SCOM 2016 – Upgrade Notes from the Field

upgrade

Upgrading from SCOM 2012 R2 to SCOM 2016 is theoretically no such big deal. BUT sometimes you could face issues at the customer’s infrastructure, which force you to take some extra hurdle. This post should give you a high level overview of different migration scenarios and additionally some pitfalls you could meet upgrading to SCOM 2016.

High level upgrade path

There are 3 ways to upgrade a SCOM 2012 R2 environment.

1. Side-by-side migration (“Slow Motion”)

image

  • This is probably the way which has almost no risks, but takes a long time to finish and has a consequence that you loose old data. Why is this? You install a brand new SCOM 2016 management group, having brand new databases (OperationsManager / OperationsManagerDW / OperationsManagerAC). If needed you also install separate Web Console, Reporting and if needed the ACS role also on a dedicated (management) server. I think the best option is to install all these SCOM 2016 roles on a brand new Windows Server 2016 server and the databases on SQL Server 2016. This way you have the latest and greatest technologies available and you are armed for the next couple of years. Having this in place you are able to dual-home (multi-homing) the agent which is sending data to both management groups SCOM 2012 R2 and SCOM 2016. There is a good article on TechNet Wiki how to configure multi-homing if you have multiple AD forests or here if you have agents deployed in the same AD forest. As soon you have the new management group up and running you need to migrate all management packs, channels, subscriptions, overrides, roles etc. There are ways to export and import this stuff, but I recommend if you are choosing this upgrade path, then I would start configuring SCOM from scratch. Especially creating new overrides and documenting them will give you a chance to have a well configured and documented SCOM environment. One huge advantage of this upgrade path is, that you are able to upgrade to new versions of existing management packs, implementing new management packs and testing them thoroughly with no impact on your production SCOM environment until you switch management group and turn on notifications. This approach has also few disadvantages:
  • It takes usually a long time to finish this migration.
  • There are 2 management groups to maintain.
  • The amount of work to tune the management packs should not be underestimated.
  • Dual-homing an agent could lead to some more stress on the agent server.

2. SCOM In-place only upgrade (“Big Bang”)

image

  • If you decide to go for an in-place upgrade you are taking a much faster but also “risky” path, which needs more pre-work, testing and in case of failures also some plans to revert the changes using backups and/or VM snapshots. An in-place upgrade is in theory not that much of a problem and also fully supported by Microsoft. The first step is to run the SCOM 2016 setup on a management server which will discover the roles on the management server and upgrade the server itself and also the SCOM databases to SCOM 2016. If you managed to successfully upgrade the first management server / management group, then you go for the next management server, ACS Collector, Gateways, Console, Web Console and Reporting Server. As soon you have upgraded all components you are all done. Sounds easy, but believe me, there are plenty of things that could fail. This approach has also few disadvantages:
  • Because you upgrade SCOM only, the operating system stays the same. Of course you could theoretically in-place upgrade the operating system as well, but I really don’t encourage you to do so. If you need to upgrade SCOM and the operating system as well, please check the next upgrade option.
  • All your SCOM configurations bad or good will stay. If your management group is badly configured it will stay badly configured – an upgrade won’t change anything.
  • You need to check if the management packs work with SCOM 2016, especially third party or community MP’s. Please ask the vendor BEFORE you start the upgrade.
  • Make sure you meet the system requirements for SCOM 2016 .
  • Remember there are also 3rd party connectors in SCOM which might are not supported by SCOM 2016.

3. SCOM In-place upgrade and OS upgrade (“Big Bang++”)

image

  • If you decide to go for an in-place upgrade and you also want to upgrade the operating system to Windows Server 2016 in your environment, then this is an elegant way to achieve this goal. The risks are the same as “in-place only” upgrade but in addition you need to have a good plan how to switch the SCOM agents and ACS Forwarders to the new management servers. Before you start upgrading, make sure you have new Windows Server 2016 servers installed, which will become the new management servers. Step 1 is to run in-place upgrade on an “old” SCOM 2012 R2 management server (make sure it meets SCOM 2016 system requirements). If this is finished upgrade the other SCOM 2012 R2 management servers to SCOM 2016 and also ACS Collector, Gateways, Console, Web Console and Reporting Server. Step 2 if your management group is upgraded successfully install SCOM 2016 management servers on the fresh installed Windows Server 2016 servers. Depending on your SCOM environment, but if you have ACS installed, you could also install ACS Collector on a additional dedicated SCOM 2016 management server running on Windows Server 2016. Step 3 move the Windows / Linux agents, ACS Forwarders to the new management servers / ACS Collector. Step 4 uninstall the “old” management servers from the management group. If you have Web Console and/or Reporting installed you could simply uninstall the features from the “old” SCOM servers and reinstall it on new Windows Server 2016 server pointing to the SCOM 2016 deployment. I recommend uninstalling Reporting and Web Console BEFORE you upgrade the management group. This scenario has the same problems as an “in-place only” scenario but additionally you have to be aware of few more things:
  • Switching the Windows / Linux agents or ACS Forwarders to the new management servers could take some time and depending on the amount of “clients” Step 3 needs to be planned carefully.
  • If you don’t have the agents controlled by the SCOM Console you need to prepare some PowerShell scripts for moving the agents / ACS Forwarders to the new management servers.
  • Remember to install certificates for Linux  or Windows agents monitoring on the new management servers.
  • Remember to set the SPNs for the new management servers.
  • If you changed settings (Registry)  on your old management servers, check if you need to make these settings on your new management servers as well.

Continue reading

SCOM 2016 – System.Data.SqlClient. SqlException, Exception Error Code: 0x80131904 Login failed for user

NoClue

Sometimes there are things you won’t understand. I tried to install a new SCOM 2016 management server in a virgin Azure VM (Windows Server 2016). The necessary SQL Server 2016  was placed on another Azure VM (Windows Server 2016). Well this is nothing special and I have installed SCOM a gazillion times, BUT now I faced this error…1

…of course I checked the setup log as suggested and I found this error…

[21:17:34]:    Error:    :Exception running sql string [NOT DEFINED]: Threw Exception.Type: System.Data.SqlClient.SqlException, Exception Error Code: 0x80131904, Exception.Message: Cannot open database “OperationsManager” requested by the login. The login failed.
Login failed for user ‘RETURNONE\Stefan’.
[21:17:34]:    Error:    :StackTrace:   at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, DbConnectionPool pool, String accessToken, Boolean applyTransientFaultHandling)
    at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions

I double checked the permissions for my account, so it has sysadmin permission on the SQL Server but repeating the installation ended up in the same error. After a while I found the solution, I unregistered and registered msiexec program on the SCOM server like this…

image

…the I executed the setup again (make sure you always use elevation ;))and the installation succeeded. Thanks to Abu-Obaid who delivered the solution, all credits to him. I hope this will save you some time!

SCOM 2012 R2 – SQL Server 2014 / Report Viewer 2014 Support

Microsoft announced few month ago SCOM 2012 R2 offers support for SQL Server 2014…

image

And if we go to the TechNet article it also clearly says, SCOM 2012 R2 is supported on SQL Server 2014 here described

image

There is even a perfect table which explains everything clearly…

image

From my point of view, this let’s us assume, that we can just pick SQL Server 2014 and used it for a clean installation of SCOM 2012 R2. In this TechNet article we find even this sentence…

Use this information to evaluate if your SQL Server environment is ready to support the installation of or upgrade to System Center 2012 R2. Use this information whether you are deploying one or multiple components of System Center.

(Source)

So there is no doubt, that it is fully supported to install a clean installation of SCOM 2012 R2 on SQL Server 2014.

Continue reading

SCOM 2012 R2 Technical Preview – A Box of Chocolates?

image

I was asked few times during my engagements what has changed in the System Center Operations Manager Technical Preview. Microsoft released few weeks ago a first technical preview of Windows 10, Windows Server and System Center. You can download Windows 10 here , for Windows Server and System Center you need to have a MSDN subscription to download the sources or test it in Microsoft Azure. But what has changed in SCOM 2012 R2 Technical Preview? Is it like a box of chocolates, a box filled with many sweet things and surprises? Well, not really.

Continue reading

Quick Post – Documenting Setups & Installations Smartly

I am a big fan of smart solutions and approaches. Today I had one of these moments which I really liked. I was going to update a SCOM 2012 environment to SCOM 2012 SP1. Because the customer only had Thin Clients, which basically only provide an RDP client, it was somewhat limited with tools available. SCOM 2012 management server was installed on Windows Server 2008 R2. The customer asked me to document the steps I am doing. Well, not really easy having this kind of setup because usually I use the Snipping Tool or other tools which can create screenshots. Luckily, the customer had a very smart idea, why not use the Problem Steps Recorder to document the SP1 installation :).

Problem Steps Recorder is a small utility which is normally used for a user to document problems on his computer. This utility is a built-in tool since Windows 7 and Windows Server 2008 R2. It is even available in Windows 8 and Windows Server 2012(R2). So, how does it work and what do you get? Let’s see…

Continue reading

SCOM 2012 Veeam MP for VMware 6.0 – Part 2 FAQ

Few month ago I had written about the installation respectively upgrade of the Veeam management pack from version 5.7 to 6.0. You will find this post on my blog called SCOM 2012 Veeam MP for VMware 6.0 – Part 1 Upgrade.
Alec King, who is the “father” of the Veeam MP, attended System Center Universe DACH and because of that he was staying in Switzerland for a few days. Veeam took that chance and has organized a workshop for partners and customers at a steakhouse in Mettmenstetten.

Here a picture of the Veeam MP, the Veeam Meat Packs…oh sorry steaks…

WP_20130919_054

Because I am not much interested into marketing slides only in hard facts, this event was just perfect for me. In this post I would like to summarize the most important topics which came up during the workshop.

Continue reading

SCOM 2012 SP1 – Configure Web Console HTTPS “500 – Internal server error”

Yesterday, I bumped into an issue while configuring https for the SCOM web console. As this is a IIS hosted website there is no magic configuring it. Well, I was taught something else. The SCOM environment was running on Windows Server 2012 and the SCOM 2012 SP1 had UR1 installed. Everything was running fine and smoothly even the web console was running fine over http. The customer requested to have the web console communicating over https.

If you have the web console configured to use http you have two choices. Either you reinstall the web console and select https when you are prompted or you modify the settings manually. I wanted to configure the https settings manually.

I requested the SSL certificate (internal), installed it on the web server and configured the bindings to use this certificate for https requests (port 443). In addition you need to configure the web.config file to use https. The file is located at C:\Program Files\System Center 2012\Operations Manager\WebConsole\WebHost\web.config. I changed the following parameters in the file itself…

  • <serviceMetadata httpGetEnabled=”false”/> (is set to true if you use http)
  • <endpoint address=”” binding=”customBinding” contract=”Microsoft.EnterpriseManagement.Presentation.Security.Services.ILogonService” bindingConfiguration=”DefaultHttpsBinding“/> (is set to DefaultHttpBinding if you use http)
  • <endpoint address=”” binding=”customBinding” contract=”Microsoft.EnterpriseManagement.Presentation.DataAccess.Server.IDataAccessService” bindingConfiguration=”DefaultHttpsBinding“/> (is set to DefaultHttpBinding if you use http)
  • In IIS Manager select the OperationsManager virtual directory, then SSL Settings and check “Require SSL” option and “Ignore” for the Client Certificates.

After that configuration changes, I restarted IIS to load the new settings.  I could open and login into the web console, but as soon I clicked onto a view I received the following error…

image

Continue reading