» Publishers, Monetize your RSS feeds with FeedShow: More infos (Show/Hide Ads)
Richard Pesenko, Microsoft Senior Support Escalation Engineer on our Operations Manager support team, has a new video out that walks you all through visualizing alert data in OpsMgr 2012. It’s only 10 minutes long so it’s a great way to quickly become more efficient in how you handle your alerts.
J.C. Hornbeck | Knowledge Engineer | Microsoft GBS Management and Security Division
Get the latest System Center news on Facebook and Twitter:
System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
Arun Kumar | Senior Support Engineer
When viewing the Local Resolution Time monitor in the DNS Management Pack for Operations Manager, you may notice that the response time reported does not reflect your own real world results. For example, I recently worked with a customer where the Local Resolution Time view under Performance showed around 12 seconds as the response time for the DNS servers even though the response times actually observed were almost instantaneous.
In the above screen shot you can see the response time was shown to be around 12 seconds except for a little portion at the end where is it showed a response time of essentially 0. However, when we run nslookup and resolve a name, the DNS server in question would respond immediately to all queries. So where are we getting this 12 seconds response time from? Let me give you a little background on how this works and later I will talk about the cause of this behavior.
Collect local resolution time is the rule that collects this information from the DNS servers and by default this rule runs once every 15 minutes. There isn’t much detail concerning how exactly it’s trying to get the data in the rule itself but if you go through the DNS management pack guide it mentions the scripts that are used. The script that is used for this rule is Nslookupalltest.js.
To see how this script is used, I took diagnostic tracing (see KB942864 - How to use diagnostic tracing in System Center Operations Manager 2007 and in System Center Essentials) and went through the TracingGuidsScript.log file that was created. By doing so we found that the script was being run with the following parameters:
cscript.exe with command line '"C:\Windows\system32\cscript.exe" /nologo "NslookupAllTests.js" "dc1.contoso.com" "192.168.100.101,fe80::1452:6556:3ba0:6465" "a" "false" "none" "360" "2" "false"
I then ran the same command manually on the DNS server in question and found the following information:
<DataItem type="System.PropertyBagData" time="2013-04-29T11:47:11.5453960-04:00" sourceHealthServiceId="2BF76ID7-7810-89E7-59D5-000EAT0C66FF">
< Property Name="SuccessCount" VariantType="3">2</Property>
< Property Name="NonAuthoritativeCount" VariantType="3">2</Property>
< Property Name="FailureCount" VariantType="3">0</Property>
< Property Name="BestHost" VariantType="8">dc1.contoso.com</Property>
< Property Name="BestServer" VariantType="8">192.168.100.101</Property >> Here we query the IPv4 address of the DNS
< Property Name="BestTime" VariantType="5">0.125</Property >> Notice that the best time discovered is 0.125 seconds
< Property Name="WorstHost" VariantType="8">dc1.contoso.com</Property>
< Property Name="WorstServer" VariantType="8">fe80::1452:6556:3ba0:6465</Property >> Now we query the IPv 6 address
< Property Name="WorstTime" VariantType="5">11.715</Property >> Notice here that the time discovered is 11.715 seconds
< Property Name="FailingPairs" VariantType="8"></Property></DataItem>
So the issue appears to be only when we are trying to resolve the name using the IPv6 address of the DNS server. So what is the delay when the name is resolved via the IPv6 address?
What happens is that the script queried for both the A record and the PTR record for the give name (e.g. dc1.contoso.com). This also goes through DNS client side devolution before the actual name is resolved. So when the A record and the PTR record of dc1.contoso.com is queried using the IPv4 address of the DNS server, we get a successful response for both the queries because the DNS server is configured with the respective forward and reverse lookup zones and both the zones have the necessary records.
On the contrary, when the script queried for the A and PTR records for the name dc1.contoso.com against the IPv6 address of the DNS server, the server was able to find the A record but was not able to find the IPv6 PTR record for the same because a reverse lookup zone had not been configured. Since the use of IPv6 is not very widespread yet, having no IPv6 reverse lookup zone is not uncommon.
And if you are wondering how the script knows to append the IPv6 address of the server in the command, go to the Server State view in the DNS management pack and select the server in question and see the detail view as shown in the dialog below. You should be able to see the listening IP addresses of the DNS server, and if you see the IPv6 address there then it will be used.
So how do we fix this so that our graph shows accurate response time? There are two ways of getting around this situation.
1. Configure the DNS service so that it listens only on the IPv4 address. To do this select “Only the following IP addresses:” in the dialog above and choose only the IPv4 address from the list.
Note that disabling IPv6 at the OS level is not recommended as there is no way for us to predict how this may effect your environment. Also, if IPv6 is disabled on Windows Vista, Windows Server 2008 and later versions, some components will not function as expected. See Support for IPv6 in Windows Server 2008 R2 and Windows 7 for more information.
2. The preferred fix for this is to create a reverse lookup zone as well as the associated PTR records on the DNS.
One last note: You can run into the same issue If you don’t have a reverse look up zone for the IPv4 address of the DNS server as well. This is not isolated to IPv6 but rather is a function of the lack of a proper reverse lookup zone on the DNS.
Arun Kumar | Senior Support Engineer | Microsoft GBS Management and Security Division
Get the latest System Center news on Facebook and Twitter:
System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
We are excited to announce that the Exchange team has released the Exchange 2013 Management Pack. You can find the Management Pack here and the guide here. The guide walks through the details of deploying, configuring and using the Management Pack.
In this blog, I am focusing on describing the benefits of the Management Pack, as well as some of the internals of how it works, and how it is different from previous Exchange Management Packs.
My target audience for the blog post is the Operations Manager administrator.
Management Pack Scope and Benefits
The Exchange team takes monitoring seriously, and they have created a pretty comprehensive Management Pack in terms of monitoring coverage, with the primary focus being MTTR, i.e. reduced downtime for your Exchange environment.
The Management Pack contains about 75 monitors that cover Exchange component health (such as Hub Transport health), customer touch point health (such as “is OWA working”), clustered scenarios, as well as dependencies monitoring (“is Active Directory healthy”). Monitoring covers primarily availability and performance scenarios.
With this Management Pack, the Exchange team is sharing knowledge and experience from managing the Office 365 environment, with its extreme demands on availability and performance. This means a lot has been done for you already, i.e. the relevance of alerts is high. Basically Exchange developers get notified 24x7 on this same set of monitors, and (similar to you) they are not interested in being awakened in the middle of the night for some irrelevant or non-actionable alerts.
The Exchange team is also sharing knowledge online for the monitors, so each monitor has a link to online knowledge.
The Exchange 2013 product comes with monitoring “built in”, more on that below. This means that Exchange itself has means to detect and try to automatically recover from availability and performance issues, before an operator is notified. This means reduced alert noise, as well as reduced administrative overhead for the Exchange product itself. In concrete terms, an Exchange server may detect an issue, then try for some time to fix it automatically. Only after the automatic recovery attempts have failed is the operator notified via an alert.
What’s in the Management Pack?
The Management Pack is very simple. It contains a handful of classes, 3 views, and about 75 monitors described here. There are also some dependency monitors.
All the monitors are simple event-based monitors using events in the Microsoft-Exchange-ManagedAvailability/Monitoring event log, logged by each Exchange server. So, each Exchange server is responsible for monitoring itself and its health.
In terms of scalability, this means this Management Pack will have a low impact to your Operations Manager environment. You will not require a separate Management Group for this MP for scalability purposes.
Wait, where are the monitors?
If you look at the Management Pack in some tool like MP Viewer, as I am sure some of you will, you will discover that there are not 75 monitors in the Management Pack. This is because the Management Pack has logic to dynamically determine the set of monitors by communicating with the built-in monitoring features of Exchange. More on that below. The way to see the monitors is by installing the Management Pack in an Operations Manager environment with monitored Exchange servers and using Health Explorer (you can also see them listed in the Management Pack Guide).
What’s not in the Management Pack?
If you are familiar with the Exchange 2010 Management Pack, you know that it had a service called the correlation engine that ran on the Root Management Server. It basically correlated health data from all monitored Exchange components. In the Exchange 2013 Management Pack, the correlation engine is no longer used. Each monitored Exchange server is responsible for monitoring its own health, and simply reports this via the Operations Manager agent. There is a little bit of roll-up going on, from Exchange server to Organization health. There are no special components running on the Operations Manager Management Servers.
The Exchange 2010 Management Pack had tens of classes, leading to a pretty complex health model and many object instances being created. The Exchange 2013 Management Pack is very simple. It has only a few classes and should have a very low impact on Operations Manager in terms of instance space.
There are no performance counters collected by this Management Pack (as mentioned above, the monitoring does cover performance scenarios). However, all Exchange PerfMon counters are still available. It should be simple to create your own performance collection rules, if you do require them.
This means that by default there is way less pressure on the Management Group compared to the Exchange 2010 Management Pack, since there are no performance counters to store. But, what about reporting? There are also no reports in this Management Pack. The primary focus of this version of the Management Pack is reduced MTTR. However, you can use some of the built-in Operations Manager reports (such as the Health report) to track organization availability, or define SLAs against the Organization. Exchange is also looking for your feedback on this topic, feel free to comment on this post and I will pass that information along.
How does the Management Pack work?
Exchange 2013 has a built in monitoring engine called Managed Availability. It runs on every Exchange server. It contains logic for how to determine Exchange health. It detects issues, automatically performs recoveries (Exchange calls these “responders”) and ultimately notifies operators of issues, if the recoveries were not successful. The purpose of this of course, is high availability. Managed Availability is explained in more detail here.
Notification/Alerting to Operations Manager is handled via events, so the Management Pack has a set of simple event monitors that trigger based on these events. Events are logged to the Microsoft-Exchange-ManagedAvailability/Monitoring event log.
As an Operations Manager admin, how should I work with this Management Pack?
First of all, this Management Pack should be simple to implement from an Operations Manager perspective. There are no special components to install on Management Servers, you do not need to worry about the impact to the Management Group in terms of database size, instance space, Management Server workload etc. You should be fine just importing this MP into your existing environment also for large Exchange deployments (as usual, we do recommend gradual deployment just in case). The Management Pack Guide includes a chapter on deployment, as usual you will need to enable Agent Proxy when you install the Operations Manager agents on Exchange 2013 servers.
Also, the Exchange team has been using the same monitoring logic in the Office365 environment. Normally, few changes to the Management Pack should be required.
However, if you should require some adjustments to the Management Pack, you will need to work together with your Exchange administrators.
If you want to disable some monitor, you can just create an override in Operations Manager as usual. This is straightforward.
If you want to change a threshold for some monitor, this is done in the Exchange Managed Availability engine via PowerShell cmdlets. This does not involve Operations Manager at all. The Exchange Management Pack Guide walks through this scenario in some detail here. Since this kind of override is a modification of Exchange behavior, this kind of override is most commonly done by the Exchange administrator.
Also, Exchange Cumulative Updates may contain new or updated monitoring logic. These should be reviewed together with your Exchange administrators to determine the impact of that updated logic.
In terms of interoperability, this Management Pack does not upgrade the Exchange 2010 Management Pack, this is a completely new MP. It is possible to run these Management Packs side-by-side as you upgrade your Exchange environment from 2010 to 2013.
What’s the update mechanism for this Management Pack?
The Managed Availability feature is built in to Exchange 2013. It contains the logic for how to detect issues and how to recover from them. The results of that is then reported to the event log for Operations Manager to pick up via event monitors. This means that updates in terms of Managed Availability monitors are shipped with Exchange Cumulative Updates.
As mentioned previously, the Exchange 2013 Management Pack has functionality to automatically detect these changes, so typically no Management Pack update is required.
Questions?
Let me know if you have any questions, I will answer the ones I know about and pass other questions back to the Exchange team.
Vasanth Kumar | Support Engineer
Hey there again! This is Vasanth from the Operations Manager team and today I have a quick tip for you all that I found while working on a recent issue.
When using Systems Center Operations Manager (any version of OpsMgr 2007 or OpsMgr 2012), if you configure Notification Recipients (so called up to OpsMgr 2007 SP1) or Subscribers (as called in OpsMgr 2007 R2 and OpsMgr 2012) with the option of "Only send notification during the specified times" and you configure it with only an exclude range (like "Except from" with a time range of, say 1:00am to 7:00am for example), email notifications fail altogether.
In the Operations Manager event log you will also see the event below:
Log Name: Operations Manager
Source: Health Service Modules
Date: <date> <time>
Event ID: 31501
Task Category: Notification
Level: Warning
Keywords: Classic
User: N/A
Computer: <RMS Server Name>
Description:
No primary recipients were specified for the notification or all recipients are unavailable according to the schedules. Notification will not be sent
One or more workflows were affected by this.
Workflow name: Subscription431bd31a_37fc_4375_9cd7_29bb8a11c600
Instance name: Alert Notification Subscription Server
Instance ID: {E07E3FAB-53BC-BC14-1634-5A6E949F9230}
Management group: <Mgmt Group Name>
So what’s going on? Since we configured it to send only during specified times and then only included an excluded range, the system does not recognize any valid time that emails can be sent so it never sends any.
So to keep this from happening, or to fix it if you’ve already found yourself in this situation, you need to configure the Recipient or Subscriber first with an included time range, then configure your excluded time range.
For example, first configure you include Range like Date | Range = Always | Time Range = All Day | Weekdays = Week days. then once you have that, configure your Exclude Range like Data Range = Always | Time Range = Excluding 1:00am to 7:00am | Weekdays = Week Days. The screen shot below shows this configuration.
I hope this helps!
Vasanth Kumar | Support Engineer | Microsoft GBS Management and Security Division
Get the latest System Center news on Facebook and Twitter:
System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/
App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
Just wanted to let you know about a new Knowledge Base article we published today, This one talks about an issue where System Center Operations Manager 2007 R2 agent computers that utilize NIC teaming may not be discovered and log the following errors:
Log Name: Operations Manager
Source: Health Service Script
Date: <date>
Event ID: 4001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: <computerName>
Description: Microsoft.Windows.Server.NetwokAdapter.BandwidthUsed.ModuleType.vbs : The class name 'Win32_PerfFormattedData_Tcpip_NetworkInterface Where Name ='VLAN100:HP Network Team _1'' did not return any valid instances. Please check to see if this is a valid WMI class name.. Invalid class
=====
The process started at 09:44:43 failed to create System.PropertyBagData, no errors detected in the output. The process exited with 0
Command executed: "C:\Windows\system32\cscript.exe" /nologo "Microsoft.Windows.Server.NetwokAdapter.BandwidthUsed.ModuleType.vbs"
Working Directory: C:\Program Files\System Center Operations Manager 2007\Health Service State\Monitoring Host Temporary Files 23\\
One or more workflows were affected by this.
Workflow name: Microsoft.Windows.Server.2008.NetworkAdapter.PercentBandwidthUsedTotal.Collection
Instance name: Local Area Connection
Instance ID: {}
You can find the complete article and get all the details here:
KB2847767 - Operations Manager agents with teamed network adapters fail to be discovered and monitored (http://support.microsoft.com/kb/2847767)
J.C. Hornbeck | Knowledge Engineer | Microsoft GBS Management and Security Division
Get the latest System Center news on Facebook and Twitter:
System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
Solution – The AWS Management Pack for Operations Manager
Whether they are on-premises or in the AWS cloud, this SCOM Management Pack (MP) allows organizations running their Microsoft-based workloads at AWS to monitor their AWS resources directly in the Operations Manager console, essentially from a “single pane of glass”. This project was driven by demand from the Microsoft EPG sales field and most importantly joint AWS and Microsoft very large enterprise customers. These companies were also our key beta customers for the AWS Management Pack. We enlisted the fantastic development team at VIAcode, a key SI partner to develop the MP for AWS.
A couple of things make this Management Pack unique. First, it is the first MP of its kind to be able to separate the computer (Operating System) from the AWS Instance (Virtual Machine). Secondly, this creates a logical monitoring and reporting mechanism that can intelligently identify where a problem or error state exists, either in the AWS cloud or the server OS/application running within AWS.
What does the Management Pack do?
Microsoft customers who have existing Microsoft and Linux based workloads can view and monitor their on-premises and AWS resources together in a SCOM management console. The management pack can monitor EC2 instances (Windows and Linux), Elastic Block Store (EBS) volumes, Elastic Load Balancing, CloudFormation stacks, Auto Scaling groups, and Elastic Beanstalk applications. Through a public .NET API at AWS and the SCOM “Watcher Node,” the MP can reach into the AWS infrastructure and capture AWS “CloudWatch” metrics to gain insight into the health of the managed AWS resource.
Why did Microsoft engage in this joint development project with AWS?
This Management Pack (MP) for AWS is not simply a product release for AWS. Rather, it also provides the proof that System Center can extend the rich monitoring, alerting and reporting foundation to manage any application, from any location in any cloud. This “proof point” can enable other opportunities for development and deployment scenarios (provisioning, orchestration, management) for System Center at other Service Provider clouds.
Check out Amazon’s blog post about this on their blog.
Our Corporate Vice President Brad Anderson recently started blogging on TechNet. He covers various topics such as Private Cloud and Product Features released in Windows Server and the System Center suite of products.
His most recent blog post talks about the value the OpsMgr 2012 SP1 Dashboards bring to customers. He also has a plug from our customer T.Rowe Price on how they are leveraging the OpsMgr 2012 Dashboarding capabilities.
Definitely worth a read and something to share with our customers and the rest of the community.
Link to the article: http://blogs.technet.com/b/in_the_cloud/archive/2013/05/02/data-visualization-for-it-system-center-ops-manager-dashboards.aspx
- Satya Vel
Satish Phatge | Senior Support Engineer
Here’s a quick tip that might help you out when upgrading to System Center 2012 Operations Manager (OpsMgr 2012) Service Pack 1 (SP1).
When performing an upgrade to OpsMgr 2012 SP1, the upgrade process fails with the following error:
Failed to set DW upgrade scenario: Threw Exception.Type: System.Data.SqlClient.SqlException, Exception Error Code: 0x80131904, Exception.Message: Cannot open database "OperationsManagerDW" requested by the login. The login failed.
This can occur if there is an invalid Data Warehouse server name or SRS database instance name in the registry on the Management Server.
To resolve this, verify that the correct Data Warehouse server name and SRS database instance name exist in the registry on the Management Server:
Data Warehouse server name:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Setup\DatawarehouseDBServerName
NOTE: This is a DWORD value and is the NetBIOS name or FQDN of the server.
SRS database instance name:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Reporting\SRSInstance
NOTE: The default SQL instance name is MSSQLSERVER but may be different in your environment if using a named instance.
Once this is done try the upgrade again. If this was our issue then the upgrade should complete as expected.
Satish Phatge | Senior Support Engineer | Microsoft GBS Management and Security Division
Get the latest System Center news on Facebook and Twitter:
System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
Just a reminder that we rescheduled the Windows Server/System Center MVP Speaker Series session on Using Visual Studio Authoring Extensions to tomorrow at 8:00 Pacific time. Please join us for this 300 level session where MVP David Allen will wow us with his authoring skills using the Visual Studio Authoring Extensions (VSAE).
You can find the meeting invite for this particular meeting or any of the other meetings in the speaker series on our SkyDrive.
See you tomorrow!
A new set of language packs for the management pack for Windows Server Active Directory Certificate Services (AD CS) has been released.
Overview
This management pack provides an early warning to administrators on issues that could affect services so that administrators can investigate and take corrective action, if necessary. The management pack helps to simplify the administrative environment by providing a single console for the administrator to perform a number of useful management tasks. To help troubleshoot common issues, the management pack contains helpful product knowledge and a way to extend this knowledge through adding your own company or organization knowledge related to an issue. This management pack provides an early warning to administrators on issues that could affect services so that administrators can investigate and take corrective action, if necessary. The management pack helps to simplify the administrative environment by providing a single console for the administrator to perform a number of useful management tasks. To help troubleshoot common issues, the management pack contains helpful product knowledge and a way to extend this knowledge through adding your own company or organization knowledge related to an issue.
Feature Summary
The System Center Monitoring Pack for Active Directory Certificate Services provides monitoring for the following core areas and scenarios:
- CA service status checking.
- Event monitors.
http://www.microsoft.com/en-us/download/details.aspx?id=34765
We just published a new KB article that discusses fixes and updates recommended for Microsoft System Center 2012 Operations Manager Agent computers. You can find the complete article and get all the details here:
KB2843219 - System Center 2012 Operations Manager: Recommended Agent OS Fixes and Updates (http://support.microsoft.com/kb/2843219)
J.C. Hornbeck | Knowledge Engineer | Microsoft GBS Management and Security Division
Get the latest System Center news on Facebook and Twitter:
System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
This is a post that I just put up on the System Center blog, but I also wanted to post it here for better visibility because one of the topics this week is on using Operations Manager to provide data for CIO scorecards. This session will be presented by Gordon McKenna, who I’m sure many of you know from the many conferences that he has presented at.
========================
We are launching a new Windows Server/System Center MVP Speaker Series this week! This continuing education series of presentations will be delivered by some of our MVPs on various topics around Window Server and System Center. The content will be deep dive, advanced, and very technical. The MVPs are some of the most knowledgeable people about the products in the world, especially when it comes to real world experience and practical application.
Anyone can attend because all of the meetings will be presented over Lync. The meetings will also be recorded and made available afterwards for on demand viewing.
This week we will have two sessions and we’ll normally have one per week. The two sessions coming up this week are:
- Automating Hyper-V Administration with PowerShell (Tuesday at 8:00 AM Pacific time)
- Keeping your CIO Happy: Executive Scorecarding with SQL, SharePoint, and System Center 2012 Operations Manager (Thursday at 8:00 AM Pacific time)
You can grab all the meeting invites for the speaker series from this location.
You will need the Lync 2013 client to be installed on your computer to view and hear the presentation. You can download and install that from here.
Watch the Windows Server/System Center Partner and Customer Solutions blog for announcements on this series including the schedule for next quarter’s sessions.
Just wanted to let you know about a new KB article we published today. This one is an article for Operations Manager that discusses an issue where running reports using the Operations Manager console fails with a System.ArgumentOutOfRangeException error.
You can find the complete article here:
KB2836388 - Running Operations Manager reports fail with "System.ArgumentOutOfRangeException" error (http://support.microsoft.com/kb/2836388)
J.C. Hornbeck | Knowledge Engineer | Microsoft GBS Management and Security Division
Get the latest System Center news on Facebook and Twitter:
System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
One of the most useful health-related services offered by ASP.NET is the Web Events feature. By modifying the Web.config file, you can use the health monitoring system to log unhandled exceptions, expired forms, authentication tickets, and any other data you want logged in your application. If you want to get more information about this, you can read this KB article http://support.microsoft.com/kb/893664.
This said, in Windows Azure Cloud Services (PaaS), some of this is pre-configured for you, and all unhandled errors and audit failures are written to the Windows Event Log within the Application folder as shown:
For WAD (Windows Azure Diagnostics) to capture the health event you can either configure WAD to read from the event log. If you are monitoring Azure with the Azure management pack (either the old one, or the new preview one which was released last week and that I showed at MMS 2013) you are probably already doing this.
So, if those exceptions are in the event log, we can pull them thru management packs rules to our Operations Manager management group, and alert on them, right? Right. Piece of cake. Here I have written an example rule that does just that (XML for the MP attached below):
Here’s the XML of the MP I wrote for this – this is referencing the new Azure Fabric Management Pack PREVIEW that was released last week:
<?xml version="1.0" encoding="utf-8"?>
< ManagementPack SchemaVersion="2.0" ContentReadable="true" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<Manifest>
<Identity>
<ID>Azure.AddOn</ID>
<Version>1.0.0.20</Version>
</Identity>
<Name>Azure.AddOn</Name>
<References>
<Reference Alias="AzureMP">
<ID>Microsoft.SystemCenter.WindowsAzure</ID>
<Version>1.0.0.0</Version>
< PublicKeyToken>31bf3856ad364e35</PublicKeyToken>
</Reference>
<Reference Alias="Health">
<ID>System.Health.Library</ID>
<Version>7.0.8427.0</Version>
< PublicKeyToken>31bf3856ad364e35</PublicKeyToken>
</Reference>
<Reference Alias="System">
<ID>System.Library</ID>
<Version>7.5.8501.0</Version>
< PublicKeyToken>31bf3856ad364e35</PublicKeyToken>
</Reference>
</References>
</Manifest>
<Monitoring>
<Rules>
<Rule ID="Azure.AddOn.ASP.NET.Exception.AlertRule" Target="AzureMP!Microsoft.SystemCenter.WindowsAzure.RoleInstance" Enabled="true" Remotable="true" Priority="Normal" ConfirmDelivery="false">
<Category>Alert</Category>
< DataSources>
< DataSource ID="DS" TypeID="AzureMP!Microsoft.SystemCenter.WindowsAzure.RoleInstance.EventLog.CollectData.DS">
< IntervalSeconds>300</IntervalSeconds>
< TimeoutSeconds>60</TimeoutSeconds>
</DataSource>
</DataSources>
< ConditionDetection ID="CD" TypeID="System!System.ExpressionFilter">
<Expression>
<And>
<Expression>
< SimpleExpression>
< ValueExpression>
< XPathQuery>EventNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
< ValueExpression>
<Value Type="String">1309</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<Or>
<Expression>
< SimpleExpression>
< ValueExpression>
< XPathQuery>PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
< ValueExpression>
<Value Type="String">ASP.NET 2.0.50727.0</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
< SimpleExpression>
< ValueExpression>
< XPathQuery>PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
< ValueExpression>
<Value Type="String">ASP.NET 4.0.30319.0</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</Or>
</Expression>
</And>
</Expression>
</ConditionDetection>
< WriteActions>
< WriteAction ID="GenerateAlert" TypeID="Health!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>1</Severity>
< AlertName />
< AlertDescription />
< AlertMessageId>$MPElement[Name='Azure.AddOn.ASP.NET.Exception.AlertRule_AlertMessage']$</AlertMessageId>
< AlertParameters>
<AlertParameter1>$Data/EventDescription$</AlertParameter1>
</AlertParameters>
<Suppression>
<SuppressionValue>$Data/EventData/*[local-name()='Event']/*[local-name()='EventData']/*[local-name()='Data'][19]$</SuppressionValue>
</Suppression>
</WriteAction>
</WriteActions>
</Rule>
</Rules>
</Monitoring>
<Presentation>
< StringResources>
< StringResource ID="Azure.AddOn.ASP.NET.Exception.AlertRule_AlertMessage" />
</StringResources>
</Presentation>
< LanguagePacks>
< LanguagePack ID="ENU" IsDefault="false">
< DisplayStrings>
< DisplayString ElementID="Azure.AddOn">
<Name>Azure MP AddOn for ASP.NET</Name>
<Description>Azure MP AddOn for ASP.NET</Description>
</DisplayString>
< DisplayString ElementID="Azure.AddOn.ASP.NET.Exception.AlertRule">
<Name>ASP.NET Exception</Name>
<Description>ASP.NET Exception</Description>
</DisplayString>
< DisplayString ElementID="Azure.AddOn.ASP.NET.Exception.AlertRule_AlertMessage">
<Name>ASP.NET Exception</Name>
<Description>Event Description: {0}</Description>
</DisplayString>
</DisplayStrings>
< KnowledgeArticles></KnowledgeArticles>
</LanguagePack>
</LanguagePacks>
< /ManagementPack>
Granted, it is not full-blown APM functionality, and you can’t convert to IntelliTrace format, but once you have those exceptions, you can route them to developers thru the TFS Connector like you would do for APM Exceptions:
Please also note that it is not easy to do “proper” alert suppression based on the exception message or call stack, because the “EventDescription” of those ASP.NET events contains timestamps which make the description unique every single time. Also, with the Azure event DataSource, since it reads events from WAD, parameters are lost. Hence I defaulted to do suppression based on the rule itself (this will hide multiple different exceptions that might be happening on the same role instance). But with some help from Marius and Marcin, I managed to write an XPath expression which does alert suppressions only based on the actual exception.
I hope it is helpful to see how you can extend the Azure MP (that focuses on the “fabric” layer by default) to also look at your application’s health!
Happy Azure monitoring!
With the latest update rollup we resolved 2 major user experience issues customers have given us feedback on.
1. Hostname\Display Name in “Object by Performance” widget is empty
I am happy to announce that we addressed the issue where the display name in Object By Performance widget was never returned. I showed that we fixed this issue at my MMS 2013 dashboarding session last Tuesday and all 850 people that attended applauded. I know this was a big hurdle for most of you and I apologize in any delay in getting this issue resolved.
2. OpsMgr Web Console Performance Improved
We have made some significant web console performance improvements with this update rollup in particular view load times. We made some changes in the code which now helps views like the alert view loads in a couple of seconds. This is another big customer request where we have addressed with this update.
You can download the update from here: http://support.microsoft.com/kb/2802159
Hi, we are excited to announce the preview of the Management Pack for Windows Azure Fabric. This Management Pack enables you to monitor the availability and performance of Azure fabric resources that are running on Windows Azure.
You will find the preview Management Pack as well as the draft documentation (MP Guide) on the Microsoft Download Center.
Note that this is a completely new Management Pack that does not upgrade the previous Azure Management Pack. Note also that this Management Pack requires System Center Operations Manager 2012 SP1 or later. This Management Pack is currently not supported in production environments.
The following monitoring scenarios are covered by the Management Pack
|
Monitoring scenario |
Description |
Associated rules and monitors |
|
Role Instance Availability and Status |
This scenario monitors the role |
|
|
Role Instance Performance |
This scenario monitors the CPU and |
|
|
Scale up/down |
This scenario enables you to scale up |
|
|
Virtual Machine Availability and Status |
This scenario monitors the role |
|
|
Storage Availability |
This scenario monitors the availability |
|
|
Storage Size |
This scenario monitors the size of the |
|
|
Topology Dashboard |
This scenario allows you to see how |
|
|
Certificate health |
This scenario monitors certificate expiration of management and cloud service certificates and alerts if the certificates are about to expire |
|
|
Hybrid Application definition and |
This scenario allows you to model a |
|
Submitting feedback
You can submit feedback by sending mail directly to akep at Microsoft dot com. You can also submit feedback by commenting on this blog post.
We are looking forward to your feedback on this Management Pack.
Update Rollup 2 for Microsoft System Center 2012 Service Pack 1 (SP1) is now available and includes the following updates for OpsMgr 2012 SP1:
Operations Manager
Issue 1: The Web Console performance is very poor when a view is opened for the first time.
Issue 2: The alert links do not open in the Web Console after Service Pack 1 is applied for Operations Manager.
Issue 3: The Distributed Applications (DA) health state is incorrect in Diagram View.
Issue 4: The Details Widget does not display data when it is viewed by using the SharePoint webpart.
Issue 5: The renaming of the SCOM group in Group View will not work if the user language setting is not "English (United States)."
Issue 6: An alert description that includes multibyte UTF-8 characters is not displayed correctly in the Alert Properties view.
Issue 7: The Chinese (Taiwan) Web Console displays the following message even after the SilverlightClientConfiguration.exe program is run: Web Console Configuration Required.
Issue 8: The Application Performance Monitoring (APM) to IntelliTrace conversion is broken when alerts are generated from dynamic module events such as the Unity Container.
Issue 9: Connectivity issues to System Center services are fixed.
Issue 10: High CPU problems are experienced in Operations Manager UI.
Issue 11: Query processor runs out of internal resources and cannot produce a query plan when you open Dashboard views.
Issue 12: Path details are missing for "Objects by Performance."
Operations Manager - UNIX and Linux Monitoring
Issue 1: The Solaris agent could run out of file descriptors when many multi-version file systems (MVFS) are mounted.
Issue 2: Logical and physical disks are not discoverable on AIX-based computers when a disk device file is contained in a subdirectory.
Issue 3: Rules and monitors that were created by using the UNIX/Linux Shell Command templates do not contain overridable ShellCommand and Timeout parameters.
Issue 4: Process monitors that were created by the UNIX/Linux Process Monitoring template cannot save in an existing management pack that has conflicting references to library management packs.
Issue 5: The Linux agent cannot install on a CentOS or Oracle Linux host by using FIPS version of OpenSSL 0.9.8.
You can get all the details and a download link here:
KB2802159 - Description of Update Rollup 2 for System Center 2012 Service Pack 1 (http://support.microsoft.com/kb/2802159)
J.C. Hornbeck | Knowledge Engineer | Microsoft GBS Management and Security Division
Get the latest System Center news on Facebook and Twitter:
System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/
App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
Just a quick note to let you know about a new KB article we published. This one describes an issue where opening the Management Server view in the Administrator pane of the OpsMgr 2012 console generates the following error:
System.ArgumentOutOfRangeException: Specified argument was out of the range of valid values
For all the details please see the following:
KB2828790 - Opening the Management Server view in the Operations Manager console fails with "System.ArgumentOutOfRangeException" error (http://support.microsoft.com/kb/2828790)
J.C. Hornbeck | Knowledge Engineer | Microsoft GBS Management and Security Division
Get the latest System Center news on Facebook and Twitter:
System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/
App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
Update Rollup 5 for System Center 2012 is now available and it includes a few fixes for OpsMgr 2012, including:
- Issue 1: The Solaris agent could run out of file descriptors when many multi-version file systems (MVFS) are mounted.
- Issue 2: Logical and physical disks are not discoverable on AIX-based computers when a disk device file is contained in a subdirectory.
- Issue 3: Rules and monitors that were created by using the UNIX/Linux Shell Command templates do not contain overridable ShellCommand and Timeout parameters.
- Issue 4: Process monitors that were created by using the UNIX/Linux Process Monitoring template cannot save in an existing management pack that has conflicting references to library management packs.
- Issue 5: The Linux agent cannot install on a CentOS or Oracle Linux host by using the FIPS version of OpenSSL 0.9.8.
You can get all the details and a download link here:
KB2822776 - Description of Update Rollup 5 for System Center 2012 (http://support.microsoft.com/kb/2822776)
J.C. Hornbeck | Knowledge Engineer | Microsoft GBS Management and Security Division
Get the latest System Center news on Facebook and Twitter:
System Center All Up: http://blogs.technet.com/b/systemcenter/
System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/
System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/
System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager
System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
Windows Intune: http://blogs.technet.com/b/windowsintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The AD RMS blog: http://blogs.technet.com/b/rmssupp/
App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
Today we have BIG NEWS for both Advisor and Operations Manager users!
Our team is proud to announce the release of the System Center Advisor Connector for Operations Manager Preview !
This connector enables Advisor to be an attached service to your Operations Manager deployment. With the Advisor Connector, you can use your existing SCOM agents and management servers to receive Advisor rules which collect and forward configuration data to Advisor. Advisor then process the data & generate appropriate alerts which can be viewed in your Operations Manager console.
The connector does not require manual certificate installation or separate agent & gateway downloads.
The download for the Advisor Connector Preview is now live at the Microsoft Download Center.
Please note that this preview requires Operations Manager 2012 SP1 Update Roll Up 2, which will be available on Microsoft Update today Tuesday, April 9th at 10AM PST.
Feel free to reply to this post with any questions or comments on the Advisor Connector Preview.
Thanks! We hope you can try it out.
-L.C.