BICTT

After importing the Group Policy management pack in SCOM it started picking up events on a customer network like these:

Windows cannot bind to [domain name] domain. (Invalid Credentials). Group Policy processing aborted.

Just a few hundred of them, so needed some investigation.

This issue can be caused by a number of reasons, I will list a few:

• Machine account in domain is not correct anymore. Fix by taking out of domain and re-adding to domain
• Check if it has other domain verification issues. Run netdom verify command.
• domain controller it is trying to talk to does not exist. Check in DNS.
• There is a user logged on who has had a password reset in the meantime. Check for logged on users that have been disconnected or forgot to log off for some time (days or more).

In this case the last option was bingo.
Lots of users logged on for days or more at console or through rdp and this company has a password policy for every 6 weeks.

The server is trying to run through group policy processing for both the machine accout and the logged on user acconts.

So in this case logged off some users with very long disconnected times and sure enough this fixed the issue.

Bob Cornelissen

 

A fresh update to the Windows Failover Clustering Management Pack has been released.

Some of the major updates in this release are

• Support for discovery and monitoring of Windows Server 2008 R2 clusters and functionality such as Cluster Shared Volumes
• MP scalability improvements (the MP supports monitoring of 300 resource groups per cluster)
• Noise reduction, for example clustered resources are no longer discovered and monitored by default (resource groups are monitored by default)

And from the MP guide a bit more information:

· Added support for discovery and monitoring of Windows Server 2008 R2 clusters.

· Disabled discovery and monitoring of resources by default.

· Discovers and monitors cluster shared volume resources only on Windows Server 2008 R2 clusters.

· Limited discovery of resource groups to a maximum of 300 resource groups per cluster.

· Disabled discovery of clustered objects on an Operations Manager root management server (RMS) cluster running Operations Manager 2007 R2.

· Fixed an issue where the DiscoverClustering.vbs script would fail to submit discovery data when there were WMI provider issues on the cluster node.

· Updated display strings and knowledge in the management pack.

· Updated discoveries to run every 4 hours.

· Updated the MAC Address property for the network adapter to use hyphens instead of colons.

· Disabled the Windows Time Service monitor for Windows Server 2008 and Windows Server 2008 R2 clusters because the cluster service has no dependency on the Time service.

· Disabled the WMI service monitor for all operating system versions of the management pack because the cluster service has no dependency on the WMI service.

· Added a Sync Time parameter to the discoveries and monitors for resources and resource groups to ensure that these do not run simultaneously or immediately after an agent is restarted.

· Disabled the following rules on Windows Server 2003, Windows Server 2008 and Windows Server 2008 R2 clusters, which would cause discovery to instantly run when cluster properties changed:

· Cluster object property changed

· Cluster object added

· Cluster object removed

· Cluster object changed property value

· Cluster object space changed due some addition

· Cluster object space changed due some deletion

. Cluster changes are now discovered on a schedule (by default, every 4 hours).

 

From The Operations Manager Team blog:

Updates to the Exchange Management Packs for Operations Manager 2007 are now available on the Management Pack Catalog.

The Exchange 2003 MP update includes an improvement to topology discovery that removes the requirement to have an agent on all Exchange servers in the organization in order to see the Exchange topology view. There were also discovery updates, plus a number of improvements focusing on on view consistency, knowledge, script behavior.

The Exchange 2007 MP for OpsMgr R2 update fixes issues with synthetic transactions running on clusters, clearer presentation of data generated when running the Exchange BPA, as well as clearer alerting in the case where MP discoveries are failing due to missing Exchange permissions.

 

From the Operations Manager Product Team blog:

I am very pleased to announce that the System Center Operations Manager 2007 R2 Authoring Resource Kit has RTW’d.

It can be downloaded from : http://www.microsoft.com/downloads/details.aspx?FamilyID=9104af8b-ff87-45a1-81cd-b73e6f6b51f0&displaylang=en

The resource kit ships the following features:

• Authoring Console
• Management Pack Best Practices Analyzer
• Management Pack Spell Checker
• Management Pack Visio Generator
• Management Pack Diff
• Management Pack Cookdown Analyzer
• All References Addin
• Workflow Analyzer
• Workflow Simulator
• System Management Packs

Below is a quick summary of these features.

Authoring Console
Develop Management Packs within a GUI environment.

Management Pack Best Practice Analyzer (MPBPA)
MPBPA scans management packs for best practice compliance and provides automated resolution for numerous issues. This tool integrates with the Authoring Console.

Management Pack Spell Checker (MP Spell Checker)
MP Spell Checker checks spelling in management packs to eliminate errors in display strings.

Management Pack Visio Generator (MP Visio Generator)
MP Visio Generator allows you to generate a class inheritance and class relationship diagram using Microsoft Office Visio.

Management Pack Diff (MP Diff)
MP Diff shows the differences between two management packs.

Management Pack Cookdown Analyzer (MP Cookdown Analyzer)
MP Cookdown Analyzer identifies workflows which may break cookdown. Suggestions are provided for how to fix the performance problems.

All References Add-in
All References Add-in helps find all management pack elements that reference the specific element chosen. For example, the ability to right click a class and find all rules, monitors, overrides, as well as anything else that targets that class is provided. This tool works on most management pack elements.

Workflow Analyzer
The Workflow Analyzer provides the ability to statically analyze all types of workflows. It also allows users to trace workflows running on any Health Service.

Workflow Simulator
The Workflow Simulator provides the ability to test certain types of workflows such as discoveries, rules, and monitors without a Management Server and Management Group. Key functionality includes the ability to test workflows as well as view and validate output prior to signing and importing the MP into a Management Group for additional testing.

Management Packs
Three management packs which are frequently used as dependencies are provided as part of the tools installation. These MPs are necessary to allow the Authoring Console to open most MPs available online in the System Center Operations Manager MP Catalog. The provided MPs are:

• Microsoft.SystemCenter.DataWarehouse.Report.Library
• Microsoft.SystemCenter.InstanceGroup.Library
• Microsoft.SystemCenter.ServiceDesigner.Library

Screenshots and more information on how to use the tools effectively to make authoring simple for Operations Manager would be coming out soon.

Personal note from Bob Cornelissen:
This is GREAT!

 

Microsoft released the DFS Replication Management Pack for System Center Operations Manager 2007. The new version is 6.0.6321.0 with publish date 19 Oct 2009.
It can be downloaded here at the DFS management pack download page.

From the download page:

The DFS Replication Management Pack for System Center Operations Manager 2007 monitors the health of the DFS Replication service on Windows Server 2003 R2 and Windows Server 2008 computers. This management pack monitors events generated by the DFS Replication service. These events provide an insight into the health of the service and folders replicated on monitored computers. This management pack includes a dashboard view which can be used to monitor replication backlogs.

The management pack also features consolidation rules that monitor computers for frequent occurrences of certain operational conditions such as staging cleanups, sharing violations, replication conflicts etc.

Feature Summary
The following features are new in this release of the DFS Replication Management Pack:

• Alerts indicating outages of the DFS Replication service on monitored computers.
• Alerts indicating configuration issues that require administrative intervention.
• Dashboard view that enables tracking of replication backlogs on monitored computers.
• Tracking of intermittent operational conditions. These conditions are tracked by the management pack and show up either as warnings/errors. Transient warnings/errors flagged for conditions that are resolved over time are automatically corrected by the management pack, once those conditions are resolved.
• Intuitive state view indicating red, yellow and green states of the service, replication groups, and replicated folders configured on monitored computers.
• Monitoring of important service parameters such as staging area usage and replication conflicts generated.

Supported Operating Systems: Windows Server 2003 R2 (32-Bit x86); Windows Server 2003 R2 x64 editions; Windows Server 2008

Bob Cornelissen

 

I previously posted about installation of a SCOM agent on a Sun Solaris machine.
In that case we had to do a manual install of the agent.

A few days ago the Cross plat team released an update to SCOM that contains new agents for the cross platforms. So we ran that update on all management servers and moved the new agent installer to the Sun Solaris box. Our Sun admin found that the agent would not upgrade, but needed to be uninstalled first and right after that install the new agent. The certificate was left on the machine, so that one should be picked up automatically.
When starting the agent he found the following error in the logging:

10/21/2009-09:04:03 INFO cimserver: SCX CIM Server stopped.
10/21/2009-09:04:05 INFO cimserver: Listening on HTTPS port 1270.
10/21/2009-09:04:05 INFO cimserver: Listening on local connection socket.
10/21/2009-09:04:05 INFO cimserver: Started SCX CIM Server version 2.9.0 Release.
10/21/2009-09:05:54 SEVERE cimserver: Failed to load the Provider Manager for interface type "CMPI" from library "".

We could not find much info on this on the internet. But we had an idea on how to solve it.

First I tried to run the discovery again and it found the machine and it found the agent and thought all is well. That did not solve it.

Right after we found the solution to be:

• Delete the machine from the SCOM Gui.
• Start a new discovery and point it to the machine.
• It discoveres it and puts it in SCOM again, and this time with the right agent version.

Also thanks to our Sun admin Jan van de Lagemaat for helping with this issue.

Bob Cornelissen

 

A few days ago the SCOM cross platform team released an update that fixes some things and add some support. The update can be downloaded from http://www.microsoft.com/downloads/details.aspx?FamilyID=4a41a8be-0a37-4bd2-b5b1-026468b317fb&displaylang=en and the KB article can be found at http://support.microsoft.com/kb/973583.

From the KB article:

This update enables System Center Operations Manager 2007 R2 to support the following platforms:

• SUSE Linux Enterprise Server 11 (32-bit and 64-bit)
• Solaris Zones (whole and sparse zones)

The latest versions of all Operations Manager 2007 R2 Unix and Linux Agents are included in this update.

Additionally, this update fixes the following problems:

Problem 1
The Operations Manager 2007 R2 Cross Platform Agent intermittently creates defunct processes on the UNIX system or on the Linux system. This behavior occurs in the following scenario:
The password for the account that connects to the server is changed on the UNIX system or on the Linux system. For example, the password for the UNIX Action Account or for the UNIX Privileged Account RunAs Account is changed.
The password is not updated on the Operations Manager server.
When this problem occurs, the defunct processes (scxcimservera) continue to exist until the Cross Platform Agent restarts. Therefore, additional resources are consumed.

Problem 2
The Cross Platform Agent may not discover soft partitions on Solaris systems. Therefore, the disk provider may be unloaded, and then the Cross Platform Agent may stop collecting information from the system disks.

Problem 3
The Cross Platform Agent may not restart after the AIX server restarts.

Bob Cornelissen

During an upgrade of a DPM 2007 installation to DPM 2010 Beta I came across a Hyper-V core server with a DPM agent that would not upgrade. So the DPM agent had to be manually removed from the machine. As the Server Core does not have a graphical interface to remove programs this has to be done from the command line.

In order to remove a DPM 2007 agent from a server core:

For a 64 bit machine the following command:
Msiexec /x {72BF00D8-53E0-1539-F523-4347082BCC11} /qn /norestart

For a 32 bit machine the following command:
Msiexec /x {07CCDE6A-1D92-2C9C-D091-9E682643ABCC} /qn /norestart

You can restart the machine after this.

Bob Cornelissen

 

A few days ago Microsoft released the final version of Mmicrosoft Security Essentials. This is an anti-virus and anti-malware product designed for the home-pc market. It is free to use! Check out the website for more details, documentation, videos and more.

Bob Cornelissen

The System Center Service Manager team just released the Beta 2 version of System Center Service Manager 2010. Read the announcement below:

- - - - - - - - - - - - -
The Service Manager team is very pleased to announce that Beta-2 for Service Manager 2010 is now available for download from connect. Details and links are below.
Download
To download, simply go to the Service Manager site on Connect www.connect.microsoft.com. Once you have successfully signed in, click the Downloads link, click Service Manager Beta-2 and then select all of the following files on the download details page:
• SMCDImage_amd64.exe
• SMCDImage_x86.exe (32 bit console)
• InstallOMMPs.exe
• AuthoringTool.exe (authoring console)
• SM_B2_Public.zip
Click download to begin the download process. Once the files have successfully downloaded, please be sure to read the release notes before installing the product as they contain some important information about the release
You can also use the public forums for feedback and support, link below
http://forums.microsoft.com/TechNet/ShowForum.aspx?ForumID=2066&SiteID=17

Please read the “Preparing for Service Manager Deployment” section of the Installation and Configuration Guide for step-by-step guidance on how to install and configure the product.
- - - - - - - - - - - - -

Now we can start playing around with it again! And to the team, congratulations with this step
Bob Cornelissen