I almost feel stupid to say but i never fully understood how this really works. I read many articles and examples but still i never got the picture.
Until i read a blog of Kudrat Sapaev where it is easy and crystal clear explained!
The blog can be found at http://kudratsapaev.blogspot.com/2009/07/loopback-processing-of-group-policy.html
Bastiaan van Onselen
At one of my customers I accidentally came across a machine that was not running its dicovery of the Exchange 2003 role correctly. I was actually looking for something else and had to connect to the mail server and because I did not remember its name I used SCOM to see which one it was Anyway, the view was empty.
So when looking in the OpsMgr event log at the mail server (which I did find through another route ) I saw this Error:
Event ID: 31901
Source: Health Service Modules
Description: The Registry Probe could not connect to the registy of the computer \\server.domain.com
One or more workflows were affected by this:
So at first I thought to just ping that machine name (the fqdn of the machine). And I got another ip address than I expected. Turned out that this machine had two network interfaces (one connecting to storage). So it was using the wrong interface first. I checked by doing an nslookup against the DNS server and that one gave the other ip address.
Now the 0x80070035 actually does point to a Network path not found.
So this can happen more often if the additional network card for storage or backup purposes has some features disabled and is listed first in the binding order.
As this was a Windows 2003 machine I went to Network Connections - Advanced - Advanced Settings and found the following binding order:
So the Storage adapter was set to the first position.
And when looking at the properties of that adapter:
So Client for Microsoft Networks is not enabled.
Because of that combination the discovery could not connect to the registry of the machine using the network adapter listed first in the binding order.
Simply solve by changing the binding order and its all systems GO!
Now back to solving that other issue I was actually investigating at first
I saw a post from Javier Ripoll that he released management packs and agents for Ubuntu 10 (x86) and Debian 5 (x86) to Codeplex.
Great Work Javier!
We had something "funny" happing at one of our customers.
We wanted to configure Outlook 2010 to use Outlook Anywhere and use the RPC over HTTP proxy settings to connect to a mail server outside the domain. The workstation was a windows 7 and part of an SBS 2008 domain, but the mailbox was located on a server on the outside.
So simple enough you would say. Add account, set the option "Connect to Microsoft Exchange using HTTP" and define the proxy settings to use the email server and SSL and Authentication.
Two seconds later and the mailbox was syncing.
However when Outlook was closed and started again... No connection! So going into the settings again. Normal account settings were OK. However the Exchange proxy settings had changed! To another domain name for the proxy server and its principal name.
We could try this again and again. changing it and closing outlook just to see it changed back again.
After looking around internet I saw a few people having the same thing. Always with domain workstations. The problem does not appear when using workgroup machines. However a few people seemed to have the problem sometimes, while we had it every time on this machine.
So, it seems we need some way of forcing settings. In this case the user was only using this mailbox. So I set my eyes on forcing settings through Group Policy and applying it for this user.
So lets jump to that part.
In order to create the group policy we need to download the right templates.
Office 2010 Administrative Template files (ADM, ADMX/ADML) and Office Customization Tool. Download one of these and run it in order to extract the files in it.
And after finding out I still could not change the right settings I found a template file that has to be imported on top of the admin template in the previous download so also pick up the template mentioned in this KB article and follow the instructions (when adding the template also add the outlook template file included in the previously mentioned download).
Outlook Anywhere (RPC/HTTP) settings are unavailable in the Outlook 2010 Group Policy template.
So create a new Group Policy. Give it a name etc. Now Edit the policy. Add the templates for outlook and the template mentioned in the second download mentioned above. You will see the settings as shown in the screenshot in the KB article above. A screenshot of the 4 settings I had to configure:
The first setting as it applies to our situation:
In my case I specfied flags 1+2+3+4+6 and set the other options as well for the mail server and principal name and authentication.
We linked the polciy to the user - in this case I simply created an OU and placed the user in it and linked the policy to the OU, but there are multiple methods for that. Logged off the user and logged back on. Checked the outlook settings and they were set and greyed out as expected.
If you ever run into this you can use the group policy to force the settings the way you wnat to.
The guys at the Operations Manager Support Team Blog wrote about a solution to this issue:
An exception is thrown while importing the Red Hat Linux Management Pack for Operations Manager 2007.
An exception was thrown while processing ImportManagementPack for session id uuid:eff4da8a-fd0f-4607-9c63-5300f4733ee0;id=2.
Exception Message: The creator of this fault did not specify a Reason.
Full exception detail:
Could not load ManagementPack [ID=Microsoft.SystemCenter.WSManagement.Library, Keytoken=31bf3856ad364e35, Version=6.1.7221.30].
ManagementPack not found in the store.Version mismatch. For ManagementPack [[Microsoft.SystemCenter.WSManagement.Library,
31bf3856ad364e35, 6.1.7221.0]] requested version from the database was [6.1.7221.30], and actual version available is [6.1.7221.0]).
It seems this can happen if the WSManagement Library MP is not imported.
Check out the blog post over at the OpsMan Support Team blog.
Thanks for sharing guys!
It is our SCOM guru Vlad Joanovic talking about SCOM v Next on TechNet Edge videos!
So while on the subject of great things from Steve Rachui , he also wrote extensively about the Printer management pack and alternatives to make it better (like the Kevin Holman addendum by the way) and also the great additional printer mp that Steve wrote for us!
The management pack is located here:
One nice gem from Steve Rachui's blog is a trick on how to simply troubleshoot remote SQL connections.
Just create an empty txt file anywhere on the disk and give it an UDL extension and click it. You will see a tool popping up with several tabs. on the first tab you will find SQL for instance, but also other types of data connections. On the second tab you can enter info like server name and database name and authentication needs.
Nice! Very very nice!
Nice stuff! System Center Service Manager Service Pack 1 is out.
Check out the documentation and resources over here:
Good luck and enjoy!
Thanks to Marnix Wolf for posting about the new SCOM R2 core management pack 6.1.7595.0 and that it has an important monitor turned off by default. You should turn this monitor on in order to monitor the service and if needed restart it as suggested by Marnix.
I also would not know why it is disabled by default, but perhaps this will be taken care of in a next version of this MP (or we will get an explanation
Thanks for your post Marnix!