components.

    This is achieved using the following command:

    setup.exe /Silent /ServiceUserName:$UserName /ServicePassword:$Password /Components:All /DbServer:$ComputerName /DbNameNew:Orchestrator /ScoAdmin:$ComputerName\Administrators /WebServicePort:81 /WebConsolePort:82

    where you see a $ prefix that's where a variable is passed from the script to the command line, normally these would be manually typed as username, server, password etc

    During the CEP kickoff meeting it was mentioned that an install of SCORCH and an import of a policy on a server with the pre-reqs installed had been done in 5 minutes, and a mini challenge laid down to see if it could be done quicker....  once the pre-reqs were installed, my script let me install and import in about 3 minutes!!

    You can find the link to the powershell script here:

    If you want to try this yourself then you'll need to add NTRights.exe from the 2003 reskit, .Net4.0 full framework, silverlight and the PS script to the SCORCH extracted folder and have the SQL disk in Drive D (or modify the script)

    So there you have it, an easy, repeatable, automated method of setting up a quick Orchestrator test server.