Tag: OpsMgr

2009

MicrosoftOpsMgr 2007

Replace/Change a Gateway Server

Description of problem If you are looking into replacing an (or just switching to another primary) Operations Manager 2007 Gateway Server for any reason, there’s a little more to consider than just right-clicking the clients and selecting “Change Primary Management Server” in the Operations Console. You could end up with agents not being able to connect to the Management Group at all due to a small problem with the order in which Operations Manager do things. Here’s basically what happens: You tell Operations Manager to change Primary Management Server for AGENTX from GW1 to GW2. The SDK Service (i guess) tells GW1 that “You’re no longer the Primary Management Server for AGENTX” GW1 acknowledges this and stops talking to AGENTX. And I mean Completely stops talking to AGENTX. OpsMgr then tells GW2 to start accepting communication from AGENTX. OpsMgr tries to tell AGENTX that it should talk to GW2 since GW1 won’t listen. Spotted the problem? This modus operandi probably works when agents are on the same network and in the same domain where fail-over is sort of automatic. The problem we are facing now is that the server are telling the Gateway to stop accepting communications to and from the agent before the agent is notified that there is a new Gateway server to talk to. The agent will continue to talk to GW1 but will be completely ignored and you will probably start seeing events in the Operations Manager eventlog on GW1 with EventID 20000. How do I get around this little feature then? No matter if you found this article after running into the mentioned troubles or if you are googling ahead of time to be prepared, the fix is the same and consists of a few powershell scripts. These scripts are out there allready, but in different contexts, hence this post. First step: Install the new Gateway Documentation on this from Microsoft is good enough, but here’s the short version. Verify name resolution to and from Gateway server and Management Server Create certificate for the Gateway server Approve the Gateway server Install Gateway server Import certificates on Windows system Run MOMCertImport.exe on Gateway server to add the certificate into Gateway server configuration Wait

MicrosoftOpsMgr 2007

The TCP Port Check: Use with caution!

Just wanted to raise a word of caution about the TCP Port Check in Operations Manager 2007. Some customers have notices the the system-logs on some Unix machines are completely swamped with “connection error”, “TCP Connect failed”, “TCP Session Lost” and similar and after a bit och research the problematic servers were narrowed down to those monitored by Operations Manager. Specifically, those who are targeted by a TCP Port Check. It would seem like the TCP-connection never fully initializes on the target server. Kind of like knocking on your neighbours door and then hiding. Then when the door opens, no one is there causing your friendly neighbour to hang around waiting for something to happen. Maybe there’s a setting somewhere to modify how “deep” a Port Check should go before closing. Perhaps fully initializing and then sending a proper “Close” instead of just cutting the connection. In a few extreme cases we have noticed that the target server even goes so far as to start a session, but never ending it since there’s no closure and finally having no sessions to spare for the real users. But on most servers it’s just an annoyance since the “real” errors is very hard to be found in all the connection related logs. Anyway. Just a good thing to keep in mind when running TCP Port Checks from Operations Manager 2007. Keep an eye on the logs when implementing the port checks.

MicrosoftOpsMgr 2007

MSMQ Management Pack: Subscript Out of Range

UPDATE: This problem seems to be fixed in the latest update! The MSMQ Management Pack seems to have a few problems with it’s discovery script that can lead to the following error showing up in the logs: The process started at 13:34:40 failed to create System.Discovery.Data. Errors found in output:C:Program FilesSystem Center Operations Manager 2007Health Service StateMonitoring Host Temporary Files 499788DiscoverQueues.vbs(107, 4) Microsoft VBScript runtime error: Subscript out of range: '[number: 0]'Command executed: "C:WINDOWSsystem32cscript.exe" /nologo "DiscoverQueues.vbs" {615D37C9-477D-62E2-0833-6ECBF0E89A87} {A176AC83-CC31-01C3-5DE9-E2DFF64E7CC7} "MASKED.server.fqdn" "MSMQ" "true" "true" "False" "false"Working Directory: C:Program FilesSystem Center Operations Manager 2007Health Service StateMonitoring Host Temporary Files 499788One or more workflows were affected by this.Workflow name: Microsoft.MSMQ.2003.DiscoverQueuesInstance name: MASKED.server.fqdnInstance ID: {A176AC83-CC31-01C3-5DE9-E2DFF64E7CC7}Management group: MASKED This seems to be related to the discovery of public queues on some servers that has none. One quick fix, or rather work-around, is to override the discovery on these servers to set DiscoverPublic to False.

MicrosoftOpsMgr 2007

Windows Server 2008 NLB MP for OpsMgr released

Don’t know how I missed this when writing the last post, but Microsoft released the MP for Windows Server 2008 NLB yesterday (28/4 -09). This is the initial release for Win2k8 NLB so I guess we just have to try it out then. Quick Details File Name: Microsoft Server 2008 Network Load Balancing System Center Operations Manager 2007 MP.msiVersion: 6.0.6573.0Date Published: 4/28/2009Language: EnglishDownload Size: 519 KB Feature Summary Monitor the NLB Node status. Based on the status of individual cluster nodes, determine the overall state of the cluster. Where an integration management pack exists, determine the health state of a cluster node by looking at the health state of the load balanced application, such as IIS. Alert on errors and warnings that are reported by the NLB driver, such as an incorrectly configured NLB cluster. Take the node out of the NLB cluster if the underlying load-balanced application becomes unhealthy, and add the node back to the cluster when the application becomes healthy again. Requires OpsMgr 2007 SP1 or later, the Base Operating System MP for 2008, the QFEs for Windows Server 2008 and that you are not running the converted 2003 NLB MP. If you are running the old converted NLB MP, upgrade first. As an additional recommendation, Microsoft recommends in the MP Guide that you install the QFE for wmiprvse.exe problems on Windows Server 2008. No support for Mixed-mode (2008 and 2003) clusters though.

MicrosoftOpsMgr 2007

MSMQ 3 MP for OpsMgr v.6.0.6587.0 Released

Last friday, 24/4 -09,  Microsoft released an updated Management Pack for MSMQ 3.0. Quick Details File Name: Message Queuing System Center Operations Manager 2007 MP.MSI Version: 6.0.6587.0 Date Published: 4/24/2009 Language: English Download Size: 502 KB Release History 6/3/2008 - Initial Release, version 6.0.6278.23. Refer to the MP guide for further details.* 4/24/2009 - Undated release, version 6.0.6587.0. Refer to the MP guide for further details. The MP Guide does not really say much about what’s updated and I don’t know how much more than the reporting they have fixed. I can just state the fact that support for clustered MSMQ 3 instances is still missing.

MicrosoftOpsMgr 2007

NetworkAdapterCheck.vbs fails on Windows 2000

Problem Here’s my summary of the problems with the NetworkAdapterCheck.vbs script in the Windows Server 2000 Operating System Management Pack för Operations Manager 2007 that is causing the failed to create System.PropertyBagData error i wrote about earlier. This information in also available on https://connect.microsoft.com/feedback/ViewFeedback.aspx?FeedbackID=432627&SiteID=446 Symptoms This “research” comes from getting an obscene amounts of Script or Executable Failed to run in the Operations Console. Each time it was the NetworkAdapterCheck.vbs script that could not create PropertyBagData. The error message copied from one of the alerts looks like this: The process started at 14:29:26 failed to create System.PropertyBagData, no errors detected in the output. The process exited with 0Command executed: "C:WINNTsystem32cscript.exe" /nologo "NetworkAdapterCheck.vbs" MASKEDCOMPUTERNAME 0 false true falseWorking Directory: C:Program FilesSystem Center Operations Manager 2007Health Service StateMonitoring Host Temporary Files 2882781One or more workflows were affected by this.Workflow name: Microsoft.Windows.Server.2000.NetworkAdapter.NetworkAdapterConnectionHealthInstance name: 0Instance ID: {F4C478D3-38E5-8C29-3957-E3B7F486216E}Management group: MASKED This error repeats almost as often as the script is scheduled to run and appears on almost every Windows 2000 server. Probable Cause I am not really sure, but after a quite a bit of troubleshooting I am pretty sure it all boils down to a malformed WMI-query. What I basically did was to extract the script from the MP and dry-run it to see if I could find anything obvious, which I didn’t. Since I didn’t have a good debugging too available, like in PrimalScript, I added the VBS equivalent of old-school printf debugging. I basically added wscript.echo "Line XX:" & Err.Number

MicrosoftOpsMgr 2007

Clearing Disabled Discovery in OpsMgr 2007

Jonathan Almquist has posted (a while ago) an article on how to clear discovered objects after you have disabled the discovery rules in OpsMgr that I think deserves a notion. Read more about it at Jonathan Almquist on Operations Manager : Remove-DisabledMonitoringObject.

2008

Technobabble

Quest Software acquires eXc and VizionCore

Yes, I am officially slow. But never mind. Quest Software is a rather nice software developer with some interesting products for a wide range of Microsoft systems – like Site Administrator and Recovery Manager for SharePoint – but also database and application servers like SAP and Oracle E-business. I have lately been working with some of their MOSS-related products that, neglecting the somewhat goofy and unspecific manuals, are stable and well worth taking a look at. Quite recently they have acquired two other companies also worth paying attention to as they, too, tend to deliver products that ease things up. eXc does it’s thing in the Microsoft SCOM/MOM arena while VizionCore dances with virtualization techniques. At least, that’s where I’ve come across them both. How will this affect me, then? Not very much it would seem. Here’s what VizionCore says about their part: “The completion of this acquisition signals another major step in Vizioncore’s evolution and growth in the virtualization market,” said David Bieneman, CEO of VizionCore. “While maintaining the autonomy that has made us successful, we will also be able to leverage technologies developed by and acquired by Quest, such as Invirtus and Provision Networks, to enhance and expand the feature sets of VizionCore products. This is very positive news for virtualization customers who will enjoy a richer and robust product set that will help them achieve greater levels of ROI from their investments in virtualization platforms.” In my head, this means that VizionCore will still be VizionCore but with, perhaps, tighter integration with Invirtus. Invirtus was, by the way, a “Strategic Partner” to VizionCore even before the acquisition. eXc then? Well. It is not clearly stated in the press-release as far as I can tell. We can only hope that they will make the decision to rebuild their not-even-web1.0 excuse for a website. And what the hell is up with that logo? Fortunately for us, their design skills – or lack thereof – does not reflect their programming skills. But still… no sane man or woman uses Comic Sans in a logo. Not even jokingly. Actually, using Comic Sans at all should be considered an act of felony. references: Quest Software Continues Its Value Add to Microsoft System Center Quest Software Completes Acquisition of VizionCore…