OMS – OMS, is it SCOM in the cloud?

on-premise-vs.-cloud

I can recall many instances whilst attending conferences and talking with customers or colleagues whereby misunderstandings have caused a significant amount of confusion.

“Operations Management Suite is SCOM in the cloud”

This is a one that has been doing the rounds lately, but it is correct? To answer the question we need to do a bit of digging into the past. André Malraux once said,

“Who wants to read in the future, must scroll in the past.”.

System Center Operations Manager (SCOM) was and is the Microsoft monitoring solution for homo- and heterogeneous IT environments. SCOM was originally developed by NetIQ, then purchased in 2000 by Microsoft. It carries with it a 17-year evolution, which started when the product was called Microsoft Operations Manager (MOM). In 2007 «MOM» was completely rewritten on a flexible and extensible framework SCOM was born. The development has continued ever since and the latest available version is SCOM 2016.
About 6 years ago, Microsoft began to experiment with System Center Advisor, an agent-based assessment and best practice analyzer solution based in the cloud. It provided the ability to analyze different workloads such as Windows operating system, SQL Server, Active Directory and Hyper-V components, detect changes to IT infrastructure, and propose Microsoft best practices from in the form of alarms. Between 2012 and 2013 the range of supported technologies was extended to include Exchange, SharePoint and Lync. Initially a separate solution, it quickly became integrated into SCOM 2012 SP1 by means of a connector. The newly generated information retrieved from Azure became available both on-premise within SCOM and in the cloud through System Center Advisor extension. By SCOM 2012 R2, the connector came pre-bundled as part of the suite. In 2014 System Center Advisor was transformed, gone was the Silverlight-based web application and in came a new HTML 5 based web app with a host of new capabilities. This meant that the Best Practice Analyzer System Center Advisor could be integrated into a new product called Azure Operational Insights, the range of capabilities for which could be greatly expanded by the use of so-called Intelligence Packs (IP). The following packs were released as part of the initial deployment:

  • Configuration Assessment
  • Malware Assessment
  • Capacity Planning
  • Change Tracking
  • Log Management
  • SQL Assessment
  • System Update Assessment

A new key feature acted like a cloud-based «data pot» whereby data was collected using an agent and could be analyzed with a PowerShell-like syntax within Azure Operational Insights Search Data Explorer.  A connection to SCOM was also ensured by a SCOM connector. In addition, the Operational Insights product is now the foundation for today’s current Operations Management Suite (OMS). Operational Insights Search Data Explorer is called Azure Log Analytics and Intelligence Packs are called solution (packs).
Since we now know the background of both products, I would like to juxtapose their facts, in order to be able to answer the question objectively.

Concept
SCOM consists of an extensible hierarchical object model. This means that components that are to be monitored in SCOM can be discovered (Discovery) by means of management packs (XML files) and placed into a hierarchy (service model) using relationships. Sensors (monitors) can move a subordinate object, into a healthy state, or into a faulty (unhealthy) state and visually represent it. The health state can be passed to its parent object (rollup). This model is described as a health model and has many advantages as well as certain disadvantages.

OMS works with so-called flat data, this means the data exists as data records in a large data pot. There are no objects or relationships among the collected data. For example, solution 1 collects disk information from computer X. At the same time solution 2 collects information on the same disk, BUT there is no relationship nor knowledge of the status between the disk data from solution 1 and solution 2. OMS does not (yet) have any service model and therefore also no health model.

Continue reading

Global Azure Bootcamp Switzerland 2017 – Speaker

image

This year is the first time I will be speaking at the Global Azure Bootcamp Switzerland together with my buddy MVP Stefan Johner. Stefan and I will talk about Microsoft Operations Management Suite (MS OMS) and put some light on the different pillars of OMS.

image

So what is this Global Azure Bootcamp thing?

All around the world user groups and communities want to learn about Azure and Cloud Computing! On April 22, 2017, all communities will come together once again in the fifth great Global Azure Bootcamp event! Each user group will organize their own one day deep dive class on Azure the way they see fit and how it works for their members. The result is that thousands of people get to learn about Azure and join together online under the social hashtag #GlobalAzure! Join hundreds of other organizers to help out and be part of the experience!

There is still time to sign up for this awesome bootcamp, use Eventbrite to register for this free event. The Bootcamp is organized by the Azure Zurich User Group and the Azure Cloud User Group Switzerland and will take place at Microsoft Switzerland. Get all details on the Global Azure Bootcamp Switzerland website.

Quick Post – Azure Services Overview

There is a saying “Can’t see the forest for the trees” this could also apply to Azure and its provided services. I haven’t seen a good overview of Azure and the offered services until today. While browsing the internet, I bumped into this site here http://azureplatform.azurewebsites.net/en-us/ . image

It is an interactive site which shows the single services in each category and provides links to more information like updates, pricing, SLA, documentation etc. image

I love this page and I highly recommend to explore and bookmarking it! It is even available in German :).

OMS – Log Search Cheat Sheet

Cheat-Sheet

A bit more than 2 years ago I created a cheat sheet for Azure Operational Insights Search Data Explorer, today known as Operations Management Suite (OMS) Log Search. Over the years this technology has evolved and grown to one of THE most exciting products from Microsoft. The log search syntax has also grown and got some new options. Because of that, I updated the legacy cheat sheet to meet the latest syntax and modified the examples. I had to extend the sheet to two pages, so that the content would make sense.

Page 1…image

…Page 2

image

Continue reading

SCOM / SCSM – Retrieve Decrypted RunAs Account Credentials

password-ftr

I am not sure if you have seen it, but Richard Warren from nccgroup has figured out, how to decrypt the RunAs account credentials in SCOM. The problem up to now was, that there was no official way to retrieve the encrypted credentials from SCOM. There is just one DLL to use, which offers the decrypt method. He has written a EXE and a PowerShell script on Github . I know there are always two sides of the medal. In this case an evil and a good way of using this knowledge. I think I don’t have to talk about the evil way, instead I would like to talk about its benefit.

Richard Warren has used it for SCOM RunAs accounts, but if you think about it Service Manager (SCSM), which is based on the same framework, therefore I was curious if this approach also works for SCSM. In fact it did! Why is this awesome? Well, think about it. We are able to “securely” store credentials in SCSM (or SCOM) using RunAs accounts. Now we are able to retrieve those credentials easily. Because I do a lot of automation in SCSM using service requests and itnetX PowerShell activities I always had some trouble to store credentials in a save manner. There are many ways to do so, like exporting the credentials into XML (Export-CliXML) , using certificates , encrypting the credentials using a key and store it somewhere like here or maybe you could store the credentials in SMA and retrieve it using PowerShell. Whatever method you are going to use, you will end up with more or less problems. The best approach would be, to store the credentials on the system where you need it (SCSM) and the SCSM administrator can manage these accounts without to dig into PowerShell code or certificates etc. Therefore RunAs accounts are a perfect way for storing credentials.

Because of that, I have used Richard’s sample, modified the code a bit to be able to use it on SCOM and SCSM and also return proper output. The PowerShell module will return the a credential hash table. You need to execute the module on the SCOM or SCSM management server and the only parameter you need to provide is the SCOM RunAs account display name like in this example.

In SCOM the RunAs account looks like this…

image

…and if you use the PowerShell module it works like this…

image

You can download the module from PowerShell Gallery . Be aware of the fact, that you need permission to access the database and management server.

Continue reading

WAP – Get Windows Azure Pack Websites via PowerShell

image

Windows Azure Pack was Microsoft’s first attempt to bring Azure into your on-premise datacenter. The things you can do with it are limited to IaaS VM, PaaS databases and PaaS websites. In addition there is Service Bus and some networking part which is necessary for the IaaS / PaaS services. Of course there are other required parts, like Service Provider Framework (SPF), SC Virtual Machine Manager etc. Because my job is to automate things using PowerShell, I have sometimes the need to get data out of systems like in this case WAP as my data source. If you look a bit closer at WAP and you want to get information about configured SQL databases or MySQL databases there is a rich set of PowerShell cmdlets available and these modules are installed on the WAP admin servers…

image

…so what you could do is use PowerShell remoting and query these server for information. If you want to get information about provisioned VM’s you simply could query VMM using its own cmdlets to gather information.

One other way you could get information out of WAP, is to use the Public Tenant API. This API provides information about tenant specific information, therefore you need to provide a subscription to get detailed information about that specific tenant. MVP Ben Gelens has written a fantastic PowerShell module to get all sorts of information from the WAP Public Tenant and WAP Admin API you can find the module here https://github.com/bgelens/WAPTenantPublicAPI . I have tested it and it works like a charm.

So but what is now the point of this post? Well, so far we have seen, that we can get information about SQL Server and MySQL databases using these PowerShell cmdlets using the Admin API, for VM’s use VMM as a data source, but what about websites? There are also modules installed on the web controller servers itself, e.g. the WebSites module…

image

…and the WebSiteDev module…

image

…to get infos about websites from the system just use these cmdlets above.

One more elegant way to pull website information is going through the endpoint REST API (Web Site Cloud REST Endpoint) which you need to provide when adding the website resource to the admin portal. It depends how you configured, it but as an example you can find the settings you configured on the web controller server you could execute the Windows Azure Pack Websites MMC and find all different settings…

Continue reading

SCSM 2016 / SCOM 2016 – SCOM 2016 Console Crashes After SCSM 2016 Console Installation

boom

Have you ever installed System Center Service Manager 2016 and System Center Operations Manager 2016 console on the same system? Depending on the installation order, the SCOM console will crash with multiple errors like this…

image

…and the console will appear empty or crash totally. We had the case, that the SCOM console was installed first and the SCSM console afterwards. It is a known issue and MVP Eric Berg as blogged about it in German, check his post here.

Because this error has massive impact and I was also affected by this nasty bug I will re-write it in English and pimp this post with some nice screenshots :).

The problem is the Analysis Management Objects (AMO) 2014 package which is being installed by the SCSM 2016 console installation. What you could do, is uninstalling the Analysis Management Objects (AMO) 2014 package and run a repair installation of the SCOM console.

image

A better workaround is the following (taken from Eric Berg’s blog)…

Continue reading