For many many moons we have had to travel halfway across the world to attend a great event called the Microsoft Management Summit. For those of us in this part of the world (Asia) having to travel 23 hours isn't exactly something that i look forward to. But it was always worth it when i finally arrive and bask in the vast amount of knowledge shared at such an event.
So... why am i ranting about this?
Well...
SCUG.my is proud to be organizing the first ever System Center Solutions Summit in Kuala Lumpur, Malaysia! (do you hear the drums??)
Together with Microsoft Malaysia, we are bringing you 2 days of hardcore speaking action! Of what you ask?... well all about System Center of course!
Sessions will be conducted by Microsoft Technology Specialists, Regional Experts and Microsoft MVPs.
We are on the verge of finalizing our speakers and sessions so the final agenda will be out very very soon!
Book your calendars now! December 22nd and 23rd 2008 @ the Microsoft Auditorium (29th floor, Petronas Towers)
This is a must attend event if you care for your System Center career!! :)
And to cater for all of you who are far away and tried you ultimate best to make it but simply can't, the whole event will also be available through Live Meeting!!
.. of course.. those that attend the actual event will have the benefit of gorging themselves on the food, snacks and prizes that will be up on offer!
If you would like to be invited to this event, please send a mail to ask@scug.my
Saturday, November 8, 2008
SCUG and System Center Solutions Summit 2008 (Kuala Lumpur, Malaysia)
High CPU Utilization issues when importing the DHCP Management Pack
Some of us experienced a very high CPU Utilization issue after importing the DHCP Management Pack (6.0.6383.0). It was due to some heavy usage of discovery scripts.
I'm glad that its now all fixed with the release of the new 6.0.6452.0 version that is now in the MP Catalog
Here are some of the changes that was made by the product team. (Thanks guys!! sending you the some beer vouchers soon)
- Changed the discovery script so that it discovers same instances every time and does not cause changes in their properties (it causes changes in OpsMgr configuration each time).
- Rewrote script-based module in the following way – now it returns all data for all components (scopes, superscopes, etc.) instead of returning data only for requested one. It allowed SCOM to cook it down and now instead of 1000 scripts only one instance is run.
- Rewrote script-based module in the following way – instead of returning many property bags (4000 for 1000 objects) it returns only one big property bag. It allowed to lower significantly transferred data.
- Added performance mapper for unit monitors based on huge property bags. It allowed to significantly improve performance since now only small package of data is transferred between MonitoringHost and HealthService.
- Removed On-Demand-Detection for monitors based on huge property bags since SCOM SP1 does not support cook down for such scenarios and it leads to very high CPU consumption upon any changes in configurations/restarting HealthService.
- Optimized script populating all data from DHCP server (it analyzed with regex expression big output upon iterating through all objects every time, now it does it only once). It allowed to significantly improve performance for this module (it consumed 100% of one CPU for minutes).
New Active Directory MP 6.0.6452.0 released
Not sure about you... but I've been waiting for this for awhile. I had some issues with the previous AD MP and was told that it would be addressed in this one.
The new Active Directory Management pack (ver. 6.0.6452.0) has been released to the MP Catalog
It boasts a couple of improvements:
- Discovery of Windows Server 2008 DC and Read Only DC (RODC). Including also the discovery of FSMO roles
- Windows Server 2008 replication monitoring. Including a cool Multiple SLA workflow that can be configured
- Forests that have 2-way transitive trusts can now be discovered and reflected in the improved topology views (Forest, Domain, Site, Site-Link, Replication Connection)
- New essential services roll-up to accurately reflect services such as Sysvol, DFS, NetLogon, DCLocator
- of course.. support for Windows Server 2008 32-bit and also 64-bit
I've just imported the MP and will be updating this post after a some drives down the fast lane.
Tuesday, November 4, 2008
Operations Manager R2 announced at Tech ED Barcelona!
I wish i was there... sigh.. Barcelona.. the sun... spanish girls in bikini... OH and of course.. Tech Ed.
Thanks to those that posted in comments about what they wanted to see in R2 in an earlier post. I'm happy to inform that some of those comments were taken very seriously and it was announced in Barcelona that R2 would include some very nice additions and improvements.
Some of which are the Cross Platform inclusion that allows monitoring of Unix & Linux, Service Level Dashbard improvement and some new features. The announcement was made by Barry Shilmover.
You can view the video here... http://edge.technet.com/Media/Operations-Manager-with-Barry-Shilmover/
And the official announcement... http://technet.microsoft.com/en-ca/opsmgr/dd239186.aspx
Timeline?... within H1 of 2009. Watch this blog for updates once we've got more info :)
Wednesday, October 22, 2008
System Center Virtual Machine Manager 2008 has RTMed
The ship has landed. System Center Virtual Machine Manager 2008 is RTM.
Download from http://www.microsoft.com/systemcenter/virtualmachinemanager/en/us/default.aspx
Some of the new areas that are available with the product are:
- Hyper-V management
- VMWare management through Virtual Center
- Cluster support
- Delegated Administration
- Physical resource optimization with PRO Tips
Thursday, October 16, 2008
Installing Microsoft Application Virtualization 4.5 (Updated)
Having been working with Softricity and Softgrid 4.1 & 4.2, my initial guess was that installing App-V 4.5 would have been a piece of lemon pie. Well I was certainly dealt with a piece of that on my face when i finallyl got down doing it. After 2 and a half days of wracking my brains and the feeding frenzy that entailed, i finally got it working. phew.. So if anyone out there is still at it.. here's a guide of how i did it in hope that it would help save some of your brain cells :)
If you don't already know, App-V 4.5 comes in an install base of 3 different scenarios. The traditional Softgrid approach (with management server), the new Streaming Server scenario (where AD is not required) and Standalone.
This steps is for the first approach... installing the Application Virtualization Management Server scenario.
Environment Pre-requisites:
App V Management Server
- Windows Server 2003 SP1 [In my test environment, I used Windows Server 21003 R2 SP2]
- IIS 5.0 with ASP.NET [I used IIS 6.0]
- .NET Framework 2.0
- MMC3.0 [I didn't need to install this seperately as it had been included in my SP2]
- Download/Prepare SQL Server 2005 Express Edt. SP2
Client
- Windows XP Pro [I had a Windows XP SP2 and Windows Vista Business SP1]
- IE 6
Preparation before App-V
Prep in AD:
- Create a AD group. This group will be used to grant administrative priviliges to managing App V. (E.g. AppV Admin). Then grant this group Local Admin privileges on the App V Server
- Create another AD Group. This group will be used to to be assigned to the App V Provider Policy that grants users access to the virtual apps. (E.g. AppV Users)
- Create a user account that will be used to manage App-V. (E.g. sgadmin)
- Make the above created user account a member of the AppV Admin group
- For the purpose of testing, I created a domain user account and made it a member of the AppV Users group (sguser)
Prep on App V Management Server:
- Install all pre-requisites (.NET Framework 2.0, MMC 3.0, IIS, ASP.NET)
- Launch installation of SQL Server 2005 Express (In 4.5, MSDE is no longer 'supported')
- Accept the licensing terms and conditions check box, then click Next
- In the Installing Prerequisites window, Click Install
- Click Next when complete. Configuration check will be performed
- At the installation Welcome screen, click Next
- Click Next after the pre-requisite check is performed
- In the Registration Information page, enter a name and Company, then de-select the Hide advanced configuration options. Click Next
- Ensure Database Services is selected as Installed on Local Drive, then click Next
- In the Instance Name page, select Default Instance, then click Next (u can use a named instance as well)
- In the Service Account page, accept all defaults and click Next
- In the Authentication Mode page, accept all defaults and click Next
- In the Collation Settings page, accept all defaults and click Next
- In the Configuration Options page, enable the Add user to SQL Administrators role check box, then click Next
- In the Error Usage and Reporting page, accept all defaults and click Next
- Click Install
- When setup is complete, click Next
- Click Finish. Then RESTART THE SERVER. This is needed or else the App V setup will not detect the database.
- Once rebooted, launch the SQL Server Surface Area Configuration Tool from the Start All Programs Microsoft SQL Server 2005 Configuration Tools
- In the SQL Server Surface Area Configuration Tool Welcome screen, click on the Surface Area Configuration for Features link
- Click on the CLR Integration node on the left tree pane. Then on the details pane on the right, enable the Enable CLR Integration check box
- Then click on the OLE Automation node on the left tree pane. Then on the details pane on the right, enable the Enable OLE Automation check box
- Next, launch the SQL Server 2005 Configuration Manager.
- Expand SQL Server Network Configuration then Click on the Protocols node on the left pane, then on the right, enable the TCPIP protocol
- Restart the SQL Server service
NOTE! Point 20 to 24 was what caused me the 2 and a half day installation delay. I'm not a SQL Express guru and these steps is not mentioned in the MS Trial Guides. If point 20 and 21 is not done, you'll notice that you'll get DB connection errors. Typically when you try to launch your App V console (Error 0000C800)
Installing Application Virtualization Management Server:
- Launch the App V Management Server installer
- Accept the licensing terms and conditions check box, then click Next (you have no choice :))
- In the Microsoft Update page, select the I don’t want to use Microsoft Update option, then click Next (This is only because my test enviornment did not have an Internet connection)
- In the Registration Information page, enter a name and Organization, then click Next
- In the Setup Type page, accept the Typical option and click Next
- In the Configuration Database page, ensure (local) is selected from the dropdown list of servers, then click Next (or the name of your db server/instance)
- Select the Create New Database option, and accept the default name of APPVIRT (if you resent this name, feel free to change it )
- Click Next
- On the Secure Communication Mode page, click Next.
- On the Port Settings page, click Next
- On the Administrator Group page, type the name of the Microsoft Application Virtualization Administrators group (AppV Admin for me), and then click Next.
You can also type the first few letters of the group name, and then click Next, to display a list of groups. Click the relevant group, and then click Next. - On the Default Provider Group page, type the name of the Microsoft Application Virtualization Users group (App V Users for me), and then click Next. This is the group to which all users must belong for access to Microsoft Application Virtualization-enabled applications.
- On the Content Path page, accept the default location of the Microsoft System Center Application Virtualization Management Server content folder, and then click Next.
- Click Install
The wizard will copy the necessary files, install services, and create a database as specified in the preceding steps. When the wizard finishes, the Microsoft System Center Application Virtualization Management Console shortcut is displayed in the Administrative Tools group - Click Finish when done
- In Windows Explorer, go to %ProgramFiles%\Microsoft System Center App Virt Management Server\App Virt Managment Server and share the content folder. Ensure that Read access to this folder is given to Everyone.
- Launch the Services (services.msc) mmc console and ensure that the Application Virtualization Management Server service is started. If not, Start it.
- You can now launch the console.
- The first time the console is launched, a window will pop up to ask what the Web Service to connect to.
- Enter the name of your App V Management Server or localhost if its on the same machine. Uncheck Secure Connections and ensure it is operating on port 80. If the logged on user is a member of the AppV Admin group then leave the Current Credentials option selected. Then click OK to connect.
- Launch the Client Installer
- In the Installation Prerequisites Window, click Install
- On the Application Virtualization Desktop Client window Welcome Screen, click Next
- Accept the licensing terms and conditions check box, then click Next
- In the Microsoft Update page, select the I don’t want to use Microsoft Update option, then click Next
- In the Registration Information page, enter a name and Organization, then click Next
- In the Setup Type page, select the Custom option and click Next
- In the Destination Folder page, accept the default location and click Next
- In the Application Virtualization Data Location, accept defaults and click Next
- In the Cache Size Settings page, accept defaults and click Next
- In the Runtime Package Policy Configuration, accept defaults and click Next
- In the Publishing Server page, select the Set up Publishing Server now checkbox
a. Display Name: Name of your AppV Server (APPVSVR for me)
b. Type: Application Virtualization Server
c. Hostname: Name of your AppV Server (APPVSVR for me)
d. Port: 554 - Click Next
- Click Install
- Click Finish when complete
This should get it going. Next step... publish some sequenced apps and get down to funky town!!
Thursday, September 25, 2008
Multi Host Ping Monitoring
In a recent deployment, our customer had asked how they would be able to perform some constant connectivity testing. So, we installed the Multi Host Ping Monitoring MP that can be downloaded from SystemCenter Forum. We've been using this MP since 1.0 and works pretty well.
This cool and simple MP can be used to test connectivity to a URL as well and provides alerts when the threshold for time out seconds are breached.
Intervals for the testing can be configured and these return as collection data to run performance analysis on.
It also comes with pre-defined views! What more can you ask for! :)
You can get it here... http://www.systemcenterforum.org/multi-host-ping-mp-20-beta-now-available/
Tuesday, September 16, 2008
SCUG launched!!
We had a great launch of the System Center User Group, Malaysian Edition. About 84 people attended the launch and from that we gathered about 65 members on Day 1. I was superly excited about this.
Andrew McMurray, a Technology Specialist from Australia spent about 45 minutes talking to us about the System Center Roadmap and showcased the Config Manager R2 and its integration with SoftGrid
Jeff Low from Redmond then gave us a surprise visit to showcase to us some new stuff coming in MDOP. New DART tools as well as the all new Kidaro solution. Which was super cool.
The crowd got some chances to win prizes sponsored by Microsoft, Easy Safe and Redynamics Asia.
After the awe of technology, we came back down to earth to have a scrumptous dinner.
It was also a great that our local media decided that our event was worth covering :). Thanks Jo... http://star-techcentral.com/tech/story.asp?file=/2008/8/14/technology/20080814104157&sec=technology
Overall, I had a great time at the launch and I hope this community will remain useful for many years to come.
Photos of the launch can be viewed on my SkyDrive http://cid-528396cd62a32ef8.skydrive.live.com/browse.aspx/SCUG
We have continuous request for membership and hope that we can reach our 100 member mark by end of this year. Awesome!!
Our next event will be on September 30th at the Microsoft Auditorium, KLCC, Malaysia and I'll be speaking on the topic "ACS Masterclass - Installing, Configuring, Optimizing"
Jalsoft Xian Network Manager Io SP2 BETA released
Its good to be back to blogging after a long lay off due to work schedules.
About a week or so ago, Jalasoft announced that a Service Pack 2 for their popular Xian Network Manager Io will be released somewhere in the November timeframe. I just got news today that the BETA is already released.
In case this is new to you, Xian Network Manager is an excellent add-on to Operations Manager 2007 that allows you to proactively monitor network devices. It does a pretty good job and has a well built Management Pack.
Pete Zerger of System Center Forum wrote a great article on it and can be found at http://systemcenterforum.org/wp-content/uploads/Jalasoft_Series_rollup.pdf
From what i understand, Service Pack 2 will introduce a couple of architecture changes. The first and most important change is that they are no longer using the SDK on the Root Management Server (RMS) to send alerts and counters to OpsMgr2007. Instead the load can now be taken by any Management Server and so preventing any overload of the RMS. Now you can send without any problem thousands of counters per minute to OpsMgr2007. It is expected that this enhancement can increase the performance by more than 400%! Cool...
This would also mean that to scale, all you would need to do is just to add additional Management Servers.
Other changes in SP2 are improved management packs which are faster to load and require less instance space on OpsMgr2007. More robust SNMP module is also added to increase performance
I've downloaded the BETA today and will be testing it out. Will post any findings here.
Thursday, July 31, 2008
SCUG.my
Tech Ed SEA... T-11 days... Defcon 3... but.. i'm a super SCUG!.. :)
On August 12th, 2008 we will be launching the System Center User Group, Malaysian Edition... the SCUG The objective of the community is to enhance the knowledge and skills of its members by community sharing, deep-dive sessions by MVPs and industry experts, open space discussions, 1-day clinics, video blogging and more!
The launch will be held at the Microsoft Auditorium, 29th Floor, Petronas Tower at 6pm on Aug 12th 2008.
Andrew McMurray from Microsoft Australia and Noel Teng from Microsoft Malaysia will be sharing a session on "The Future of System Center" and "Virtualization Rocks". We will have food, drinks and more importantly.. FUN!..
I would like to thank Microsoft, Redynamics Asia and EasySafe for sponsoring the event.
There will be a special launch promo to join SCUG at only RM15 for 2-years. The normal membership is at RM20/year. On top of that, you will receive a LIMITED EDITION SCUG T-shirt, Microsoft premiums and your 1st SCUG event stamp to be redeemable for more gifts after 6 stamps!
If you can't come for the launch and still want to join as a member, send a mail to ask@scug.my
See you guys there!!!
Wednesday, July 9, 2008
Intel vPro and System Center
In typical desktop management, using any standard management product like System Center Configuration Manager, we would typically depend on the Operating System to be healthy and regularly doing its gym workouts. So what happens when an Operating System fails? No more desktop management. Thats kind of ironic isn’t it?
So.. i was going through the Intel vPro chipset and its remote management capabilities lately and found some pretty interesting facts.
So vPro is essentially the ‘Business chipset’ by Intel that contains capabilities to do magic stuff while your machine is offline. There’s a catch to this though... the main plug still has to be switched on.. AHA!! Glitch in the matrix!!!.. come on... we’re in the electronic age.. we still need power.
I wanted to just quickly talk about what integration capabilities that Intel vPro can provide for Microsoft System Center. Lets take the 3 products...
- System Center Configuration Manager 2007
- System Center Operations Manager 2007
- Softgrid Application Virtualization
System Center Configuration Manager 2007
With ConfigMgr, once provisioned, it allows for :
· remote asset inventory without needed the operating system to be on.
· Serial over LAN to perform CMOS configuration changes remotely
· IDE redirection – such that if an operating system were to crash, you could boot onto a remote ISO image sitting on a a server somewhere
· Wake-On-Lan
· Remote software updating
At present moment however, there is no support for Hardware based filtering which i was told will come in the next patch or version
System Center Operations Manager 2007
With OpsMgr, you have the Intel AMT Management Pack which provides for all that u see under the ConfigMgr features PLUS System Defense. System Defense allows for Hardware based filtering such as applying policies to filter traffic via the network interface
Softgrid Application Virtualization
If you already know what Softgrid can do, i also wrote about how ConfigMgr 2007 R2 will offer an integration to deploy Virtual Apps ( ) With the Intel vPro chipset, you could possible perform Wake-On-Lan on to a machine and push the Virtual Application package so that when the user gets in the morning.. Poof! App is on the desktop. Prepare for sudden gasp of awe from the user.
To know more details on it, i recommend u to check out the Intel vPro expert center http://communities.intel.com/community/vproexpert
I will be configuring all the above in the next couple of weeks when i return from Houston and will be posting all the findings.
Keep this channel on.
Tuesday, July 8, 2008
Tech Ed SEA session: Increasing Security and Compliance with System Center Part 1
So here I am basking in the Houston sun and mingling with about 7000 other people during the Worldwide Partner Conference. I got a couple of thoughts while i was walking through the sessions and thus here I am at the Wireless lounge to pen my thoughts. What happen to good ole pen and paper? Well.. i saved a tree today J
I was going through my initial ideas of what I will be presenting in Part 1 of the Increasing Security and Compliance session at Tech Ed and here are a couple of areas that I am going to be covering:
- Overall introduction on how System Center can leverage on a secure IT organization infrastructure
- Security Best Practices and how or which System Center technology can help
- A look at Operations Manager 2007 Built-with-security aspects (e.g. Run As Profiles, Reports security, encryption, mutual authentication)
- A look at Operations Manager Audit Collection Services
- A look at Configuration Manager 2007 Built-with-security aspects (native mode, firewall security)
- A look at Configuration Manager 2007 Patch Management architecture and best practices
- A look at Configuration Manager 2007 Desired Configuration Monitoring compliance reporting
- A look at Configuration Manager 2007 Network Access Protection and Remediation Services
- A look at Data Protection Manager 2007 and achieving backup compliance
This would lead in nicely to Part 2. Any other thoughts or ideas anyone?
Monday, June 23, 2008
Tech Ed SEA 2008 is rolling in the thunder
During the next thunderstorm (which happens pretty often in Malaysia), reach out and grab all the thunderbolts and put it into to a box! Bring that box to the KL Convention Center and open it on August 11th 2008. That's what Tech Ed SEA 2008 is going to feel like!! woohooooo..
ok.. it'll probably fry everyone in sight but the experience alone is exhilarating don't you think?? :)
ok i get it... Corny 101.
But I tell you i'm super excite about this year's Tech Ed 2008. I'll be conducting 2 sessions this year on Increasing Security and Compliance with System Center. I plan to talk about how to use the various System Center products inline with current security practices as well as introducing the various ways and techniques you can use System Center to achieve compliance. I'm currently working on what demos i want to show but as much as possible, i want the sessions to be demo centric.
I'll be starting my rituals to the Demo Gods to go easy on me this year and i'm thinking that if i offer enough meat and a virgin goat.. hopefully.. my demos will work flawlessly. OoOommmmmmm...
If there's anything you feel you'd like to see or hear, inline with my session topic, please do leave a comment.
Saturday, June 14, 2008
Operations Manager Service Pack 2.. What would you want to see?
The Product Team is currently working on Operations Manager Service Pack 2. What do you think? What would you like to see personally in Service Pack 2? Please comment
Management Pack Roadmap till Q3 2008
Quite a few people has asked me what the availability of Management Packs there are and what's coming soon. So i thought i'd share this with you. This was actually pulled out from MS. Hope it helps you plan on what's coming.
Wednesday, June 4, 2008
Operations Manager 2007 SP1 Important HotFix Released
Heads up guys! The Product Team has just released a Hotfix for Ops Manager SP1 that addresses some important areas.
Please note: This patch applies to System Center Operations Manager 2007 SP1 Only
These are the problems that were identified from a couple of management packs that this hotfix will solve
- Uable to discover CSDVersion on Windows Vista machines
- Unable to discover operating system properties on Windows 2000 SP4
- Agent HandleCountThreshold monitor does not restart Health service on exchange agent if HandleCountThreshold is exceeded
- ACS Collection rule references a wrong EventID
- Performance collection raises erroneous alerts for disabled services due to unavailable perf counters
- A script bug prevents cluster discovery where Virtual Server Name is a subset of the Physical Server Name.
If you suffer from the following symptoms... please download and apply the patch fast
- Dicover operating system properties on Windows 2000 SP4
- Discover CSDVersion on Windows Vista machines
- Restart Health service when HandleCountThreshold is exceeded
- Collect correct ACS event
- Discover cluster where Virtual Server Name is a subset of the Physical Server Name
- And additionally generates erroneous Alert for Performance Data Source Module when the services are disabled
Installation
This hotfix contains four management packs. Install these management packs from an Operations Manager console.
To extract the management pack files contained in this hotfix:
- Copy the file: SystemCenterOperationsManager2007-SP1-KB951979-X86-X64-ENU.MSI to either a local folder or accessible network shared folder.
- Then run:
SystemCenterOperationsManager2007-SP1-KB951979-X86-X64-ENU.MSI locally on each applicable computer that meets the predefined criteria.
Note: The installation path is typically the following: Program Files\System Center Hotfix Utility
This hotfix contains the following updated Management Packs which must be imported into Operations Manager. These management packs are located in the folder noted above.
Microsoft.SystemCenter.2007.mp (Version 6.0.6278.19)
Microsoft.SystemCenter.ACS.Internal.mp (Version 6.0.6278.19)
Microsoft.SystemCenter.Internal.mp (Version 6.0.6278.19)
Microsoft.Mom.BackwardCompatibility.mp (Version 6.0.6278.19)
For additional information about this issue, see KB article KB951979 at http://support.microsoft.com/
Friday, May 30, 2008
New look Management Pack Guides
Boss!! the Plane!! the Plane!!!...
What's arrived?? Well the new site for Management Pack Guides that is.
Management Pack Guides for Operating Systems and Technologies
http://technet.microsoft.com/en-us/library/cc540358.aspx
Management Pack Guides for Server Products
http://technet.microsoft.com/en-us/library/cc540357.aspx
What I like about this new site is the bottom that has the option to provide or read community content. This is important as we get notes from the field.
Tuesday, May 6, 2008
Join the System Center Virtual User Group
I would like to take a quick couple of minutes to let you know about a cool new community that has just been launched recently.
Its started by a good friend and fellow MVP, Pete Zerger. If you don't already know Pete, he started systemcenterforum.org.
This virtual community is for all of you that is interested to come together and share as well as be a central place for everyone to post questions and be united as one (i always wanted to say that..)
The nice thing i like about this community is that because its online, it can span geographical borders.
So check it out and join us now at the System Center Vitual User Group .. http://www.systemcenterusergroup.org/
They have also launched contest that will last till June that will award prizes like an XBox 360 and Zune to people that post the best community developed solutions. Check it out..
http://www.systemcenterusergroup.com/content/ContestHome.aspx
Let's get cracking guys!! :)
System Center Capacity Planner for Operations Manager 2007
Roll out the red carpets! Blast the horns! Bring in the cheerleaders! cause the long awaited model for Operations Manager 2007 is finally here! woohoooo..
If you are aware of System Center Capacity Planner 2007, it is the tool to assist in design and planning for Microsoft solutions. At release, the only model available was for Exchange 2007.
The Ops Manager Product Team released the RTM model for Ops Manager yesterday and its downloadable from http://www.microsoft.com/downloads/details.aspx?FamilyID=6fec1f12-a62c-4e8d-8a19-56879192adc3&displaylang=en
You need SCCP 2007 installed first then all you've got to do is download the model and install it.
Now the next step i would like to see is the ability of SCCP to channel data from Ops Manager and plot trends in performance and recommend a design that could possibly improve the overall performance and scalability :)
Monday, May 5, 2008
Operations Manager 2007 Design Tips from the Field
The following are some tips to consider when designing your Operations Manager 2007 infrastructure. These tips were based on my personal experience which was re-confirmed by several other MVPs who experienced similar, as well as discussions with the Ops Manager product team at Microsoft.
- Always setup a minimum of 1 RMS and 1 MS. Do not have agents report directly to the RMS. remember that the RMS functions to distribute configuration information to all MS. Having additional load on to this process is not recommended. Besides, with this, you'll have a failover scenario in place.
- 3-node clusters for RMS is not supported
- To have a affordable failover strategy for your Operations DB, use SQL Log shipping. Unfortunately, DB Mirroring is an unsupported method.
- When dealing with multi-site monitoring (branches), use a Gateway Server instead of a MS. Have MS in close proximity with your SQL Server. Why? Cause whenever MS needs to write data, it establishes a SQL ODBC connectivity. This takes up resources and the data is uncompressed. By using a GWS, data is compressed and the connection to a MS is always connected.
- Have a dedicated MS for reporting from a GWS. Do not have other agents reporting to the same MS as a GWS. Reason is that Management Servers divide their processes by number of connections. Let's say that you have 10 servers reporting to the GWS. When the MS receives that connection, it is treated as 1. If you had an additional of 10 servers reporting to that MS, the MS will divide its performance 11 ways. You would then see a significant performance drop for the servers handled by the GWS. If GWS is the only one connected to the MS, it will be given the full 100%.
- The RMS consumes CPU and RAM as its core process. So bulk up on these
- Use 64-bit for the RMS so that there are opportunities to scale beyond 4GB of RAM
- There is a Datawarehouse Grooming tool found in the Resource Kit that will help trim down the size of the Operations DW
- Support for SQL 2008 will be around the August 2008 timeframe or SP2. This will be cool cause there will be no dependency on IIS
- Each GWS can support up to 800 Agents with the SP1
For more of these tips on hardware sizing, check out my man Satya Vel's blogpost on the Ops Manager Team Blog
The Ops Manager model for System Center Capacity Planner will be out pretty soon.
Marrying SCCM R2 and SoftGrid 4.5
The first news to me is the rebranding of SoftGrid. I kinda thought it was a cool name but I guess when you acquire a product you'll always, if not necessary, to rename it. So what's the brand spanking new name?... Microsoft Application Virtualization!!. Funky? Well.. I'll let you thrive on your own opinions :)
The good news however is that the upcoming version 4.5 will be tightly integrated with System Center Configuration Manager 2007.
One of the primary goals of SCCM R2 is to be able to manage virtualized applications just like a physical application for example, asset inventory or deploying.
If you've used or tried SoftGrid 4.0 or 4.1, you'll know that in the application virtualization world, it doesn't really exist therefore SCCM or SMS could not perform inventory on those application. So 4.5 addresses this now.
The 4 core integration is:
- Packaging and distribution of virtual applications. - (Being able to create a virtual application 'package' and distribute it to the DP)
- Deployment of the virtual application - (Advertise the package to clients)
- Launching and running in a connected or disconnected environment
- Inventory and Reporting (ability to perform inventory and report on packages application and usage)
1. Deploy the Softgrid Clients to the clients (this can be done manually or via SCCM's Application Distribution
2. Sequence applications to output the native SFT package format {Sequencing is a method used my SoftGrid to re-package an application into a readable package}
3. Enable Virtual Application Distribution Point (This is done through the SCCM Site Roles)
4. Configure the Advertised Program Client to allow for Virtualized Application (This is done through the Client Agents configuration node)
5. Import Virtual Application Package (yes. A new available option in SCCM) in SCCM 2007 R2
If you notice from the screenshot above, there is a new orangy package icon. This denotes a Virtual App.
When you right-click the Packages node, you'll see an option to Import a Virtual Application Package. Then you'll walk through the wizard as follows:
6. Update the Distribution Points with the Package
7. Advertise the package to collection of users or computers (it will have the ability to select "Stream from DP" or "Download and Run". the difference is explained further down this blogpost)
The architecture of how this works is detailed in the following picture
The following are sample screenshots of a client manually downloadding and running the Virtual Application:
There are 2 application delivery and launch methods:
Streaming delivery
Pros
- Uses HTTP:// with IIS
- App shortcuts invoke connection to the server
- Great for highly connected clients
- Updates are applied to the server so new versions are fast and seemless
- Requires a minimum of 2 copies of the SFT on the DP. The first makes an assumption that the client as an active connection called the streaming copy. This is due to the fact that no revisions can be applied to a streaming package. The revision has to be applied to the static copy
- Not that great in unreliable networks and offline scenarios
- Does not support Internet facing client, workgroup client and slow network boundary
Local Delivery (Download and Execute)
Pros
- Standard DP functionality like BITS
- Entire package content are delivered locally to the client
- Application shortcuts will be available once the pacakge is completely downloaded
- Great for slow networks due to BITS
- Uses Remote Differential Compression to send binary deltas when content has changed
- Requires twice the disk space (dual cache)
- For RDC, needs 3X the disk space temporarily while calculating differences
When talking about upgrading a package, as how SoftGrid works, you would do a Sequence update. You would then need to update the content of the source and update the distribution points. To get the clients to use this upgraded package, you would need to re-run the advertisement.
How is this going to work with OSD? You can select a Task Sequence Action of either 'Run from DP' (streamed), 'Download and Execute' or 'Download on Demand' to publish the virtual application after the OS has been applied
As mentioned earlier, there will be inventory information in the RC version available through the root\microsoft\appvirt\client WMI Namespace and also an integration with Asset Intelligence Reports!
The following are screenshot of some of the reports:
For troubleshooting purposes, Virtualapp.log (events on registration and publishing)and VAppLauncher.log (events Vapp user launch) are 2 new logs that will be available
When? When? When? Well.. According to the source at MMS 2008… The release of this is Summer of 2008
Friday, May 2, 2008
A Quick Guide to Installing the Cross Platform Monitoring BETA
This is a quick guide to installing the X Platform Monitoring that was released this week. You can download it from the connect site (connect.microsoft.com). I will update it this blogpost with screenshots when i have them.
- Run the SetupSCX.msi setup file
- A "System Center Operations Manager Cross Platform Extensions" folder will be created
Launch the Operations console - Import the non-Windows Management Packs from the System Center Management Packs folder
- Close the Operations Console
- In the System Center Operations Manager Cross Platform Extensions folder, run the ImportXSLT.cmd file
- Then run the TransformImporter.exe file
- Launch the Operations Console
- To create the appropriate RunAs Accounts, perform the following:
- Go to the Administration Space and right click Run As Accounts
- Select the Create RunAs Account
- Click Next on the Opening page
- On the General Page, enter Privileged User in the Display name box, then click Next
- In the Account page, enter root as the username and the password for the root account
- Follow the same steps to create the Non-Privilege User account
- To associate the appropriate Run As Profiles, perform the following:
- Select the RunAs Profiles, locate and double-click the Unix Privileged Account profile
- Select the Run As Accounts tab and click on the New button
- Select the Privilege User account you created earlier, then click OK
- Locate and double-click the Unix Action Account profile
- Select the Run As Accounts tab and click on the New button
- Select the Non-privileged User account you created earlier, then click OK
- To discover systems perform the following:
- Go to the Monitoring space and locate the Cross Platform Servers node
- Click on Overview and on the details pane, click on the Discover available Unix and Linux computers link
- At the Welcome Screen, click Next
- At the Discovery Method screen, click the Add button
- Type in either the IP address, DNS name or address range of the computers
- Then enter the credentials used to SSH into the system for discovery purposes.
- Leave the SSH port at 22 (ensure that the SSH is configured on the non-Windows Servers), click Next
- Click Add for additional machines
- Once done, click on the Discover button
- Once the machines have been discovered (or not), you will be able to see a list of discovered machines
- Select the machines you want to install agents on (manage) and click next
- The screen will display the Discovery progress
- Click Done once .. Done
You should now be able to see the Health status of your machines. Happy monitoring :)
Cross Platform Monitoring with Operations Manager
A follow up to Interop Connectors is the Cross Platform Monitoring. Finally.. I can blog about it. Being under NDA sometimes is so frustrating :)
At the Keynote on the first day it was announced and you can read about it on MVP Maarten Goet's blog (http://www.techlog.org/archive/2008/04/29/opsmgr_cross_platform__first_s)
Ultimately the plan is to be able to support Linux and Unix platform monitoring out of the box. Support for MAC Server is in the plan.
Some of the features planned for V1:
- Discovering non-Windows System using IP range
- Deploy Agent as part of Discovery Wizard
- WS-Man based Agent channel
- Caching Events in a case of network failure
- Ability to manually install agents
- Discover entities on non-Windows System post Agent deploy
- Unit, aggregate and dependency monitors with Knowledge Articles
- Collect and Monitor Performance counters
- Collect and Moniror Event from non-Windows Systems and store in Live DB and DatawarehouseDB
- Diagnostic and recoveries
- Tasks that execute simple commands and return output to UI
- Support for customized UI pages
- Support for non-Windows entities in Distributed Application Designer
- Reports for data
- Templates for custom monitoring rules and MPs
- Agent Uninstall and Upgrade
The install will be a single one which would then add the necessary components.. Copying SSH modules, Copy the Transforms, and Copy the Management Pack
A "System Center Operations Manager 2007 Cross Platform Extensions" folder will be created in the root drive. The Agents are located in this folder
To get it functional with the BETA, the following has to be done:
- Import Management Packs
- Create Run As Accounts
- Associated Run As Accounts with Run As Profiles (Within the Management Pack is the Run As Profiles of Unix Action Account and Unix Privilege Account. The Management Pack will automatically select which profile to use in different scenarios)
- Import XSL Transforms (must be done after Management Pack as it addresses certain components in the Management Pack)
The Discovery and Agent Deployment Process
- First it will discover using the scope (IP, DNS, IP Range)
- It will then discover whether there is already an agent installed.
- If its not install, SSH will be used to discover what UNIX or Linux platform, distribution and version the non-Windows system is
- Once the platform is noted as supported, the package is then deployed
- Once the Agent is installed, data about the non-Windows system will be inserted into the DB
I was typically impressed with how diagnostics are automatically configured to run and this is all part of the Management Pack
The following are the log files that are monitored:
- SU command execution
- Toor login failures
- Critical authentication errors
- Breakin attempts
- SSH authentication failures
- Custom templates to be used
I will be doing up a step by step configuration guide to get the BETA working. I'll post it once its done.
System Center Operations Manager 2007 Unleashed
A common question that people has been asking me is.. "Do you know of a good Ops Manager book". The regular answer used to be.. "Is there one??"
I'm happy to announce that there is one now.. and a respectable one at that.
The System Center Operations Manager 2007 Unleashed book written by Cameron Fuller, Kerrie Myler, John Joyner and Andy Dominey.
http://www.amazon.com/System-Center-Operations-Manager-Unleashed/dp/0672329557/ref=sr_1_1?ie=UTF8&s=books&qid=1208332494&sr=8-1
It has amazing content. Especially such that the authors are Microsoft Most Valuable Professionals in Operations Manager! They are reputable people in the industry and have vast experience in the Management space. That would probably explain the size of the book! You could knock out a cow with that!..
I had the privilege of meeting up with the guys at the MVP Summit and MMS 2008 and got to know them better. You would think that people with such great experience and success would have a tad bit arrogance in them.. but Absolutely NONE. These guys are so down to earth, willing to share and the amount of knowledge and experience inside their heads are phenomenal.
Check out their blog sites under the My Saviors links
Thursday, May 1, 2008
Searching System Center Content Online
I don't know about you, but i totally do not like pulling my hair while trying to find content on System Center on the TechNet site. So when I heard about a Vista Gadget that helps search for it by me typing in a keyword.. i was curious.
At MMS this week, they announced the gadget and i've spent the last 2 hours playing around with it and i am now recommending it :)
http://gallery.live.com/LiveItemDetail.aspx?li=49e26ad0-113d-4f3d-a711-57f6530c75d9
Happy System Center Searching!!!
Ops Manager Interop Connectors
Kevin Muldoon from the acquisition of Engyro started the session talking about Interop which is simply the ability for System Center to communicate to other systems so that IT operations issues can be viewed as a whole.
The reality of the industry is most companies are heterogenous. So the first step of Interop for System Center addresses the forwarding of alerting data into any other Operations Workflow as well.
The next area that you would see Interop is to be able to receive event data and discover relationships from other systems into Operations Manager. Even to the extend of generating service manager tickets from other systems.
The core architecture that Interop uses is WS-Man to securely send data across to other systems. On the other side, WS-MAN receives it then passes it to CIMOM (Open Pegasus) which will then kick off a provider with Native APIs to talk to systems like Tivoli, Openview and Remedy. There is also a Universal Connector that can be customized
The connector also syncs between both systems 2-way. In Ops Manager, it is done via the same Ops Manger console and a single Management Pack for monitoring the connector.
In the first Demo, Kevin stopped the WWW service. The IIS Management Pack is installed in Ops Manager and monitoring the IIS environment. The Tivoli Enterprise Console connector is also installed and configured to automatically forward to the TEC console. These configurations can be done through a UI provided through the Management Pack.
The Ops Manager receiver the alert and began forwarding it to TEC. When TEC received the alert, it replied with a Ticket ID. Ops Manager console showed the ticket ID and a message that stated the successful forwarding
When you close the alert in TEC, it also automatically closes the alert in Ops Manager. It also works the other way round.
Based on the demo, it really seemed that everything was simple and was well architected under the covers.
Kevin also mentioned that connectors for NetCool and Omnibus was in the works.
If you're familiar with Engyro connectors, the Interop took the functionality but re-architected it using Microsoft technologies rather then the JAVA based Engyro design.
The current BETA is not cluster aware but this is part of the plan. Part of this plan is also to have some form of processing before the alerts are forwarded.
The second demo was on HP OVO. The same scenario was performed and the alert was acknowledged (closed) in HP OVO. The alerts in Ops Manager closed as well.. Like clockwork. When the IIS was started again, it automatically resolved in Ops Manager and so in HP OVO.
Pricing? How about FREE with the product :)
The connector to BMC Remedy has roughly about the same features like HA and multiple Management Groups. The demo showed a manual forwarding from Ops Manager. On the Remedy there is a custom form which injects a workflow which takes the data and then puts it into the Incident Management System.
When a ticket is closed, the alert in Ops Manager automatically disappears. Magic.
Then the IIS service was restarted, Ops Manager automatically resolved the alerts and as usual disappears from the screen. In Remedy, the status chages to Resolved but will not automatically close it because it is not typically fashionable to close a ticket as you would want to track the incidents that happens.
There is currently no support for alert correlation or latency configuration before an alert is forwarded.
The Universal Connector is a way to take alert data from Ops Manager and pass it to any remote systems out there. The data will be presented in the system as XML or Unix property files.
Timeframe of RTM?.. Ops Manager Service Pack 2.
Wednesday, April 30, 2008
MMS 2008 Live
Its official... i'm no longer an MMS virgin. My first time here is a wonderful experience. Being able to meet such high calibre experts in the Management Space is a dream come true. Sessions that i attended were deep technically and done by some of the more experienced folks in the world.
As I blog about the sessions i'll be attending in the next couple of days, my fellow MVP Maarten Goet from the Netherlands is doing an excellent Live commentary on this blog.
check out www.techlog.org
Stay tuned..
Penguin in the Windows
Today at MMS, Microsoft released news that they will be supporting Cross Platform Monitoring through Ops Mgr 2007. To give you a feel of what this means?... Through the X Platform Monitoring component, Ops Mgr is able to monitor the non-Windows OS environments such as Unix and Linux... out of the box.
I had the privilege of speaking to the product team behind the development of this and got to see a demo and i must say its looking pretty impressive. Yes.. its developed in-house. The Agent is developed using Open Source standards such as WS-MAN
This will allow Ops Mgr to natively receive alerts and report data direct from a Unix/Linux box and partners can then build management packs on top of this to support applications that sit on the non-Windows operating systems.
The BETA is available at the Connect site http://connect.microsoft.com/
A Team blog was also released today at http://blogs.msdn.com/scxplat/
The second announcement was the improved connectors for HP OpenView and IBM Tivoli
Saturday, April 5, 2008
MP Catalog Update
The Windows 2003 Cluster Management Pack has been updated. Hurray Hurray! Time to pop yet another bottle of champagne! .. damn.. where are the glasses..
go to http://www.microsoft.com/downloads/details.aspx?FamilyId=AC7F42F5-33E9-453D-A923-171C8E1E8E55&displaylang=en&displaylang=en
Take note however that the previous MP has to be uninstalled prior to installing this one. The following has to be removed:
Microsoft.Windows.2003.Cluster.Management.Monitoring Microsoft.Windows.2003.Cluster.Management.Library Microsoft.Windows.Cluster.Management.Monitoring Microsoft.Windows.Cluster.Management.Library
If you are unaware of steps to delete.. follow this simple to follow guide.. :)
1. Locate all management packs that reference MP to be deleted. You can use MPViewer
2. Export those management packs (to back up)
3. Delete all management packs, including your custom MP files
4. Import new MP files with more recent version
5. Re-import backed-up custom management packs (referencing older version of MP within your custom MP is not a problem when newer version of that MP exists in the system)
Cluster Monitor away!!!
Friday, April 4, 2008
Vista Gadget for Team News
There can't be anything better... up to date news on System Center right on your desktop?
http://www.systemcenternews.com/SCNews.Gadget
This tool publishes information in a Vista Gadget. So if you're waking up in the middle of the night worried about missing the latest news from the product team? Look no further! :)
Wednesday, January 2, 2008
Re-installing Operations Manager 2007
In a recent deployment, we encountered several wierd problems. Most of them not documented. So we decided to reinstall Ops Manager and.. try again. These were the steps that we took:
- We used the Clean Up tool provided in the Ops Manager Resource Kit. Also downloadable. (see my other post for the link)
- We also used the Clean up tool to remove the Agents.
- Then we used SQL Management Studio to delete the OperationsMangerDB and OperationsManagerDW
We then proceeded to reinstall OpsMgr 2007.
When we came to Installing Reporting, it game us an error that said.. SRS could not be validated. This is where i remembered a tool that is provided with OpsManager that you need to run to reset the Reporting Server because a different encryption key was used.
Go to the Support Tools folder in the OpsMgr CD and copy the ResetSRS.exe utility into your HDD. Then run either:
ResetSRS.exe MSSQLSERVER (if you had installed SQL using default instance), 'or'
ResetSRS.exe InstanceName (the instance name you installed)
You will then be prompted to enter a credential to be used for authentication. Enter it using this format: DOMAIN\username
After this, launch the Report Services Configuration Wizard. You should see that the Web Authentication section is producing an error. Click on that page and click Apply.
Then Exit.
Proceed to restart the server.
Now you should be able to install OpsMgr Reporting
Hope this helps
Ops Manager 2007 Agent not connecting
I was in a Ops Manager Deployment last week and when we pushed the Agent to the Exchange Server, it got stuck in the Pending view and refused to move. The Operating System was Windows Server 2003 SP1 and had Windows Installer 3.1
Checking the logs at the Agent, we noticed the following error messages:
Event ID: 21016
OpsMgr was unable to set up a communications channel to server.domain.com and there are no failover hosts. Communication will resume when server.domain.com is both available and allows communication from this computer
Event ID: 21001
The OpsMgr Connector could not connect to MSOMHSvc/server.domain.com because mutual authentication failed. Verify the SPN is properly registered in the server and that is properly registered in the server and that, if the server is in a seperate domain, there is a full trust relationship between two domains
Event ID: 20057
Failed to initialize security context for target MSOMSvc/server.domain.com. The error returned is 0x80090303 (The specified target is unknown or unreachable). This error can apply to either the Kerberos or the SChannel package.
We verified that both servers are part of the same domain and DNS lookups were fine.
We then proceeded to check the SPN IDs and found out conflicting records.
To support mutual authentication, the server registers Service Principal Names that are tied to either the computer account or the user account. In this instance somehow, SPNs got registered with the OpsMgr server account as well as the OpsAdmin user account.
To solve this, I did the following:
- From the domain controller, open a command prompt and then type the following string: ldifde -f domain.txt
- Open the text file in Notepad and then search for the SPN that is reported in the event log. ServiceClass/host.domain.com (in this case look for MSOMHSvc/server.domain.com)
Note the user accounts under which the SPN is located and the organizational unit the accounts reside in
Use one of the following options to delete the account SPN registrations from the accounts that should not contain registrations to ServiceClass/host.domain.com. (i.e. Typically any accounts containing an SPN registration for SeriviceClass/host.domain.com that services are not explicitly starting with). Make sure you know which credentials you want to keep (in this case the system account or the domain administrator) and see to it that the service is running with the credentials you want to use. Delete the other one.
Using ADSIEdit
- Add ADSIEdit to the MMC and bind to the domain using the Domain well known naming context.
- Navigate to each user account you previously documented (for my case, I went to the opsadmin user account)as having a duplicate SPN registration and right click the account and select properties.
- Scroll through the list of attributes until you see servicePrincipalName, double click servicePrincipalName and remove the duplicate SPN registration and click on OK and exit ADSIEdit.
Then I proceeded to restart the Health Service on the Agent and wallahhhh!!! connected!..
A similar explanation can be found at: http://www2.wolzak.com/index.php?option=com_content&task=view&id=15&Itemid=2