SCOM – Agentless Exception Monitoring (AEM) – FAQ

Agentless Exception Monitoring (AEM) is an older technology which has been around since a few years now. First it started off as Desktop Error Monitoring as a part of the MDOP kit and later on it has been implemented into SCOM and since then it exists as a feature until SCOM 2012 SP1. This post is not going to show how to configure AEM but it should provide you with answers which are hard to find anywhere and you will be hitting during implementation. Therefore I setup this post up in a FAQ kind of style post.

If you look closer at AEM you can identify 3 kind of technologies. The first technology is SCOM itself, which you might already know how deal with. The second technology is group policy. Because group policies are going to configure how your clients will behalf on sending the errors. The third technology is Windows Error Reporting (WER). WER is the technology that reports user-mode hangs, user-mode faults, and kernel-mode faults in Windows Vista and higher Windows operating systems. Each of these 3 technologies we need to understand to successfully implement AEM. OK let’s start…

Continue reading

SCOM 2012 – Custom AEM Reports

If you followed the community lately, you see some are writing blog posts about reporting in System Center. It is funny as I also have been playing around with Report Builder 3.0 lately and it seems that I am following this trend.

Building custom reports is not that difficult if you have some sort of reporting background using tools like Crystal Reports or Access reports :). The most important point is to have the appropriate SQL query which delivers the actual data you need.  Luckily there are great posts in the community which help you getting over this. One post I highly recommend is Kevin Holman useful SQL query post. Although this post contains queries for SCOM 2007 I suppose most of them are also valid for SCOM 2012. In my case I wanted to build some reports for Agentless Exception Monitoring (AEM). In Kevin’s post there was exactly what I needed. AEM Queries to get Agentless Exception Monitoring information out of the SCOM data warehouse. I used this query here…

Continue reading

SCOM – Agentless Exception Monitoring (AEM) Configure HTTPS Listener (SSL)

I used to believe the source code of the Windows operating system would be the best kept secret in the world, but I was taught there is another best kept secret on this planet. Yes, the secret was/is – “How do you configure https for Agentless Exception Monitoring (AEM)?”. There is very poor documentation from Microsoft in form of guides or on TechNet on this topic (sorry Microsoft). I could not find any answer at all.  Not even in the holy SCOM bible “System Center 2012 Operations Manager Unleashed” can be found anything about this, so I decided to figure it out.

First, what am I exactly talking about? Agentless Exception Monitoring is a feature in SCOM which basically collects Dr. Watson on Windows XP or Windows Error Reporting (WER) information on Vista and later operating systems. SCOM collects error information generated from clients and applications and displays its detail in the SCOM console or reports. Marnix Wolf, MVP and SCOM Guru, has written some time ago a great post series about configuring AEM which you can find here. I am not going to repeat all this for SCOM 2012, because 99% of this stuff is the same.

Just to make things short, if you have a Windows XP client and a application crashes Dr. Watson sends the error data by connecting to the configured SCOM file share and dropping it’s error data on this share. If you have a Windows Vista client or higher the behavior changed because there is a Windows Error Reporting (WER) engine behind which handles the error data. One of the many big differences is how the data is submitted between Dr. Watson and WER. If you configure AEM in SCOM the wizard creates a http/https listener in the background and this is the service which WER uses to send the data to SCOM. I wanted to use https to submit the data from a Windows 8 client to SCOM.

I will show how to do it in 5 parts:

1. Configure your management server and group policy
2. Create self-signed certificate which we use for https
3. Bind the certificate to AEM https listener port
4. Configure the client to trust the self-signed certificate
5. Testing AEM

Continue reading