Thursday 15 December 2011

Operations Manager 2007 R2 (SCOM) Version Numbers

Just a quick post to help me remember what release numbers relate to which cumulative update version:

Version (numeric)Version (name)
6.1.7221.13RTM with CU1 Applied
6.1.7221.15RTM with CU2 Applied
6.1.7221.49RTM with CU3 Applied
6.1.7221.61RTM with CU4 Applied
6.1.7221.81RTM with CU5 Applied
6.1.7221.99RTM with CU6 Applied
6.1.7221.110RTM with CU7 Applied

Monday 5 December 2011

Configuration Manager 2012 RC now supports SQL 2008 R2

As of 03/12/11 you'll be pleased to know that SQL Server 2008 R2 Service Pack 1 is now supported for use with Configuration Manager 2012 Release Candidate 1. 

In addition to Service Pack 1, you will also need to install Cumulative Update 3 (CU3) for SQL Server 2008 R2 SP1, as well as the hotfix described in KB2603910:

However, please note that the hotfix for SQL 2008 R2 has currently been pulled again for some reason and isn't available at the link above, I'll update this post when it is, until then you would need to contact MS to obtain the hotfix.

*Updated 12/12/11* The hotfix for SQL 2008 R2 is now available.  Thanks Mr Anonymous commentor.

Friday 2 December 2011

How to move a SCVMM 2012 database to another SQL server

I'm not exactly re-inventing the wheel here as it's the same process for Virtual Machine Manager 2012 as it was for 2008 R2, but I thought I'd post about it anyway.

This isn't a common thing to need to do, but I found myself in the position today where I wanted to move the database that was on a local SQL install on a SCVMM 2012 server up onto a new SQL Cluster I had just finished building.

So these are the steps I took to move the database:
  1. Take a snapshot of the server (assuming it's a VM)
  2. Take a backup of the existing VMM DB
  3. Uninstall VMM and choose the Retain Database option
  4. Detach the VMM DB from the local SQL instance
  5. Copy the VMM DB files across to the new SQL Server
  6. On the remote SQL server, attach the VMM db
  7. Re-install SCVMM 2012 and when prompted, point it at the new SQL server, selecting to use an existing database (the one you imported) 
Easy!  Now you're free to uninstall SQL as and when.

Wednesday 23 November 2011

Vegas here I come!! Well, next year...

Registration for MMS 2012 (Microsoft Management Summit) opened last week, if you're planning on going then I'd suggest you head to quick and take advantage of the early bird offer before places run out.

And this e-mail really made me smile when it landed in my mailbox:

I'm expecting this years MMS to be huge, especially with the System Center 2012 wave just around the corner :)

Tuesday 22 November 2011

Service Manager 2010 - CU3 now available

**UPDATED: See last line**

It's time to start testing a new update in your Service Manager test environments as Cumulative Update 3 for 2010 SP1 has just arrived.

The engineering blog has a post up here that has a summary, but unfortunately the link to the KB article is the wrong one.

Instead of KB2542118 it should be KB2588492

From the KB Article:
This update includes fixes for the following issues:
  • Management Pack Import: When a data type is a decimal sometimes the decimal becomes an integer
  • Corruption of the Type ManagementEntity table when importing a type extension
  • Updates to properties are not brought forward to DW if updates to the instances happens in the same transaction or right before deleting the instance
  • AD Connector not bringing in new updates
  • When you create a new CR by using the new CR form, clicking the Apply button sometimes creates a duplicate record
  • Console intermittently freezes when you update/creating incident and clicking apply
  • HealthService does not stop at the end of SP1 DW update if previous start action takes too long
  • When opening the SCSM console on client computers and server the Reporting Wunderbar does not appear
  • High CPU in monitoringhost.exe when you create or updating an incident that triggers a notification workflow
You can download the CU update here:

This cumulative update applies to the following Service Manager components:
  • Service Manager Management Server (SM Server)
  • Data Warehouse Management Server (DW Server)
  • Service Manager Console
As with any update, RTFM and make sure you fully test it in a pre-production environment first.

*** UPDATE: I failed miserably... I got the links wrong too!!!  Updated with correct links ***

Friday 18 November 2011

Trustmarque wins Services Provider of the Year!!

Got some really good news this morning upon arriving at work.

Last night we won the CRN Services Provider of the Year award!!

Well done Trustmarque and everyone involved in making it possible!

Thursday 17 November 2011

Service Manager 2012 - Limit the "Assigned to User" list picker to IT Staff

One annoying part of Service Manager 2010 was when trying to assign a work item to a member of staff, you had to scroll through a list of all your Active Directory users.

Rob Ford developed a utility to be used as a task to help with this, but it could only be used after an incident had been created.

While trawling the Technet forums for something else today, I came across this thread, asking about how to do this using multiple connectors.

In Service Manager 2012 (Beta) there is now the ability to scope down the list first shown to a more manageable level "out-of-the-box". Sam Erskine happened to have been talking about this with me the other week, so in addition to my forum reply, I thought I'd pop a quick post on about it too.

  1. Navigate to the Libray wunderbar, and then to the Groups Node.
  2. Either Double Click the "Global Operators Group" or highlight it and select "Properties" from the tasks bar on the right.
  3. Leave the General section alone
  4. Use the Include Members section to add any direct members you require, either AD Users, or AD Groups
  5. Use the the Dynamic Members section to build the list on the fly.
    In the screenshot below I created my list based on users having the AD Attribute "Department" containing ICT
  6. Now when you use the list picker for Assigned User or Primary Owner the list will be filtered to just those users that are a member of the Global Operators Group. 
  7. Unticking the "Scope users by global operators group" will once again show you all users from your Active Directory. 

Wednesday 16 November 2011

System Center 2012 Orchestrator Integration Packs

I noticed on the Microsoft Download site today that there is presently a couple of integration packs available for SCORCH 2012.

System Center 2012 Orchestrator Integration Pack for Active Directory BETA

System Center Orchestrator 2012 Integration Pack for VMware vSphere RC

System Center Orchestrator 2012 Integration Pack for IBM Tivoli Netcool/OMNIbus RC

These are in addition to the ones released with the Orchestrator 2012 RC.
Configuration Manager 2007
Data Protection Manager 2010
Operations Manager 2007 R2
Service Manager 2010
Virtual Machine Manager 2008 R2

Sunday 13 November 2011

System Center 2012 Wave

I thought I'd post a quick one on how the System Center 2012 stack is starting to line up and some bits to note for testing and in preparation for implementations.

At present we have the following table that shows the parts of the System Center stack available and their current release stage:
Configuration Manager Release Candidate 1
Operations Manager Release Candidate 1
Service Manager Beta 1
Virtual Machine Manager Release Candidate 1
Data Protection Manager Beta 1
Orchestrator Release Candidate 1
App Controller Beta 1

All of the System Center solutions are undergoing a branding change.
If you haven't noticed, the branding has now changed to:
"System Center 2012 Product Name"

So this makes it:
  • System Center 2012 Configuration Manager
  • System Center 2012 Operations Manager
  • System Center 2012 Service Manager
  • etc etc etc....
A small change I'm sure you'll agree, but important in the long run as we start to see really tight integration between all the solutions, and the development and release schedules of all the parts of the System Center align up.
(Hopefully we'll also see the Start Menu program groups be consolidated together unlike the random scatterings it is at present)

SQL Collations between the solutions are also drawing together with the need for the following collations per solution:

Configuration Manager SQL_Latin1_General_CP1_CI_AS
Operations Manager SQL_Latin1_General_CP1_CI_AS
Service Manager See:
Virtual Machine Manager SQL_Latin1_General_CP1_CI_AS
Data Protection Manager Unsure - Doesn't seem to specify
Orchestrator SQL_Latin1_General_CP1_CI_AS
App Controller SQL_Latin1_General_CP1_CI_AS

Anyone else see the running theme here?
SQL_Latin1_General_CP1_CI_AS seems now to be the de-facto SQL Collation for the System Center 2012 wave.

You can also expect SQL 2008 R2 to be the prefered SQL version, 2008 may be supported for some of them, but 2005 is definitely a no go.

Thursday 10 November 2011

Operations Manager 2012 Release Candidate Released

Not a day after I was demoing SCOM 2012 Beta, do Microsoft go and release the RC!

You can find the download here:

Couple of things of note from the Release Notes:

Install hotfix before installing the Operations console

Before you install the Operations console, install the hotfix from article 976898 ( in the Microsoft Knowledge Base. You have to contact Microsoft Customer Support Services to request the hotfix download. This hotfix helps prevent performance problems with the Operations console. After you install the hotfix, you must restart the computer.

This hotfix might not be required for all servers. The Operations console prerequisite checker checks for this prerequisite and alerts the user if it is not there. The hotfix has to be installed if the prerequisite checker finds that the hotfix is missing.

Upgrading from System Center 2012 – Operations Manager Beta to Release Candidate is not supported for installations upgraded from System Center Operations Manager 2007 R2. You can upgrade from System Center 2012 – Operations Manager Beta to Release Candidate but only if the Beta installation was a new installation. You cannot perform the upgrade if the Beta installation was upgraded from System Center Operations Manager 2007 R2.

There is a ton of information in the release notes, so please read thoroughly before installing to know what to expect.

Monday 7 November 2011

Configuration Manager 2012 - A day with Wally Mead event

On Friday I had the pleasure of attending an Event at the Microsoft UK headquarters in Reading titled, A Day of System Center Configuration Manager 2012 with Wally Mead.

The event was sponsored by the WMUG and Cliff Hobbs and Rob Marshall did a fantastic job of pulling the event together.

Let the event begin!
Cliff Hobbs opened the event, explained the background to the event etc and also mentioned some swag to be had :)
First up was Dan Pilling, Marketing Manager at Microsoft with a couple of minutes about "How can Microsoft help?"
He goes on to mention two useful areas of help that MS provide.
MS Virtual Academy - Free training around "The Cloud", soon to be hands on training camps in regions around the UK.
MS TechNet roadshows - System Center 2012 Launch Events: 16th Nov, 6th Dec, 14th Dec, 18th Jan

Here's Wally!!!
Wally Mead takes to the stage for the Configuration Manager 2012 Overview and What’s new since Beta 2 session.
He tells us we're to suffer 2 sets of Death by PowerPoint this morning, with all the demos coming this afternoon, however with the speed that Wally goes at, this just simply flies by.

Wally starts off by talking about the major themes for ConfigMgr 2012 with this usual slide for those that haven't seen it:

Microsoft really are trying to help customers understand that ConfigMgr 2012 is all about putting the user first, moving to a user centric model for deploying software, along with the fact that the new 2012 version helps simplify the administration of the system, and reduce the complexity usually associated with the ConfigMgr infrastructure required.

Empower Theme
A formulae that keeps popping up when Microsoft talk about Configuration Manager 2012 and User Centric management is F(x): User(x) -> App(y)
This is based on the premise that an Administrators intent when delivering an application should be to ensure that the user can access the application they require.  This is regardless of the endpoint or the access method, all the user is bothered about is that they can get to the application they want, wherever they are so that they can work.

To enable this, Microsoft have introduced a new "Application Model".  Gone are the days of packages, programs and advertisements (Actually they're still there, but only for legacy and migration purposes).
This new application model helps admins to manage the application, not scripts used to install an app.
The application model brings with it some of the following features:
  • Detection Methods - Are applications Required or Prohibited and do they already exist on the device, if so, why bother re-installing.
  • Requirements - E.g. Device must have x memory, this model hardware, must be users primary device.
  • Dependancies - E.g. Application must have App-V client, if not, auto install first
  • Supersedance - E.g. Office 2010 replaces Office 2003. Update an application with supersedance links and get automatic revision management
Application model with multiple deployment types:
Dependency Viewer:

This new application model really helps support the abstraction model by allowing multiple deployment types to be assigned to an application (MSI, App-V, RDS, Citrix, Mobile) and delivered to the user dynamically depending on the type of device and access method (Corporate LAN FAT Client Vs. Home PC via Citrix/RDS)

The RDS & Citrix connectors which will provide the ability to assign those deployment types to applications are looking like they will be available shortly after RTM.

Operating System Deployment (OSD) is looking for the most part to be staying the same in terms of features etc, apart from a new ability to install apps for assigned primary users during a task sequence based on device affinity rules.

System Center Mobile Device Manager was discontinued a while ago and remains part of ConfigMgr 2012 which now provides both Depth and Light Management of devices.
Depth Management requires an agent on the phone and at the moment this is available for Window Mobile devices and Nokia Symbian devices but there are more announcements regarding more devices still to be made before/at RTM.

Light Management allows for any ActiveSync capable device to be inventoried, have some settings managed (PIN, Idle Time, failed logons etc) and enables remote wiping.  This means iPhones, Androids etc can be centrally managed and controlled more easily by the teams that support them rather than having to put the burden on the Exchange team.
Light Management requires Exchange 2010, and also takes over ActiveSync management - beware manually changing settings

The good old Run Advertisements program has been replaced with a new Software Centre in 2012 (It's no longer Control Panel item, it's now found in the Start Menu)
This makes it easier for users to run software that isn't enforced and shows details such as install time/date, progress and allows for some settings to be changed (if allowed) such as working hours, remote control capabilities, power management settings.

There is also a new web site for Self Service, allowing for the finding and requesting of software.

Simplify Theme
Finally we have a new administration console, the MMC is gone!!!
The new console is in the Outlook style, consistent now with the other System Center products.  ConfigMgr 2012 also has the Ribbon Bar and provides easier searching, easier scoping and automatic custom views depending on role.

ConfigMgr 2012 now has Role Based Access Control (RBAC) allowing for the system and the console to be easily secured and locked down to only show/allow access to areas that staff require.
This gives the ability for example to separate out Server and Desktop management using roles rather than sites, and giving safety for admins. No more accidentally deploying an update meant for desktops to servers and rebooting them all in the day (Because I've never ever ever done that! /cringe)

Using collections as an organisational method and writing lots of queries to scope out the devices to deploy to should now be a thing of the past. There are no more sub collections, but now we get folders for organisation and the queries should now transition to "Requirements" that are on the deployment types with the application.

Unify Theme
Distribution Points now mainly replace the need for Secondary Sites as they have scheduling and throttling. Secondary’s are only really needed if you want to control the upload of client information.

In ConfigMgr 2007 your hierarchy could get very deep and complex with multiple Primary sites being child layered below each other, in 2012 we will see a maximum depth of 3 layers:
CAS - PRI - SEC is the maximum 3 layers.

ConfigMgr 2012 now has Bi-Directional SQL Replication between the CAS and Primary with SQL replication from the Primary - Secondary being one way replication.
Data is now processed at Primary and replicated up rather than processed on each server in hierarchy as in 2007. File based replication is still only used between Secondary’s and DP's and for file contents (Software Packages, Updates, Boot Images etc)

When do you need a Primary site?
  • Scale
  • Reduce impact of Primary failure
  • Local Connectivity
  • Political issues
  • Regulation compliance

Primary Sites are NOT needed for:
  • Decentralised Admin
  • Logical Data Segmentation
  • Different Client Settings
  • Different Languages
  • Content Routing for deep hierarchies

There is one Distribution Point (DP) type only now, no more branch DP's as the same DP works on Windows 7.
DP Groups now auto distribute content to new DP's when they are added to the group.

Boundaries can now be auto discovered from Active Directory Forest information.
The auto discovery finds:
  • AD Sites
  • IP Subnets
  • IPv6 Prefixes

What's new?
Client Health and Activity now fully integrated into ConfigMgr 2012 along with Auto Remediation.
21 different checks are now performed daily with remediation tasks such as:
  • Restart service
  • Dependency checks
  • Repair WMI
  • etc
Client Health remediation can be turned off using a Registry Key this is important for mission critical servers etc where for example a WMI rebuild could potentially be bad news.
You can now setup Alerts and Reporting subscriptions based on thresholds for things like % of unhealthy clients, malware detection etc.

Software updates now have auto deployment rules, mainly to be used for EndPoint Protection definition updates, but could be used for any update type, bringing back one feature WSUS users missed when migrating to ConfigMgr for updates.

State based update groups, deploy updates individually or in groups.  Think ConfigMgr 2007 lists & Deployment Packages combined, where you can now add new updates and deploy straight away.

OSD now has Offline Image Servicing for updates, saves time during deployment rather than waiting for 60+ updates to install during a task sequence!!!

Boot Media is now hierarchy wide, update once for the entire site.

The Task Sequence Media Wizard includes steps to add prestart command files (formerly pre-execution hooks) to prestaged media, bootable media, and stand-alone media.

Power Management has more options, users can opt out of PwrMgt if the Administrator allows it and PwrMgt settings don't auto apply to VM's.

Custom Client Settings can be applied to collections, removing multiple site needs for e.g. Servers and Desktops that needed different settings.

Desired Configuration Management (DCM) now has auto remediation along with version and auditing checking - who changed what?

Remote Control gets Ctrl+Alt+Del back!! Also option to disable the users Mouse and Keyboard to prevent them interfering with the support session.

Phew, there was a lot to take in, most of which was already known about, but Wally presented it brilliantly, answered a ton of questions throughout and personally helped me with a query during the break.

The demos in the afternoon were around doing a migration from 2007 (Must be SP2 and no 2003 migration) and the System Center 2012 EndPoint Protection integration.  I'll hold off blogging about them in anymore detail yet, as they're a bit too visual to talk about.

All in all a brilliant day, and if you haven't already downloaded the release candidate to play with, what are you waiting for?!?!?!

Error when trying to access ConfigMgr 2012 Self Service Application Catalog

After installing the Application Catalog Web Service and Web Site the other day I was presented with this error when trying to access it:
"Could not load type 'System.ServiceModel.Activation.HttpModule' from assembly 'System.ServiceModel, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089'"

I thought this was a little strange as this is usually related to when IIS is installed after .Net Framework 4, which I had definitely not done as this was the same server that I had previously had the ConfigMgr Beta 2 installed on, with a working Self Service Portal before uninstalling ConfigMgr Beta2 and re-installing the Release Candidate.

But I thought I had best try the simple fix first, which involves just simply running the aspnet_regiis.exe -iru command.

And would you believe it, it fixed it!

So if you do run into this error, even if you're pretty sure you installed IIS & .Net Framework in the right order, give this simple fix a quick try first.

Friday 28 October 2011

Service Manager 2012 Beta has been released!!

Again, another System Center product sneaks out without a major announcement from the teams blog :S

At last, the Beta for Service Manager 2012 has been released.

This latest version brings the following additions to the product:
  • Service Requests
  • Release Management
  • Service Catalog
  • Service Level Agreement support for Incident and Service Requests
  • Parent – child support for incident and release management
  • A Dynamic, Super Duper, Share Point based Self Service Portal
  • Parallel Activities
  • Build & Environments
  • Connector Enhancements
  • Orchestrator Runbook Integration
  • Virtual Machine Manager Integration
  • Console Performance Improvements
  • Reporting and Data Warehouse improvements (OLAP Cubes, Excel Pivot Tables, Sharepoint Dashboards)
  • Service Manager 2010 can be upgraded to SCSM 2012 Beta
Installation hasn't changed that much from 2010, other than it explains the pre-requisites a bit better and Share Point Foundation or above is now required for the Self Service Portal.

You can find the download link here:

The hardware requirements for the servers hasn't changed, but some of the software requirements have.

  • Windows XP and Server 2003 is no longer supported for the console, time to migrate if you haven't already!
  • Microsoft Report Viewer Redistributable
  • Windows PowerShell 1.0 or Windows PowerShell 2.0
  • ADO.NET Data Services Update for .NET Framework 3.5 SP1
  • Microsoft Analysis Management Objects (AMOs)
  • Microsoft .NET Framework 3.5 with SP1
Management Servers:
  • Windows Server 2008 R2 SP1
  • SQL Native Client
  • SQL Server 2008 Analysis Management Objects
  • SQL Server 2008 Analysis Data Objects
  • PowerShell 2.0
For the Self Service Portal:
  • SharePoint 2010 (Foundation or above)
  • .Net 4.0
  • Silverlight 4.0 (Client side)
  • IE 8 or 9 (Client side)
  • Firefox is not (presently) a supported browser for the Self Service Portal.
  • SQL Server 2008 Analysis Services

Installing/upgrading the Beta edition will provide a time limited 180 day version, even for fully licenced 2010 installs.  However, the ability to upgrade to RTM, and the non-time limited select version is expected to be possible.  The upgrade from Beta to RTM is NOT supported by Microsoft, other than for TAP customers so do NOT be upgrading your production systems with the 2012 beta, this is purely available for you to test in a lab environment.

One big change, is the fact that if you intend to monitor your service manager servers with Operations Manager 2012 then it's worth noting that it is only supported with agentless monitoring due to compatibility issues.  Check this link for more details on how to setup agentless monitoring:

System Center Orchestrator 2012 Release Candidate Available

Either I've been sleeping too much or this one didn't get an announcement.

There's been nothing on the Scorch blog or the Server and Cloud blog, but it's been released for a couple of days.  Even more disappointing is there was no mailshot to the CEP participants :(


The download can be found here:

The following features have been added/improved for the RC from Beta:
  • Install Experience
    • Improved prerequisite checks
    • Implementation of Customer Experience Improvement Program (CEIP), error reporting and interface with Microsoft Update
    • Allow user to log on as a service and select different service accounts for each service
    • Design Improvements( Error handling, port # for DB, increased logging, enabling log on as a service automatically)
    • UI Consistency between other System Center components
    • Time bomb(easy conversion from EVAL to licensed SKU)
  • •Security improvements
    • Encryption of DB connection
    • Encryption/decryption of passwords
  • Globalization
    • Unicode capable
    • Convert SSH to Unicode
  • Web service
    • Versioning
  • Orchestration Console
    • Browse events
    • View events
    • UI Updates
  • Bug fixes across all product features
I previously wrote a script that would automate the install of the Beta, but there is no guarantee that will work with the RC, but I will update it once I've installed it in my testlab.

Thursday 27 October 2011

System Center Configuration Manager 2012 Release Candidate now available

Great news, the Release Candidate for System Center Configuration Manager 2012 (SCCM) has been released.

You can download it from here:

A quick run down of some of the new RC features:
  • Improved endpoint protection functionality, with integrated setup, management and reporting for System Center 2012 Endpoint Protection.
  • Improved application catalog design that provides a better, more responsive experience when requesting and downloading applications.
  • New support for Windows Embedded devices, including Windows Embedded 7 SP1, POSReady 7, Windows 7 Think PC, and Windows Embedded Compact 7.
  • Improved client status checks for Configuration Manager services and features.
  • Improved compliance enforcement and tracking, with the ability to create dynamic collections of baseline compliance and the generation of hourly compliance summaries.
  • Platform support for deep mobile device management of Nokia Symbian Belle devices. Pending a platform update by Nokia later this calendar year for these devices, customers will be able to try out the management of these Nokia devices with ConfigMgr.
  • Additional scalability and performance improvements.
One of them points is interesting, the name change from ForeFront Endpoint Protection to System Center 2012 Endpoint Protection, showing the ever growing links between the System Center families and the fact that Endpoint Protection is now more than ever closer to the System Center stack and it's need for SCCM to manage it than a ForeFront product.

It's also worth noting that the installation of ForeFront sorry SC 2012 Endpoint is now integrated into the main SCCM setup.

Wednesday 19 October 2011

Updated Updated Server OS Base MP

I posted a couple of weeks back about an updated Server OS management pack that Microsoft released and how it contained some really good improvements, however it didn't go unnoticed that it also had some annoying bugs in it.

Well thanks to the efforts of the community and spearheaded by Marnix Wolf, Microsoft has listened and corrected them.

Kevin Holman has a post up that lists the fixes and can be sumariesed as:
  • Disabled BPA Rules by default.
  • Added appropriate SQL Stored Procedures credentials
  • Updated Knowledge for Logical Disks
  • Updated Overrides for Logical Disks
  • Fixed %Idle time sorting in the utilization report.

Compared to some management packs and the teams that look after them, like the Print Server MP, this is a brilliant example of Microsoft's commitment to SCOM and what can be achieved.

The new updated MP can be downloaded from here.

Sunday 2 October 2011

Updated Management Packs for SCOM

Well, it looks like my scepticism was uncalled for, as Microsoft have just released an updated Operations Manager MP for Configuration Manager.

The release announcement can be found here:

Changes in this release:
  • Consolidation Event Rules have been disabled to prevent the generation of false alerts.
  • Operating system architecture detection logic was updated to determine 64-bit operating systems.
  • You no longer have to run the SQL Server query to clean up the localizedtext tables as part of the post-installation cleanup
  • Scripts that target site database servers now retrieve time values directly from servers running instances of SQL Server instead of site servers to avoid time-zone discrepancies.
  • Site hierarchy discovery now succeeds even if a site or component server does not have a fully qualified domain name (FQDN) configured.
  • The AlertLevel property can now be overridden, giving you control over the severity level.
  • All monitors and rules are now public.
  • The "ConfigMgr 2007 Collection Evaluations Tasks" script has been updated to let you monitor a collection that has a NULL StartTime value.The "ConfigMgr 2007 Collection Evaluations Tasks" script now uses CollectionID instead of Collection Name to track collection tasks. 
Biggest change is the Consolidation Event Rules change as this should mean a much less noisy MP out of the box, also removing the need for Kevin Holman's SCCM noise reduction MP

It's also great that all monitors and rules are now public, allowing for greater control with overrides.

Although its not exactly a brand new revolutionary MP, its a start.
It does show two things however:
  1. Someone at Microsoft is taking note of feedback
  2. Some changes to MP standards may be on their way
MS have renamed the MP “System Center Monitoring Pack for Configuration Manager 2007 SP2 (Converted)”.   Maybe by adding the (Converted) tag to the end of the name we'll start to see a cleared definition between original reworked MOM 2005 MP's and native 2007 MP's.  This could hopefully give MS more of a push to replace these MP's rather than having "converted" labels scattered around.

Microsoft have also release an updated Base OS MP to version 6.0.6957.0.

Kevin Holman as always was on hand to write up an excellent post about it so I'm not going to re-invent the wheel, check out his post here:

Biggest changes to the base MP include:
  • Adds Cluster Shared Volume discovery and monitoring for free space and availability. This is critical for those Hyper-V clusters on Server 2008 R2.
  • Adds a new monitor to execute the Windows Best Practices Analyzer for different discovered installed Roles, and then generate alerts until these are resolved.
  • Changes to many built in rules/monitors, to reduce noise, database space and I/O, and increase a positive “out of the box” experience. Also added a few new monitors and rules.
  • Changes to the MP Views – removing some old stuff and adding some new
  • Addition of some new reports – way cool
The new reports look very cool:

Tuesday 27 September 2011

Configuration Manager Management Pack for Operations Manager

I've just had an e-mail from the connect site about a bug I raised for the SCCM MP for SCOM and the noise it generates in SCOM.

I posted about opening up connect to report about MP's here:

and the SCCM MP guide I posted here:

What was interesting was that my submission has been marked with "Fixed in new build".

Does this mean we're about to see a new release??? Fingers crossed!
Or is it the usual stock answer like, wait for the next version... coming, erm... sometime (never)

Thursday 15 September 2011

Agent Health Tips and Fixes for System Center Operations Manager 2007

Thanks to Marnix Wolf for this one as he's just pointed out a very important and useful article Microsoft have released regarding the health of SCOM agents and their operating systems in general, along with hotfixes to squeeze the best performance/stability out of them.

Wednesday 14 September 2011

Build Keynote 2011 - Windows 8

I've just finished watching the keynote and now I challenge you to watch the entire keynote and not think that the game is about to change.....

Lots of VERY cool new features, for example:
  • Anti-Virus out the box
  • Hyper-V on the desktop
  • Finally a multi-montior taskbar
and some (from a security and manageability stand point) that scare me for example:
  • LiveID & Syncing
  • Remote file access through firewall e.g. access work PC from home
I'll be installing the Dev Build ASAP (Files still aren't ready for download yet) and I'll take a dig into the underlying OS and post some findings.

However, I'm under no illusion that this is still Pre-Beta so subject to change and bugs.

*Update 14/09/11 * - Helps if I read the last slide of the keynote, the downloads were available as of 3am GMT.  I've downloaded them now and installation is under way. 
Another feature I forgot to mention that has been a long time coming, built in ISO & VHD mounting.

Tuesday 13 September 2011

Operations Manager (SCOM) 2012 Upgrade Planning

Since many organisations with SCOM 2007 will already be thinking about the upgrade to 2012 when it's released, now is a good enough time as any to start planning the migration.

To help with the migration, Microsoft have recently released some process flow diagrams to help with the migration.

These can be found here and do a really good job with laying out the processes that need to be thought about and should hopefully help with a smooth migration as they're very comprehensive.

Friday 9 September 2011

Private Cloud, make sure you choose right!

This is brilliant Microsoft advertising.
It's good to see that Microsoft have got a sense of humour, but the points it mentions are valid.

One thing in particular did catch my attention when the IT guy asks Tad if his solution would allow him to see deep inside his apps (1:30 min though).

Rather than Tads blank expression reply...

This is where System Center comes into its own and the upcoming 2012 wave will just blow the competition out of the water.

Imagine having your data centre built as a private cloud infrastructure using System Center as the pivotal part of the solution. When the IT guy then asks if the solution would allow him to find out performance problems, bottle necks and root causes the reply would be a resounding YES!

Virtual Machine Manager handles the virtualisation management piece of the solution, providing management of the "cloud" and dynamically assigning resources where and when required to ensure optimum performance. However, with Operations Manager sat within the environment gathering events and metrics constantly it would alert IT staff to potential problems, automatically raising Incidents directly within Service Manager. The necessary and relevant information is immediately at hand for the engineer to work on resolving the incident, coupled with Operation Managers ability to deeply dive into .Net applications to such a level as to even show which line of code is at fault
Once the root cause is identified using the information surfaced through Operation Manager (Events & Performance) and Service Manager (Configuration & Changes), then, if for example an update was required, the necessary Change Control would be raised in Service Manager to apply the update and once approved Orchestrator could pick up the change. Orchestrator could proceed to automate the remediation by talking across the infrastructure management products to take a backup of the system using Data Protection Manager, put the system into maintenance mode to suppress alerts in Operation Manager then create the necessary tasks with Configuration Manager to deploy the update to the system and finally check the success and report this information back into Service Manager for later review and analysis. 

Once service is restored and operating normally, it may be deemed that either during a known busy period or to support an advertising campaign for example, that the corporate web site will need extra resources to cope with demand.  A Change Request is raised within Service Manager and once approved Orchestrator can take on the responsibility of setting the wheels in motion for adding those resources for example by instructing Virtual Machine Manager to provision a new Virtual Server, Configuration Manager to deploy a new Operating System and any required software along with updates, settings and configuration.  Orchestrator would enable the bringing online of a new web server and adding it into a web farm as extra resources with little to no interaction of highly skilled technical resources.

This is all so easily possible due to the tight integration that is now present within the System Center product suite and is only going to continue to grow stronger with this next 2012 wave and beyond.
The tight integration allows for data about the infrastructure to flow across products, negating the need for duplication of effort or manual input.
The end net result is a very dynamic, private cloud infrastructure and much more efficient service delivery model.

This has several other benefits such as:
  • End users of the service gain improvements around time taken to respond to requests
  • Total Cost of Ownership is lower to support and maintain the environment
  • IT staff have more time to be proactive rather than constantly being reactive
  • High control of the environment can be achieved, helping with compliance (PCI, CoCo, Sarbanes Oxley)
  • Conversion of processes to automation helps with both workload reduction and better auditing of changes to the environment
  • Paves the way for Platform as a Service (PaaS)

One key thing to note, while I’ve mentioned various Microsoft products such as Data Protection Manager as the backup tool and Hyper-V as the virtual hypervisor, this doesn’t have to be the case

Microsoft have done a real good job of “growing up” these last couple of years and have finally embraced the fact that data centres are heterogeneous environments. So while I’ve mentioned the best products (sorry, couldn’t resist) you can still use the System Center tools like Virtual Machine manager to manage your VMWare or Citrix hypervisors and Operations Manager to monitor your Solaris and Unix servers while Orchestrator can use integration packs to work with other vendor systems such as BMC Remedey and HP Openview etc

Why is this worth mentioning? Because it means that to implement a private cloud and reap the benefits doesn’t require a complete rip and replace of your current infrastructure and the costs associated. You can introduce the tools, methodologies and principals behind the cloud now as you plan towards full implementation (Based on Hyper-V et al of course!)

Finally, as we start to move towards the release of the System Center 2012 wave of products, the dedication Microsoft has towards enabling businesses to implement private clouds and also link them with public clouds is very evident with new product features such as Virtual Machine Manager 2012's ability to provision storage and networking elements, Operation Manager 2012's increased Networking & Application Monitoring along with more Azure integration, Configuration Manager 2012's more user centric approach and it's support of "IT Consumerisation" and Service Manager 2012's expansion of ITIL/MOF process support with Service Requests and the further integration with Orchestrator to help with automation of processes all show Microsoft is serious about making this all a reality, and achievable for all, not just the biggest companies around with the most cash as these solutions scale both up and down.

This is only scratching the surface of what the System Center products can do, areas like reporting, SLA management, patching, baselines, tuning etc etc would make this post just too long to read.

Wednesday 7 September 2011

Service Manager 2010 (SCSM) Version Numbers

Just a quick post to help me remember what release numbers relate to which release level:

Version (numeric)Version (name)
7.0.5826.859RTM with CU1 applied
7.0.5826.881RTM with CU2 applied
7.0.5826.886RTM with CU3 applied
7.0.6555.101SP1 with CU1 applied
7.0.6555.115SP1 with CU2 applied

Monday 5 September 2011

Service Manager 2010 Unleashed

Finally, after a bit of messing around with the order, Amazon has finally delivered my copy of System Center Service Manager 2010.

Since I'm away with work for a couple of days, this should make some good hotel reading :)

I've had a quick scan through and so far it seems up to the same standard as the other System Center Unleashed books.  I'll try and write a review post once I've got a lot deeper into it, but I'll still recommend people check it out even at this early stage due to the people involved in writing it and their combined staggering amount of knowledge of the product.

Tuesday 30 August 2011

Network Devices Supported in SCOM 2012

Jonathan Almquist has posted on his blog about the network devices supported in SCOM 2012.

I'm not going to replicate the really long device list table, but it's looking very comprehensive and should only grow by RTM.

A spreadsheet of the devices with more details can be found at the link below and details things like the OID of the device and if memory and processor monitoring is available.

Thursday 18 August 2011

Service Manager - Backup Unsealed MP's

I've had a solution for backing up SCSM unsealed management packs on the TechNet Gallery for a while now, but I thought I'd mention quickly that I've just updated it.

No new functionality, but Sam Erskine (Service Manager Guru) has very kindly given me his documentation for the installation of the management pack so I've updated the zip file with it.

Sam's blog can be found here and the download here

Duplicate Records when you use Unknown Computer Support along with AD Delta Discovery

I've run into this scenario a couple of times after enabling Delta Discovery and have got into the habit of doing a manual sweep for duplicate records, or extending the Delta Discovery period, but that kind of defeats much of the reason for it.

Basically, if you have Delta Discovery enabled and then image a new device using unknown computer support SCCM creates a record for the new device, but then if Delta Discovery runs before the Task Sequence installs the Client Agent and after the OS has been joined to the domain, 2 records will be created within SCCM.  The problems start though when SCCM can't link/merge the two together and won't age either of the out of the database either.

Two choices are then left for you.
  1. Manually sweep for duplicate records and delete the one that shows no client installed.
  2. Setup a status filter rule that will run a script to automatically delete the record.
Thanks to the TechNet article posted by Minfang Lv, this is now relatively simple to do, with the scripts and instructions supplied.

As always, test before putting straight into production.

Wednesday 17 August 2011

Anti-Virus exclusion list for Microsoft Products

While trawling the blogs today I noticed this useful page mentioned by quite a few:

It's a Technet Wiki article that aims to condense all the AV exclusions you might want to configure for Windows Server when different products are installed (SQL, AD, IIS, etc).

There's also some references to general Windows exclusions also.

Service Manager 2010 hasn't made it onto the list yet, so I'll point you to the NN4 Consultants blog for that one:

Tuesday 9 August 2011

Microsoft Exec's... They're just normal people....

**Update 11/08/2011**  - Looks like someone didn't like this video being up, as it's now been removed.  Sorry!

Had to share this...

MGXFY12 Kurt D Comedy Video from Buttercuts Editorial on Vimeo.

Sad thing is, for those that know me, they could probably see me right at home in the car with them /shame

Thursday 4 August 2011

Microsoft BitLocker Administration and Monitoring (MBAM)

On the 1st of August, Microsoft officially released the MDOP 2011 R2 suite.

As well as the usual App-V, Med-V DaRT etc updates this R2 release also sees MBAM join the suite.

For those of you unfamiliar with MBAM, it builds on BitLocker Drive Encryption by offering an enterprise solution for provisioning, monitoring, and supporting BitLocker.

By using MBAM, you can centrally provision BitLocker and enforce BitLocker policies across the organization.
Provisioning BitLocker by using MBAM is a two-step process:
  1. Deploy the MBAM client to each computer (SCCM would be the preferred option here)
  2. Configure policy settings that MBAM enforces.
The client enforces MBAM policy settings, stores recovery key data in an encrypted MBAM database, and reports its compliance status to MBAM.
In addition to walking the user through the encryption process, it can also prompt the user for a PIN, if required, addressing an aspect of BitLocker deployment that has challenged IT.
The most obvious way MBAM can simplify BitLocker support is by streamlining drive recovery for the Service Desk.  The picture below shows the Drive Recovery webpage in MBAM. If a user calls the Service Desk because they are in BitLocker recovery mode, the Service Desk doesn’t look up the drive’s recovery key in AD DS. Instead, the Service Desk uses MBAM to quickly look up the recovery key based on its ID.
MBAM also introduces single-use recovery keys. When the Service Desk retrieves and uses a recovery key, the MBAM client automatically generates a new recovery key for the computer. The original recovery key can’t be used again to recover the computer’s hard drive.
This is vitally important as users are known for jotting down things like the recovery key and keepin it near their device in-case they ever need it again. The hard drive might as well be unencrypted.
Single-use recovery keys help prevent unauthorized users from gaining access to the hard drive even if they get access to a previously used recovery key.
While MBAM does a great job of helping you provision BitLocker, one of the areas it shines the most in is compliance reporting. The reports it includes can help you quickly determine the status of the entire organization or a single computer. They can also help you monitor access to the MBAM databases.
Imagine that a user loses their laptop computer, and it contains confidential data. With MBAM, you can quickly look up the computer to determine whether it was compliant with BitLocker policy. You will know immediately whether the loss represents any risk.
MBAM provides the following reports in the MBAM management console:
  • Enterprise Compliance Report. This report can tell you at a glance the BitLocker compliance status of your entire organization. 
  • Computer Compliance Report. This report indicates whether a specific computer or a specific user’s computers are compliant with BitLocker policy.
  • Recovery Audit Report. This report indicates who has accessed recovery key information, successfully or not.
  • Hardware Audit Report. This report indicates who has changed the hardware compatibility list and when the MBAM client discovers new hardware. When you enable hardware compatibility checking, the MBAM client uses the hardware compatibility list to determine whether each computer model supports BitLocker.

Two useful videos to watch on MBAM:

SCOM 2007 R2 Cumulative Update 5 (CU5)

Now that the KB Article for CU5 is live we can now see exactly what's included in CU5:

Cumulative Update 5 for Operations Manager 2007 R2 resolves the following issues:
  • Restart of non-Operations Manager services when the agent is updated.
  • Updated ACS reports.
  • TCP Port Probe incorrectly reports negative ping latency.
  • MissingEvent Manual Reset Monitor does not work as expected.
  • Drillthrough fails because of rsParameterTypeMismatch in the EnterpriseManagementChartControl.
  • ACS - Event log message is truncated or corrupted in SCDW.
  • UI hang caused by SDK locking.
  • ACS Filter fails for certain wildcard queries.
  • Edit Schedule button is disabled with SQL 2008 R2.
  • Web console times out when you open the left navigation tree.
  • Scheduled Reports view for Windows Server 2003 and for Microsoft SQL Server 2005 Reporting Services SP3 CU9 returns "System.IndexOutOfRangeException: Index was outside the bounds of the array."
  • Signed MPs cannot be imported when new attributes are added to existing classes.

Cross Platform Cumulative Update 5 for Operations Manager 2007 R2 resolves the following issues:
  • Performance data for LVM managed partitions is not available.
  • Process monitor does not keep name if run by using symbolic link.
  • AIX with large number of processes crashes with bad alloc.

Cross Platform Cumulative Update 5 for Operations Manager 2007 R2 adds the following feature:
  • Support for Red Hat 6

Note The new agent for Red Hat 6 is included in Cumulative Update 5. You can download the management pack for Red Hat 6 by visiting the following Microsoft website:
I'm a strong believer in not re-inventing the wheel, so rather than do a step by step guide on the install myself, I'll just recommend you check out Kevin Holman's post:

Wednesday 3 August 2011

Ramp up the Test Lab - SCOM 2007 R2 CU5 is here!

Cumulative Update 5 (CU#5) for SCOM R2 is now available for download from here:

The Knowledge base article for the update (KB2495674) isn't presently live, but the download page does note that there are a number of manual steps are required to install, so this will definately need the guide reading in full.

With that being said, get it downloaded and the test lab ramped up ready, but wait for the full details before attempting an install!

**Edit 04/08/2011 - KB Article is now live **

Thursday 28 July 2011

Orchestrator Runbook Design, Planning and Validation

Anders Bengtsson has done it again and written another stunning blog post about validating your runbook designs.

This ties in nicely with a discussion that I was having with a customer yesterday where I was stealing a comment made at the Best of MMS 2011 UK event where Adam Hall (I'm sure it was Adam, if not I apologise to whoever it was) coined a phrase about a day of design roughly equates to an hour in the runbook designer.

The point I was trying to get across to the customer is that while setting up SCORCH (or to some extent Opalis) is relatively simple and you can dive into the console and knock up runbooks very quickly too, it's very important to take that step back, map out your process first fully, exploring all angles, then create the runbook from this plan, and then like Anders says, build it out with resilience, checking and logging.

Back to the initial point...

Anders now has a trilogy of posts that I would really recommend reading, even if you feel really confident creating runbooks, I'd bet you don't use half the methods fully like Anders recommends.

Post 1: Fault Tolerance in Runbooks
Post 2: Building a log for Runbooks
Post 3: Validate your Runbook Design (He also includes a runbook which automates some checking!)

Thursday 21 July 2011

Simple Orchestrator Runbook to move software to a Definitive Media Library (DML)

While trying to think of an example that I could use to create a runbook in SCORCH using only the standard activities I remembered a situation in my previous role where the Service Desk were responsible for gathering the software and documentation required for calls from users to upgrade systems/install new software.

Because we used the Microsoft Deployment Toolkit 2010 and specifically the Applications part of the deployment share as our Definitive Media Library (DML) it was a multi stepped approach to gathering the software from the users, assessing it and then moving it into a structured area via the MDT console.

So I started to knock together an example runbook to help with this process.

Originally I wanted to utilise the PowerShell functionality in MDT, but ran into an issue as Orchestrator uses the 32-bit powershell but being a 64-bit only OS (2008 R2) meant I couldn't install the MDT PowerShell snap-ins to work with the 32-bit PS.

So I went for a more basic runbook that monitors for a definition file (text file with a specific name and specific content) which would then kick off the process of moving and structuring the files in a DML.

Watch the video for the runbook in action:

While this is a very simplistic runbook, it shows the processes of reusing the data on the databus.

I'm limited in my testlab with what I can do for demonstration purposes, but as an example of how this could be enhanced, you could add a SQL query rather than monitoring for a file to query a service desk application for a new Service Request or Change Control being raised of a certain category and take the information from that call using the SQL query and use that in the runbook instead of a text file.

Exported runbook:

Wednesday 20 July 2011

Operations Manager (SCOM) 2012 Beta now available

Microsoft released the first public beta of Operations Manager 2012 yesterday.

Main Beta page is here:

Downloads are here:

It's a bit strange that a public beta has just been released, especially since the CEP hasn't yet started, but I won't complain too much as that now completes my System Center 2012 test lab :)

Main new areas in the 2012 beta (taken from the TechNet Beta docs):

  • Setup

    Operations Manager 2012 has a new Setup wizard. For important instructions about how to install Operations Manager 2012, see Install Operations Manager 2012 Beta.

  • Upgrading to Operations Manager 2012

    Operations Manager 2012 provides an upgrade wizard to help you upgrade your System Center Operations Manager 2007 R2 environment to Operations Manager 2012. For more information, see Upgrading to Operations Manager 2012.

  • Removal of root management server

    In Operations Manager 2012, all management servers are peers; there is no root management server. The workload is split among all management servers in a management group, which provides high availability without requiring a cluster.

  • Resource pools

    A resource pool provides the ability to distribute workloads across multiple management servers, such as availability, network device monitoring, distributed monitor health rollup, and group calculation.

  • Agent Configuration

    Operations Manager 2012 provides an easy method for configuring agents to report to multiple management servers by adding an Operations Manager Agent application to Control Panel on each agent-managed Windows-based computer.

  • Operations Console

    You will notice some subtle changes to the Operations console. The Actions pane is now the Tasks pane, and includes a new section called Navigation Tasks that makes it easy for you to open views for a selected object. The Tasks pane offers two tabs: one for actions and one for resources and Help links. The Navigation and Tasks panes can be minimized or expanded instantly by clicking the arrow in the title bar of the pane.

  • Web console

    Operations Manager 2012 introduces a new web console. In Operations Manager 2012, all Operations Manager views are available in the web console.

  • Network monitoring

    Operations Manager 2012 provides the ability to discover and monitor network routers and switches, including the network interfaces and ports on those devices and the virtual LAN (VLAN) that they participate in. You can also delete discovered network devices and prevent the deleted network devices from being rediscovered the next time discovery runs. For more information, see Monitor Network Devices.

  • Application monitoring

    In Operations Manager 2012, you can monitor ASP.NET applications and web services from server- and client-side perspectives to get details about application availability and performance that can help you pinpoint solutions. Allowing you to specify settings, the types of events to collect, the performance goals to measure, and which servers to monitor, Operations Manager 2012 application monitoring provides insight into how web-based applications are running. You can see how frequently a problem is occurring, how a server was performing when a problem occurred, and the chain of events related to the slow request or method that is unreliable. This is the information needed to partner with software developers and database administrators to help ensure that application availability and performance are at optimal levels. For more information, see Monitor an ASP.NET Application.

  • Dashboard views

    Operations Manager 2012 includes new comprehensive dashboard views that combine multiple panels of information into a single view. In Operations Manager 2012, you can add the new dashboard views to My Workspace and the Monitoring workspace.

  • Display dashboard views using SharePoint

    The Operations Manager web part displays specified dashboard views and can be added to Microsoft SharePoint 2010 sites. For more information, see Add a Dashboard View to a SharePoint Site.

  • Creating dashboard views

    Dashboard views have been significantly upgraded in Operations Manager 2012 from their capabilities in Operations Manager 2007 R2, including custom layouts and nested dashboard views. For more information, see Create a Dashboard View.

  • Operations Manager Module for Windows PowerShell

    Operations Manager 2012 provides a Windows PowerShell 2.0 module containing a full set of new cmdlets. The cmdlets in this module are only compatible with Operations Manager 2012. You can recognize the Operations Manager 2012 cmdlets by the "SC" preceding the noun. For additional information about the Operations Manager 2012 cmdlets, open the Operations Manager command shell and type Get-Help about_OpsMgr_WhatsNew. For information about how the Operations Manager 2007 cmdlets map to the Operations Manager 2012 cmdlets, type Get-Help about_OpsMgr_Cmdlet_Names.

    To use the Operations Manager 2012 cmdlets, you must establish a connection to an Operations Manager management group. You can establish either a persistent connection in which you can run multiple cmdlets, or a temporary connection when running a single cmdlet. For more information about connections, open the Operations Manager Shell and type Get-Help about_OpsMgr_Connections.

  • UNIX- and Linux-based computers

    In Operations Manager 2012, you can perform privileged operations on UNIX-based and Linux-based computers using unprivileged Run As accounts by combining with “sudo” elevation on the target UNIX-based and Linux-based computers. This capability avoids the need for UNIX or Linux root passwords to be known on the management server, and keeps the privilege control entirely within the domain of the UNIX or Linux administrator. Operations Manager 2012 also includes new Windows PowerShell cmdlets for performing agent maintenance functions on UNIX-based and Linux-based computers, allowing for scripting and background operations. In addition, the resource pool feature supports computers running UNIX and Linux. If a management server fails, another management server in the resource pool can take over the monitoring, providing high availability.