How to Access: Operations Manager Console SCOM 2016

1 How to Access: 1.1 Web Console The Operations Manager Web Console is located here: http://servername/OperationsManager From a browser. Type the following URL: http://Servername/OperationsManager The Web Console is displayed. 1.2 How to Install Console on Workstation \ VDI Instance Pre-Requisites in order of installation: 1. Install SQL CLR Types 2014 2. Install Report Viewer next From Windows file explorer, run Setup.exe Select Install From the Select Features window, select Operations console Click Next. Accept the default Location. Click Next. Verify that Prerequisites are met. Click Next. Accept license agreement. Click Next. On Microsoft Update window, select Off. Click Next. Specify the… Management Group Name Management Server Management Server Port Verify the summary. Click Install. Setup should complete successfully. Click Close. 2 Adding a Windows Server to SCOM (Push from SCOM) Go to ‘Administration’ pane, Right Click on Device Management  Agent Managed Discovery Wizard Click on Windows Computer and click Next Under ‘Advanced Discovery’, make sure the following settings are selected: Under Discovery Method, type in the machine name(s) and click Next Keep defaults as it is under ‘Administrative Account’ and click ‘Discover’ Once device is discovered successfully, you need to Check the option to Manage, leave defaults as it is under Management Server and Management Mode: Leave default settings under ‘Summary’ and click ‘Finish.’ Agent installation process will start in a new window, and once installation is complete, the Status will change to ‘Success’ In order to install the SCOM agent remotely by 'pushing', it is necessary for a number of ports to be opened. TCP 5723 and 51909 are agent ports after the agent is installed. To push the agent, you need the following: Agent push requirements (including firewall ports): • The account being used to push the agent must have local admin rights on the targeted agent machine. • The following ports must be open: • RPC endpoint mapper Port number: 135 Protocol: TCP/UDP • *RPC/DCOM High ports (2000/2003 OS) Ports 1024-5000 Protocol: TCP/UDP • *RPC/DCOM High ports (2008 OS) Ports 49152-65535 Protocol: TCP/UDP • NetBIOS name service Port number: 137 Protocol: TCP/UDP • NetBIOS session service Port number: 139 Protocol: TCP/UDP • SMB over IP Port number: 445 Protocol: TCP • The following services must be set: • Display Name: Netlogon Started Auto Running • **Display Name: Remote Registry Started Auto Running • Display Name: Windows Installer Started Manual Running • Display Name: Automatic Updates Started Auto Running 3 Uninstall SCOM Agent (Windows) Click on Administration Pane Device Management Agent Managed Search for the machine that needs to be removed from SCOM. If the machine is greyed out, it means its already powered off. In this scenario, we can just click “delete” from the tasks Pane on the right side. If the server is in “Healthy” and “Green” state, click uninstall. Once uninstall is complete, it will remove the agent from the SCOM console. 4 Adding a Web Application Availability Monitoring (URL) to SCOM Go to Authoring Pane, expand Management pack Templates, Right Click Web Application Availability Monitoring and click Add Monitoring Wizard Select “Web Application Availability Monitoring” and click Next. Name the application appropriately. You need to save it to the appropriate MP that corresponds to the Application Name. If a new MP needs to be created, Create one using the following format : “Celgene - MP” Under the name for the URL, name it appropriately e.g. LifeBankUSA, MW-OSB etc. and Under the URL, list the entire URL that resolves by checking it first in a browser. Under “Where to Monitor from”, select “Internal Location – Resource Pool” and Select “URL Monitoring Resource Pool” and click “Add”. Click on “Run Test” Click on “Create” after verifying the “Summary” tab 5 Adding a network device in SCOM Go to Administration Pane  Network Management  Discovery Rules If you are trying to discover less than 10 devices in one go, select “Celgene Small number…” or the “Celgene Large…” Highlight “Celgene Small…” and under Tasks Pane, select Properties. The Network device discovery wizard window will open. Do not change any settings and click on “Next”. Select Explicit Discovery, leave default accounts checked as it is. Under Devices, Click on “Add”, Add IP address and leave Access Mode as “ICMP and SNMP”. In case only ICMP is required, only then change this setting Under “Schedule the network discovery” you can select an option to schedule time at least 30 minutes in the future to ensure the settings for discovery get propagated to the Network discovery wizard servers. You also have an option to run it manually but that will fail as it takes time in our large environment for Management Configuration file to communicate to all Management servers that new settings are available. After the specified event time has passed, go back to the Discovery Rules folder within SCOM console and hit F5 to see if the “Last Run time” value is reflecting the time specified. On Maintenance Mode Settings windows Fill in desired timeframe for maintenance Click OK. Verify that selected Server is now in Maintenance mode and shows a state of Not Monitored. .   6 How to Set Maintenance Mode for an Agent From Console, for Windows Computer, click on Windows Computer State view. Search for Server and Select Server For Linux, do the same by clicking on Unix/Linux state view. Right click on Server and select Maintenance Mode / Start Maintenance Mode On Maintenance Mode Settings windows Fill in desired timeframe for maintenance Click OK. Verify that selected Server is now in Maintenance mode and shows a state of Not Monitored. . 7 How to Schedule Maintenance Mode From Console, select Maintenance Schedule Select Create Maintenance Schedule From Create Maintenance Schedule window: On Object Selection tab, select Add\Remove Objects Search for desired objects and add them to the Selected objects Click OK. Please avoid putting large groups into Maintenance mode. On Schedule tab, specify the schedule details. . On Details tab, give the schedule a name and specify the category and add any comments. Click Finish. Verify that the newly created Maintenance Schedule is displayed.   8 Configure My Workspace From Console, select the desired view. Right click and select Add to My Workspace From Add To My Workspace window: Specify a Name and click OK. Folders can be created in My Workspace for organizational purposes From Favorite Views under My Workspace Right click and select New / Folder Specify a folder name. . Verify the creation of the new folder. The new folder can now be specified when adding a view to My Workspace. Select the desired view, right click and select Add to My Workspace From the Add To My Workspace window Select the desired folder to add the view to. Click OK. Verify that the view was added under the correct folder in My Workspace.   9 Notification Configuration 9.1 How to Configure Subscribers From the Administration Panel, select Notifications / Subscribers. Right click and select New Subscriber On the Description tab, enter a name for the subscriber Click Next. Please Do Not add individuals! Only use Distribution Lists. On the Schedule tab, select Always send notifications. Click Next. On the Addresses tab, click Add Click Next. On the Channel tab, specify the Channel type as Email and a valid email address. Click Next. Please Do Not add individuals! Only use Distribution Lists. On the Schedule tab, select Always send notifications. Click Finish. Back on the Addresses tab, the subscriber should be displayed. Click Finish. The subscriber should be successfully created. Click on Close. The subscriber should be display in the main view.   10 Override Configuration 10.1 Configure Monitor Override From the Authoring / Management Pack Objects / Monitors, right click and select Overrides / Override the Monitor / For all objects of the class: Windows Server 2003 Logical Disk. On the Overrides Properties window, change the necessary values. Change Warning Threshold for System Drives to 8000 Change the Error Threshold for System Drives to 5000 Click on New for Select Management Pack On the Create a Management Pack window, enter a name and description on the General Properties tab. On the Knowledge tab, leave blank. Click Create. The new custom Management Pack is displayed. Click OK. 11 Resolution States Under Administration / Setting, select Alerts. The Global Management Group Settings – Alert window will display The Alert Resolution States will be displayed. Resolution States can be added or deleted to meet your specific workflow needs. 12 Create New Alert View From Monitoring, right click and specify New / Alert View On the Properties window, Specify a name and description and add the criteria that will result in the desired view. Click OK. Verify that the new view has been created.

SCOMHelper Tool PowerShell Module

Update: 2020.08.12: Added New-SCOMComputerGroup Update: 2020.05.13: Added Export-SCOMOverrides, Deploy-SCOMAgent New-SCOMComputerGroup – Will create an instance group containing Windows Computers [Microsoft.Windows.Computer] objects and optionally include related Health Service Watchers [Microsoft.SystemCenter.HealthServiceWatcher]. Export-SCOMOverrides – Will export override data to html, csv, xml, json file formats. Includes a generous amount of workflow and parameter information. Deploy-SCOMAgent – This is an alternative to the OperationsManager Install-SCOMAgent. This version will allow you to specify the installation directory, whereas the original will not. There are a number of cool scripts that I’ve collected, borrowed, and written in my travels as a SCOM field engineer and PowerShell enthusiast. I decided to put them all together into one module for easier maintenance and use. Enjoy. SCOMHelper Module Functions: New-SCOMClassGraph First and foremost my pride and joy is this brilliant work of art. I’m pretty sure I just tweaked my own arm patting myself on the back but you know what, I am really proud of this. This is a first of its kind tool (that I know of) for generating a graphical representation of a SCOM class. It will create a graphical structure (.png) that represents SCOM class taxonomy, all properties, hosting and discovery relationships for a SCOM class. This function relies on a few other brilliant modules but don’t worry, this function will automate the other module installations for you. (This is assuming you have connectivity to the interwebs. Yes, interwebs. Otherwise you will have to obtain the dependencies manually.) This tool will prove to be priceless for any SCOM admins, enthusiasts, and most importantly, MP authors, both new and seasoned. Note: This function requires PowerShell v5 or greater due to some other module dependencies. Tested with SCOM 2019, 2016, 2012 R2. Feed this function one or more of the following: a class object, class Name, class Display Name, or class ID, and it will do the rest. There are a few neat parameters to control caching of graphics files, include/exclude related class discovery workflows, and displaying the new graph file. New-SCOMClassGraph -ClassName 'Microsoft.SQLServer.Windows.Database' 2) This is a much fancier way to accomplish the same thing as Example 1, above, but with the help of GridView to select the class. This command will get all SCOM classes in the management group and select Name, DisplayName, and ManagementPackName to be presented in GridView for easy browsing and selection by the user. Select one or more classes from the Grid View, click OK. In the example below I’ve filtered on keyword “SQL” and selected a single line item. This selected class name gets piped into the function: New-SCOMClassGraph. The resulting graph (.png file) is shown above in Example 1. Get-SCOMClass | Select Name,Displayname, @{N='ManagementPackName';E={$_.Identifier.Domain[0]} }| Out-GridView -PassThru | New-SCOMClassGraph New-SCOMClassGraph_GridviewSelect1 The graph file opens with your default ‘.png’ application. Your default viewer might be Internet Explorer, it might be Picture Viewer. You decide. Just be sure to associate .png file type to a default viewer. You can optionally use the -ShowGraph:$false parameter to prevent the opening of the .png file. You might leverage this feature if you simply wanted to cache all of the files on disk without opening them. I did this in my lab and it took 45 minutes to generate 1688 graphs for a total of 276MB. 2) This is an example of piping a class object into the cmdlet: Get-SCOMClass -Name 'Microsoft.SQLServer.2012.Publication' | New-SCOMClassGraph You can even display multiple classes on a single graph with the ‘-Combine’ parameter. Shown below are two classes on the same graph: Get-SCOMClass -Name 'Microsoft.SQLServer.Windows.ResourcePool','Microsoft.SQLServer.Windows.Database' | New-SCOMClassGraph -Combine Start-SCOMOverrideTool This tool is designed to make it easier to manipulate overrides and do a few other admin tasks: Bulk enabled/disable workflows for their target class Bulk delete overrides Bulk move overrides between unsealed management packs Remove all obsolete references in all unsealed packs Backup all unsealed management packs Create a new override management pack Ideally normal overrides should be stored in a “buddy pack” directly related to the “base” MP of the affected workflow. (see this article: https://blogs.msdn.microsoft.com/tysonpaul/2016/05/24/how-to-correctly-create-an-override-for-a-scom-workflow/ ) Most of the time it seems that overrides are stored randomly in various unsealed packs with no system of organization. This tool can help organize your environment as well as quickly tune workflows in bulk/batches. This tool can enable or disable a workflow by either deleting an existing override or creating a new override to accomplish the desired effect. (The Enable and Disable actions only affect the workflow Target class.) This tool can also move (or relocate) an existing override to a different unsealed management pack. This tool doesn’t technically “move” the override. It deletes the original override and creates a new override in the destination MP. Only valid candidates/overrides will be presented for selection. A valid candidate is one that does not reference or depend on any other objects (workflows, targets) contained within the same original unsealed MP. Example: Overrides that might affect custom groups in the same MP would be ineligible. For all operations that modify or change any management packs, all activities/actions are written to the logfile and unsealed packs are backed up prior to any changes. For Enable/Disable operation: Typically the procedure would be as follows: 1) Select any number of “source” unsealed packs. Only workflows (Rules/Monitors/Discoveries) from these packs will be presented for selection. 2) Select a “destination” unsealed pack into which to store any *necessary (new) override(s). 3) Select action type: Enable or Disable 4) Select ‘type’ of workflow(s) you wish to enable/disable: Rule, Monitor, or Override 5) Select any quantity of workflows. 6) Confirm to initiate the enable/disable action *Note: a) In some cases an override might already exist which must be deleted to result in the desired effect (enable/disable). b) Enable/Disable actions only affect the workflow Target class. For a “Move” operation: Typically the procedure would be as follows: 1) Select any number of “source” unsealed packs from which to select overrides. 2) Select any number of eligible overrides from that set of source packs. 3) Select a “destination” unsealed pack into which to move the override(s). 4) Initiate the move. You may select one or more ‘source’ MPs to limit the results shown during the override selection process. This is effectively a way to filter the overrides. Otherwise ALL valid overrides from ALL unsealed MPs will be presented in the selection window. See menu details below. *This tool does not currently move any overrides related to SecureReference, Diagnostic, or Recovery objects. Example: Bulk select workflows to disable: Show-SCOMPropertyBag This nifty function will neatly display your property bags when testing PowerShell scripts. Ordinarily the property bag output test format would look like this (multiple bag output shown): With this function, they will output like this. In addition, you get a structured PowerShell object to do with as you please. Note: When testing scripts with this function, your PowerShell script must include the method which ordinarily outputs the dataitem to the standard output. Example below: # Script: PBTest.ps1 $api = new-object -comObject 'MOM.ScriptAPI' $bag = $api.CreatePropertyBag() $DatabaseName = "someDBname" $bag.AddValue('DatabaseName',$DatabaseName ) $api.Return($bag) An example of how to access the PB data in the resulting hash table object: # Store property bag(s) in variable as hash table $var = Show-SCOMPropertyBag -FilePath C:\test\MyTestPB_script.ps1 -Format HashTable # Display property bags (basic summary table) $var.values # Display value in detail $var[1][3].Value Clear-SCOMCache This one’s pretty obvious. Will clear the agent cache and restart the HealthService (Microsoft Monitoring Agent) on the local machine. However, this PowerShell module is typically installed on your mgmt server(s). Disable-SCOMAllEventRules This function has been deprecated. See Start-SCOMOverrideTool Export-EffectiveMonitoringConfiguration This function has been deprecated. See Export-SCOMEffectiveMonitoringConfigurationReport Export-SCOMEffectiveMonitoringConfigurationReport Will recursively find contained/hosted instances of one or more monitoring objects and output the effective monitoring configurations to HTML or CSV format (or both). Note: I recommend that you do not run this report for groups with many members (like “All Windows Computers”). This can become very expensive for your mgmt server and Opsman database. I have a very small lab (8 servers) and it took about 26 minutes to process 363 (related/hosted) objects. In this fancy example the text “COLLECTION” is used to filter the results. Note: The “Overrides” column will not display default and modified values for the Enabled property because this info is not easily retrieved with the available SDK method(s). However the “Enabled” column will indicate the correct current status for the workflow. Export-SCOMEventsToCSV This is a quick way to dump events from the Operations Manager event log to a CSV file. Example: Export-SCOMEventsToCSV -Newest 1000 -OutFileCSV 'C:\SCOMEvents.csv' Export-SCOMKnowledge This is pretty well documented here. This script will get all rule and monitor knowledge article content (with hyperlinks) and output the information to separate files (Rules.html and Monitors.html) in the output folder path specified. Get-SCOMClassInfo Will display statistics about the total number of SCOM class instances and the management packs from which they originate. Examples: 1) Statistics by class… Get-SCOMClassInfo -Top 10 Get-SCOMClassInfo_1 2) Statistics by management pack… Get-SCOMClassInfo -Top 15 -MPStats -ShowGraph Get-SCOMClassInfo_mpstats-graph1 Get-SCOMHealthCheckOpsConfig This will generate an awesome HTML report including many of the popular Health report contents and SQL queries that we all know and love. This was originally written by Tim Culham and then rebooted by MBullwinkle in 2014. It made sense to include it in this module. Here’s a sample report. Get-SCOMMPFileInfo Feed this function a folder path and it will list version and file path information for all management pack files (*.mp, *.mpb, *.xml) in all subdirectories. If you’re environment is anything like mine, you probably have a spaghetti mess of folders upon folders stuffed with all kinds of management packs that you collected over the years for testing. It’s not always convenient or easy to keep all management packs organized in version-labeled folders. In fact, it’s a huge pain in the neck seeing as how there’s no easy way to determine versioning of MPs based on file properties. This is a friendly tool which will display all of the basic MP info for you. Example: 1) Feed this function the path to the ‘ManagementPacks’ folder from my SCOM installation media: Get-SCOMMPFileInfo -inDir 'C:\Temp\en_system_center_2012_r2_operations_manager_x86_and_x64_dvd_2920299\ManagementPacks' Note: -Passthru is already enabled on the GridView to allow the user to select one or more MP items so they can be piped to another cmdlet that accepts management pack Name, DisplayName, or ID as piped input. 2) This is a super simple way to pick from a list of MPs to import. Get-SCOMMPFileInfo -inDir 'C:\Temp\MyManagementPacks' | Import-SCOMManagementPack –Verbose Get-SCOMRunAsAccountName Feed this an account SSID and it will return the friendly name of a RunAs account. When a RunAs account problem occurs the resulting errors will appear in Operations Manager event logs containing the account SSID instead of the friendly ‘Display Name’ which makes it difficult to determine which account is involved. This function will reveal the friendly name of the SSID. Example: Get-SCOMRunAsAccountName -SSID '0000F61CD9E515695ED4A018518C053E3CD87251D500000000000000000000000000000000000000' Get-StringHash This isn’t really specific to SCOM but I found it useful in the past so I included it in this module. Feed it an ordinary string (or any object) and it will generate a unique hash value. Example: 1) Get-SCOMClass -name 'microsoft.windows.server.computer' | Select-Object -Property Name | Get-StringHash 153a6dfafcb532c42793a355d2f69e83 2) Get-StringHash "Creepy Cat Guy" 7d524c2e8c26ba908a2978300ba1d6eb Ping-AllHosts This will ping all hosts in my HOSTS file (normally located at: C:\Windows\System32\drivers\etc\hosts). This also isn’t really specific to SCOM but I found it useful in my own (SCOM) lab environment so I included it in this module. In my lab environment I have to ping my network devices occasionally to refresh the forwarding table on my cheap 1Gb switch so that they can be reached without first establishing a path. (I hope I’m explaining that clearly). Otherwise, my first connection attempt to my lab servers fails and I have to wait for it to timeout. Upon my second connection attempt, I can successfully connect. I will often let this continue to run in the background to keep those paths fresh. Mmmmmm, fresh paths! Ping-AllHosts1 Example: This will ping all hosts a total of 999 times while pausing for 3 seconds between attempts. 1) Ping-AllHosts -DelayMS 3000 -Count 999 Remove-SCOMObsoleteReferenceFromMPFile This function will remove obsolete aliases from unsealed management pack .xml files, offline. This will not alter the original file but rather will output modified versions to the designated output folder. Example: This will modify a single .xml file: 1) Remove-SCOMObsoleteReferenceFromMPFile -inFile 'C:\Unsealed MPs\MyOverrides.xml' -outDir 'C:\Usealed MPs\Modified MPs' This will retrieve all .xml files and pipe them into the function: 2) Get-ChildItem -Path 'C:\CustomMPsExported' | Remove-SCOMObsoleteReferenceFromMPFile -outDir 'C:\Usealed MPs\Modified MPs' Set-SCOMMPAliases This will standardize all of the aliases in one or more unsealed (.xml) management pack files. Occasionally (unfortunately) it is necessary to move elements from one unsealed pack to another unsealed pack by cutting/pasting. When unsealed MPs are created by activities within the Console, the references/aliases that get created are randomly named/assigned and often times are ambiguous and usually inconsistent between unsealed packs. This makes it very difficult to cut from one file and place into another file because the aliases won’t match (this is assuming that the same/necessary references exist in both files). This function will inventory all of the MP reference IDs that can be found in the single file (or set of .XML files) specified by the InputPath parameter. It will create a customized set of condensed alias acronyms to be standardized across all of the unsealed management packs. It will then replace the aliases in the Manifest section of the file(s) as well as throughout the file in elements where the aliases are used. Note: This will modify the unsealed MPs located in the designated ‘InputPath’ location. However, the functionality of the MPs will not be affected. Example: 1) Set-SCOMMPAliases -InputPath 'C:\UnSealedMPs\' Set-SCOMMPAliases This is an example of what your updated unsealed MP file will look like. Set-SCOMMPAliases2 Show-SCOMModules Will display all known modules contained in all sealed management packs as well as basic schema information. Based on an original script found here: http://sc.scomurr.com/scom-2012-r2-mp-authoring-getting-modules-and-their-configurations/ This can prove to be useful when authoring or debugging. I’m a big fan of Out-Gridview. Example: 1) Show-SCOMModules | Out-GridView Show-SCOMModules1 Test-Port This will test any number of TCP ports on any number of hosts. It will accept piped Computers/IPs or Ports and then test those ports on the targets for connectivity. Example: 1) Test-Port -Computer db01,"192.168.1.1",'ms01.contoso.com' -Port 80,53,139 Test-Port1 Unseal-SCOMMP There are plenty of examples of how to unseal MP files but this version will will unseal .MP and .MPB files along with any additional resources contained therein and place all files into version-coded folders. Example: 1) This will unseal all of your Microsoft sealed packs (which normally get extracted/installed to the default SCOM MP folder location). Unseal-SCOMMP -inDir 'C:\Program Files (x86)\System Center Management Packs' -outDir 'C:\Temp\Unsealed' Unseal-SCOMMP1 Unseal-SCOMMP2 Installation: Find-Module scomhelper -Repository PSGallery | Install-Module -Verbose Here’s an example from my lab: Note: You may have to force TLS 1.2 for your PowerShell session first with this command: [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 Note: You may also have to update your ‘PowerShellGet’ module with this command: Install-Module PowerShellGet -Force -Verbose Note: You may also have to add PSGallery to your trusted repositories with this command (after you update PowerShellGet as shown above): Get-PSRepository -Name PSGallery -Verbose | Set-PSRepository -InstallationPolicy Trusted -Verbose Additionally you can view more info at the PSGallery. Manual Installation Download the archive manually. It has a funny extension, but it’s just a compressed archive. You should be able to extract the contents with any zip tool (7zip, Winzip, WinRar, etc.) Note: This will install the SCOMHelper module only. There are some commands in this module that require additional/separate modules/packages like the New-SCOMClassGraph tool. Typically these dependencies can be installed right from the PowerShell console. However, if you don’t have internet access on your target server, it will be up to you to figure out how to get those other dependencies installed. Extract the specific files to the precise path as shown: C:\Program Files\WindowsPowerShell\Modules\SCOMHelper You may have to unblock these files. It will depend on your local security policy: Get-ChildItem -Path 'C:\Program Files\WindowsPowerShell\Modules\SCOMHelper' | Unblock-File -Verbose Once the module (folder and files) exists at the correct location, you may import the module: # Import module, Opsman module too. Import-Module 'SCOMHelper','OperationsManager' -Verbose

Run As Accounts in SCOM!!!!

As accounts define which credentials will be used for certain actions that are carried out by the Operations Manager agent. These accounts are centrally managed through the Operations console and assigned to different Run As profiles. If a Run As profile is not assigned to a particular action, it will be carried out under the Default Action account. In a low-privilege environment, the default account may not have the required permissions for a particular action, and a Run As profile can be used to provide this authority. Management packs may install Run As profiles and Run As accounts to support required actions. If this is the case, their documentation should be referenced for any required configuration. The following table lists the default Run As accounts that are created by Operations Manager during setup. The following table lists the Run As profiles that are created by Operations Manager during setup. Note that if the Run As account is left blank for the particular profile, the Default Action account (either the Management Server Action account or the Agent Action account, depending on the location of the action) will be used. NAME DESCRIPTION RUN AS ACCOUNT Active Directory Based Agent Assignment Account Account used by Active Directory-based agent assignment module to publish assignment settings to Active Directory. Local System Windows Account Automatic Agent Management Account This account will be used to automatically diagnose agent failures. None Client Monitoring Action Account If specified, used by Operations Manager 2016 to run all client monitoring modules. If not specified, Operations Manager uses the default action account. None Connected Management Group Account Account used by Operations Manager management pack to monitor connection health to the connected management groups. None Data Warehouse Account If specified, this account is used to run all Data Warehouse collection and synchronization rules instead of the default action account. If this account is not overridden by the Data Warehouse SQL Server Authentication account, this account is used by collection and synchronization rules to connect to the Data Warehouse databases using Windows integrated authentication. None Data Warehouse Report Deployment Account This account is used by Data Warehouse report auto-deployment procedures to execute various report deployment-related operations. Data Warehouse Report Deployment Account Data Warehouse SQL Server Authentication Account If specified, this login name and password is used by collection and synchronization rules to connect to the Data Warehouse databases using SQL Server authentication. Data Warehouse SQL Server Authentication Account MPUpdate Action Account This account is used by the MPUpdate notifier. None Notification Account Windows account used by notification rules. Use this account's e-mail address as the e-mail and instant message 'From' address. None Operational Database Account This account is used to read and write information to the Operations Manager database. None Privileged Monitoring Account This profile is used for monitoring, which can only be done with a high level of privilege to a system; for example, monitoring that requires Local System or Local Administrator permissions. This profile defaults to Local System unless specifically overridden for a target system. None Reporting SDK SQL Server Authentication Account If specified, this login name and password is used by SDK Service to connect to the Data Warehouse databases using SQL Server authentication. Reporting SDK SQL Server Authentication Account Reserved This profile is reserved and must not be used None Validate Alert Subscription Account Account used by the validate alert subscription module that validates that notification subscriptions are in scope. This profile needs administrator rights. Local System Windows Account SNMP Monitoring Account This account is used for SNMP monitoring. None SNMPv3 Monitoring Account This account is used for SNMPv3 monitoring. None UNIX/Linux Action Account THis account is used for low privilege UNIX and Linux access. None UNIX/Linux Agent Maintenance Account This account is used for privileged maintenance operations for UNIX and Linux agents. Without this account agent maintenance operations will not work. None UNIX/Linux Privileged Account This account is used for accessing protected UNIX and Linux resources and actions that require high privileges. Without this account some rules, diagnostics and recoveries will not work. None Windows Cluster Action Account This profile is used for all discovery and monitoring of Windows Cluster components. This profile defaults to used action accounts unless specifically populated by the user. None WS-Management Action Account This profile is used for WS-Management access. None NAMEx`

Installing and configuring the MMA agent via PowerShell

Pre-reqs to build out an install script/package
MMA agent executable

Workspace ID

Workspace Primary Key





Download MMA agent
Click on Windows Servers from Connected Sources to download Windows Agent

Click on Linux Servers from Connected Sources to download Linux Agent











Obtain WorkspaceID
From the Azure Portal (https://portal.azure.com)

Click on Log Analytics,

Click on Advanced Settings

My view defaulted to Connected Sources > Windows Servers



Save the workspace ID and workspace key to notepad/OneNote for later













Build out command line for setup file
(optionally to include in Application Deployment package)



Grab pre-reqs above: (saved from above to build the command line)

Exe/msi file

Workspace ID

Workspace key



The setup.exe or MSI command line parameters to pass are:

MMA-specific options Notes
NOAPM=1 Optional parameter. Installs the agent without .NET Application Performance Monitoring.
ADD_OPINSIGHTS_WORKSPACE 1 = Configure the agent to report to a workspace
OPINSIGHTS_WORKSPACE_ID Workspace Id (guid) for the workspace to add
OPINSIGHTS_WORKSPACE_KEY Workspace key used to initially authenticate with the workspace
OPINSIGHTS_WORKSPACE_AZURE_CLOUD_TYPE Specify the cloud environment where the workspace is located0 = Azure commercial cloud (default)1 = Azure Government
OPINSIGHTS_PROXY_URL URI for the proxy to use
OPINSIGHTS_PROXY_USERNAME Username to access an authenticated proxy
OPINSIGHTS_PROXY_PASSWORD Password to access an authenticated proxy
Example:

setup.exe /qn NOAPM=1 ADD_OPINSIGHTS_WORKSPACE=1 OPINSIGHTS_WORKSPACE_AZURE_CLOUD_TYPE=0 OPINSIGHTS_WORKSPACE_ID= OPINSIGHTS_WORKSPACE_KEY= AcceptEndUserLicenseAgreement=1







Other helpful links
Docs site https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-quick-collect-windows-computer

Daniel Orneling Blog https://blog.orneling.se/2017/01/installing-oms-agent-with-powershell/

TechNet gallery https://gallery.technet.microsoft.com/scriptcenter/Install-OMS-Agent-with-2c9c99ab

MMA Agent and SCOM Agent version numbers

This idea sprung from a discussion with Sr. PFE Brian Barrington, and it got me wondering...



FYI - If you're running a SCOM agent, 2016 or above, various Log Analytics solutions may have pre-reqs.



OMS Gateway requires Microsoft Monitoring Agent (agent version - 8.0.10900.0 or later)

Simple English, that means SCOM2016 RTM agent or above





As of 6 Sep 18, MMA agent = 8.0.11103.0

As of 17 Oct 18, MMA agent = 8.0.11136.0





SCOM Agent Version numbers

SCOM2016 RTM 8.0.10918.0
SCOM2016 UR1 8.0.10931.0
SCOM2016 UR2 8.0.10949.0
SCOM2016 UR3 8.0.10970.0
SCOM2016 UR4 8.0.10977.0
SCOM2016 UR5 8.0.10990.0
SCOM1801 8.0.13053.0
SCOM1807 8.0.13067.0



Verify what version is installed
Via SCOM - use Holman's Agent Version Addendum management pack





If you don't have SCOM

From PowerShell

$Agent = get-itemproperty -path "HKLM:\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Setup"

$Agent.CurrentVersion















Resources

SCOM Agent Version Addendum pack https://blogs.technet.microsoft.com/kevinholman/2017/02/26/scom-agent-version-addendum-management-pack/

SCOM Agent build numbers https://social.technet.microsoft.com/wiki/contents/articles/34312.system-center-operation-manager-momscom-list-of-build-numbers.aspx