LeVeilleur.net

Subscribe

OpsMgr / SCOM : Automatic Agent Deployment With PowerShell

janvier 20, 2010 By: Christopher Keyaert Category: Scom 2007, powershell No Comments →

Hello everyone,

Some weeks ago, I had to deploy SCOM Agent on more than 350 windows servers at the time. For that, I wrote a PowerShell Script where you just have to give a server list in input and the name of your RMS/MS . And that’s it, the script is performing the agent installation for you. A CSV file will be generated as output with the agent installation status of each servers.

Concerning the right management, you have to ensure that the Default Action Account using on the server that you will use for deploying the agents (MS normally), has administrative right on the servers that you want to add in SCOM. For that, and the duration of the deployment only, use a Domain Admin Account as the Run As Account of your MS/RMS.

The script :

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
###########################
# Autor : Christopher Keyaert
# Version : 1.0
# Date : 28 DEC 2009
##########################
#Getting the credential of the user
#$creds = Get-Credential

###########################
#Param
##########################
$RMS =  #don't forget to use the FQN RMS001.contoso.local
$MS  =  #don't forget to use the FQN MS001.contoso.local

$myFile = "D:\Dep\myfile.txt" #List of Servers
$ResultPath = "D:\Dep" #Folder for path output
Start-Transcript -path "$ResultPath\Transcript$(get-date -uformat '%Y-%m-%d_%Hh%Ms%S').log"

$MaintenanceModeEnable = $false

$MaintenanceModeDuration = 10 * 1440 # 1440 minutes per day
$comment = 'Global Deployment'
$reason = 'PlannedOther'

######################
#Functions
#####################
function SetToMaintenanceMode($rootMS,$computerPrincipalName,$minutes,$comment,$reason)
{
$computerPrincipalName = $computerPrincipalName + ".dir.ucb-group.com"
$computerClass = get-monitoringclass -name:Microsoft.Windows.Computer
$healthServiceClass = get-monitoringclass -name:Microsoft.SystemCenter.HealthService
$healthServiceWatcherClass = get-monitoringclass -name:Microsoft.SystemCenter.HealthServiceWatcher
$computerCriteria = "PrincipalName='" + $computerPrincipalName + "'"
$computer = get-monitoringobject -monitoringclass:$computerClass -criteria:$computerCriteria
$healthServices = $computer.GetRelatedMonitoringObjects($healthServiceClass)
$healthService = $healthServices[0]
$healthServiceCriteria = "HealthServiceName='" + $computerPrincipalName + "'"
$healthServiceWatcher = get-monitoringobject -monitoringclass:$healthServiceWatcherClass -criteria:$healthServiceCriteria
$startTime = [System.DateTime]::Now
$endTime = $startTime.AddMinutes($minutes)

Write-host " "
"Putting " + $computerPrincipalName + " into maintenance mode"
New-MaintenanceWindow -startTime:$startTime -endTime:$endTime -monitoringObject:$computer -comment:$comment -Reason:$reason
 
"Putting the associated health service into maintenance mode"
New-MaintenanceWindow -startTime:$startTime -endTime:$endTime -monitoringObject:$healthService -comment:$comment -Reason:$reason
 
"Putting the associated health service watcher into maintenance mode"
New-MaintenanceWindow -startTime:$startTime -endTime:$endTime -monitoringObject:$healthServiceWatcher -comment:$comment -Reason:$reason
Write-host " "

}

#################################
#Init the connection to SCOM srv
#################################
if(-not (Get-pssnapin | Where-Object {$_.Name -eq "Microsoft.EnterpriseManagement.OperationsManager.Client"}))
    {
    Add-PSSnapin Microsoft.EnterpriseManagement.OperationsManager.Client
    }  
new-managementGroupConnection -ConnectionString:$RMS
Set-Location "OperationsManagerMonitoring::" -ErrorVariable errSnapin ;
Set-Location $RMS -ErrorVariable errSnapin ;   

##########################
#Agent installation
##########################
#Creating the computers list
$ComputersList  = @()
$ComputersList = Get-Content $myFile

#Define a WindowsDiscoveryConfiguration
$discoConfig = New-WindowsDiscoveryConfiguration –ComputerName: $ComputersList –PerformVerification: $true -ComputerType: "Server" #–ActionAccountCredential: $creds

#Start the discovery process.
$managementServer = Get-ManagementServer | Where-Object {$_.PrincipalName -like "*$MS*"}

$discoResult = Start-Discovery –ManagementServer: $managementServer –WindowsDiscoveryConfiguration: $discoConfig

#Check that the discovery process discovered the Windows computers you specified.
$discoResult.CustomMonitoringObjects

if($discoResult.CustomMonitoringObjects -ne $null)
    {
    Write-Host "Agent installation in progress..."
    Write-Host ""
    Install-Agent –ManagementServer $managementServer –AgentManagedComputer $discoResult.CustomMonitoringObjects

    Write-host "Installation Finished, waiting for 60 secondes"
    Start-Sleep -s 60
    }
else{
    Write-Host "No servers discovered"
    }  

####################################################################
#We have to check if all the agent has been well installed + Maintenance mode
#####################################################################
Write-Host ""
Write-Host "Installation Checking"
Write-Host ""

$InstallArray = @()
foreach($srv in $ComputersList)
    {
    $Value = $null
    $Value = Get-agent | Where-Object {$_.ComputerName -like "*$srv*"}
   
    if($Value -ne $null)
        {
        Write-Host "$srv - Agent installed "
        $InstallTime = $Value.InstallTime
        $HealthState = $Value.HealthState
        $AgentInstalled = $true
       
        #Write-Host "Activation of the Maintenance Mode"
        #Put the server in Maintenance Mode
        if($MaintenanceModeEnable -eq $true){SetToMaintenanceMode $RMS $srv $MaintenanceModeDuration $comment $reason}
       
        }
    else{
        Write-Host "$srv - Agent not installed"
        $AgentInstalled = $false
        $InstallTime = ""
        $HealthState = ""
        }
   
    $obj = New-Object PSObject
    $obj | Add-Member Noteproperty -Name "Name" -Value $srv
    $obj | Add-Member Noteproperty -Name "AgentInstall" -Value  $AgentInstalled
    $obj | Add-Member Noteproperty -Name "InstallTime" -Value  $InstallTime
    $obj | Add-Member Noteproperty -Name "HealthState" -Value  $HealthState
    $InstallArray += $obj
    }

Write-Host ""  
Write-Host "Save the Result File"  

$InstallArray  | Export-Csv "$ResultPath\$(get-date -uformat '%Y-%m-%d_%Hh%Ms%S').csv"
Stop-Transcript

SCOM2007R2 : not enough entropy when installed Linux Agent

décembre 03, 2009 By: Christopher Keyaert Category: Scom 2007 No Comments →

Here the error message :

1
2
3
4
5
6
7
8
9
10
Generating certificate with hostname="xxxxxxxx"
[/home/serviceb/TfsCoreWrkSpcLinux_REDHAT_5.0_x86_64/source/code/tools/scx_ssl_config/scxsslcert.cpp:198]
Failed to allocate resource of type random data: Failed to get random data - not enough entropy
error: %post(scx-1.0.4-248.x86_64) scriptlet failed, exit status 1


<DataItem type="Microsoft.SSH.SSHCommandData" time="2009-12-03T12:08:30.6908778+01:00" sourceHealthServiceId="91A3B596-F820-6A90-305C-6974DA25966D"><SSHCommandData><stdout>Generating certificate with hostname="xxxxxxx"
[/home/serviceb/TfsCoreWrkSpcLinux_REDHAT_5.0_x86_64/source/code/tools/scx_ssl_config/scxsslcert.cpp:198]
Failed to allocate resource of type random data: Failed to get random data - not enough entropy
error: %post(scx-1.0.4-248.x86_64) scriptlet failed, exit status 1

There are two ways to solve this problem, you can recreate the /dev/random file or do a manual agent install.

For both fixes, clean off the partially installed agent using the commands

  1. rpm -e scx
  2. rm -rf /etc/opt/microsoft/scx

Then if you want to make it so that discovery will work from the wizard use the commands

  1. rm /dev/random
  2. mknod -m 644 /dev/random c 1 9
  3. chown root:root /dev/random

A manual install requires copying the appropriate package from %Program Files%\System Center Operations Manager 2007\AgentManagement\UnixAgents to the Unix\Linux machine and installing it directly.

After fixing the install issue, switch the /dev/random file back to a signed random file using the commands:

  1. rm /dev/random
  2. mknod -m 644 /dev/random c 1 8
  3. chown root:root /dev/random

Source : http://blog.xplatxperts.com/xplat-xperts/2009/08/opsmgr-cross-platform-discovery-errors.html

SCOM2007 : Installation de Operations Manager 2007

novembre 26, 2008 By: Christopher Keyaert Category: Scom 2007, Windows No Comments →

Hello,

Comme promis, voici la suite de l’article sur l’installation de Microsoft System Center Operations Manager 2007.
Au préalable, vous devrez avoir un server Microsoft SQL Server 2005 fonctionnel.

Installation de la partie SQL pour Microsoft System Center Operations Manager 2007

Cette partie est donc à réaliser sur le Microsoft SQL Server 2005 que vous avez préalablement installé.

(Lire la suite…)

SCOM2007 : Installation de Sql Server 2005

novembre 24, 2008 By: Christopher Keyaert Category: Scom 2007, Windows No Comments →

Voici la première partie du guide d’installation de Microsoft System Center Operations Manager 2007. La première partie consiste à installer Microsoft Sql Server 2005 sur un serveur dédié.

La plupart des screenshoots ci-dessous se passe de commentaires :


  (Lire la suite…)

Scom2007 : Scripts pour Maintenance Mode

novembre 23, 2008 By: Christopher Keyaert Category: Scom 2007 No Comments →

Hello tout le monde,

En tant qu’utilisateur de Microsoft System Center Operations Manager 2007, vous avez déjà certainement été confronté au problème ci-dessous

 A computer agent unexpectedly generates heartbeat alerts after you put it into Maintenance mode in System Center Operations Manager 2007

La description détaillée de cela se trouve sur le site de Microsoft : http://support.microsoft.com/kb/942866

En fait, pour mettre un serveur en Maintenance Mode, il faut mettre en réalité trois objets en Maintenance :

  • Computers
  • Health Service
  • Health Service Watcher

Plutot que de faire cela à la main à chaque fois que vous souhaitez mettre un odirnateur completement en Maintenance Mode, voici deux scripts que j’ai écris.


# ==============================================================================================
#
# Microsoft PowerShell Source File
#
# NAME: StartMaintenanceMode.ps1
#
# AUTHOR: Christopher Keyaert
# EMAIL: christopher.keyaert@ucb-group.com
#
# DATE  : 11/19/2008
# VERSION : 1.0
#
# COMMENT: This script will start the maintenance mode for the specified computer
#
# PARAMETERS: rootMS, computerPrincipalName, minutes, comment, reason
#
#
#
# ==============================================================================================

param($rootMS,$computerPrincipalName,$minutes,$comment,$reason)

Add-PSSnapin "Microsoft.EnterpriseManagement.OperationsManager.Client" -ErrorVariable errSnapin;
Set-Location "OperationsManagerMonitoring::" -ErrorVariable errSnapin;
new-managementGroupConnection -ConnectionString:$rootMS -ErrorVariable errSnapin;
set-location $rootMS -ErrorVariable errSnapin;

$computerClass = get-monitoringclass -name:Microsoft.Windows.Computer
$healthServiceClass = get-monitoringclass -name:Microsoft.SystemCenter.HealthService
$healthServiceWatcherClass = get-monitoringclass -name:Microsoft.SystemCenter.HealthServiceWatcher
$computerCriteria = "PrincipalName='" + $computerPrincipalName + "'"
$computer = get-monitoringobject -monitoringclass:$computerClass -criteria:$computerCriteria
$healthServices = $computer.GetRelatedMonitoringObjects($healthServiceClass)
$healthService = $healthServices[0]
$healthServiceCriteria = "HealthServiceName='" + $computerPrincipalName + "'"
$healthServiceWatcher = get-monitoringobject -monitoringclass:$healthServiceWatcherClass -criteria:$healthServiceCriteria
$startTime = [System.DateTime]::Now
$endTime = $startTime.AddMinutes($minutes)

"Putting " + $computerPrincipalName + " into maintenance mode"
New-MaintenanceWindow -startTime:$startTime -endTime:$endTime -monitoringObject:$computer -comment:$comment -Reason:$reason

"Putting the associated health service into maintenance mode"
New-MaintenanceWindow -startTime:$startTime -endTime:$endTime -monitoringObject:$healthService -comment:$comment -Reason:$reason

"Putting the associated health service watcher into maintenance mode"
New-MaintenanceWindow -startTime:$startTime -endTime:$endTime -monitoringObject:$healthServiceWatcher -comment:$comment -Reason:$reason

Le second, pour arrêter le Maintenance Mode


# ==============================================================================================
#
# Microsoft PowerShell Source File
#
# NAME: StopMaintenanceMode.ps1
#
# AUTHOR: Christopher Keyaert
# EMAIL: christopher.keyaert@ucb-group.com
#
# DATE  : 11/19/2008
# VERSION : 1.0
#
# COMMENT: This script will stop the maintenance mode for the specified computer
#
# PARAMETERS: rootMS, computerPrincipalName
#
#
#
# ==============================================================================================

param($rootMS,$computerPrincipalName)

Add-PSSnapin "Microsoft.EnterpriseManagement.OperationsManager.Client" -ErrorVariable errSnapin;
Set-Location "OperationsManagerMonitoring::" -ErrorVariable errSnapin;
new-managementGroupConnection -ConnectionString:$rootMS -ErrorVariable errSnapin;
set-location $rootMS -ErrorVariable errSnapin;

$computerClass = get-monitoringclass -name:Microsoft.Windows.Computer
$healthServiceClass = get-monitoringclass -name:Microsoft.SystemCenter.HealthService
$healthServiceWatcherClass = get-monitoringclass -name:Microsoft.SystemCenter.HealthServiceWatcher
$computerCriteria = "PrincipalName='" + $computerPrincipalName + "'"
$computer = get-monitoringobject -monitoringclass:$computerClass -criteria:$computerCriteria
$healthServices = $computer.GetRelatedMonitoringObjects($healthServiceClass)
$healthService = $healthServices[0]
$healthServiceCriteria = "HealthServiceName='" + $computerPrincipalName + "'"
$healthServiceWatcher = get-monitoringobject -monitoringclass:$healthServiceWatcherClass -criteria:$healthServiceCriteria

$endTime = [System.DateTime]::Now

"Stopping " + $computerPrincipalName + " maintenance mode"
Set-MaintenanceWindow -endTime:$endTime -monitoringObject:$computer

"Stopping the associated health service maintenance mode"
Set-MaintenanceWindow -endTime:$endTime -monitoringObject:$healthService

"Stopping the associated health service watcher maintenance mode"
Set-MaintenanceWindow -endTime:$endTime -monitoringObject:$healthServiceWatcher

Et voici comment appeller ces deux scripts

Start maintenance mode
 C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe C:\MaintenanceMode\StartMaintenanceMode.ps1 –rootMS: ‘localhost’ -computerPrincipalName: 'SERVERNAME' -minutes:30 -comment: 'Maintenance Mode' -reason: 'PlannedOther'
Stop maintenance mode
 C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe C:\MaintenanceMode\StopMaintenanceMode.ps1 –rootMS: ‘localhost’ -computerPrincipalName: 'SERVERNAME'

Voilà, si vous avez des questions, ne pas hésiter à les poser dans les commentaires.