Wednesday, April 18, 2012

MMS 2012 - where to begin!

Learning a ton of new stuff in Las Vegas this year. Hopefully we can get back to WI and really kick things into high gear. There's so much to do. It's funny how you come out with a certain mindset about what you want to learn about based on what you knew yesterday. Some of that is getting turned on its head.

I was looking forward to really hitting CM and OM 2012. We get out here and whoa. We really need to look at ramping up our VDI and dig into Intune. I wrote a completely separate post because I'm so pumped about the VDI potential.

Service Manager would also be a huge asset which we already knew. We just didn't know what a heavy investment we would have to make in our infrastructure to do it. 4 server minimum?? Orchestrator plays a huge role here too in building workflows. If you can squeeze in the time to build it out there are tons of time savings to be had. User add/change/remove was a great example here. Someone starts with the company what do you do? Create the AD account, Exchange account, Lync, folder perms, deploy a workstation, and so on. All possibly automated with business intelligence (approvals and such) built right in. Awesome.

SUP with CM2012 is improved. I don't hate our process now and it's just going to get better!

OM network monitoring is greatly improved really opening communication with network engineers.

Let's not forget Server 2012 was announced. While they were talking about new storage features and hyperv it struck me, "does that mean AD 2012". Man it's going to be a busy year!

We're over halfway through but I'm sure there's more great stuff on the way. It's a little overwhelming but I'm really excited at the potential of it all. Hopefully we can overcome blockers and really deliver great solutions for our users. It's all "user centric" now after all!


Thursday, April 5, 2012

HP StorageWorks MP for SCOM

Hopefully I'll have more successful info in the future...<coming soon>

I'm currently working on getting the HP StorageWorks Management Pack for SCOM going. The guide that comes with the download isn't bad. However, I still can't seem to get our P4000 series servers to populate. I've talked to HP several times and they're not even sure where to direct the question. I talked to a pretty knowledgeable guy on the P4000 team but he hasn't been able to find anyone just yet. I did successfully generate test traps from the P4000 CMC to SCOM. However, I really wanted to see the diagram view :(  I also added my P4000 nodes and clusters as network devices without any issues.

The other thing I'm trying to get working with it is our HP MSL4048 tape library. I added the network device which works fine. However, the actual dice. I even went as far as building a new 2008R2 server with CommandView for Tape Libraries (since the management pack has a CommandView node). Still no love.

fyi, local drives on our HP DL380s showed up right away so that was pretty cool. No special config was required.

I'm hoping getting a post out here will drum up some interest. Anyone having any luck? Same problems?

Update 4/10/2012
Working with HP support today. Trying to get to the SCOM MP team (teir 3). Sent over some bundle info from P4000 CMC. Also ran this utility to send them a ton of logs. Hopefully I'll have some answers soon.

Update 4/21/2012
I was at MMS this week and met the product manager for the HP StorageWorks management pack team. I explained the above about the P4000 diagram view. The tech with him laughs and says "yea I can't get it to work either". Sooo...I got the manager's business card. We'll see what turns up.


Monday, April 2, 2012

Automatically Install SNMP with PowerShell and ConfigMgr

For various reasons I found that I need to deploy SNMP Services; the SNMP Service AND WMI provider to many servers in a more efficient manner. That mean installing to server 2003, 2008, and 2008R2 preferably with a single method. Whatever I came up with need to work even if some or none of the components were installed. I also wanted to configure the settings (covered in a different post). The following is what I came up with after quite a bit of effort. Hopefully this will save someone undo hardship!

I found this bit of PowerShell that will install SNMP in about 10 seconds or less.

The basics

If you're just testing to make sure it works this is the core of the script....

   Import-Module ServerManager
   Add-WindowsFeature SNMP-Services

The Script's Shortcomings

So after tinkering with this code for the better part of 4-5 days straight. I came to a few conclusions.

  1. The script doesn't factor in server 2003 vs. 2008 OR PowerShell v1 vs. v2. The "ServerManager" module is only available in PowerShell v2 and only works on Server 2008R2. Therefore, I added a check to see if the ServerManager module was even available. This covers both of the aforementioned prerequisites.
  2. There is no check for whether or not some of the SNMP functionality is installed. i.e. the service but not the WMI provider (such was the case in my environment). It blindly checks for just SNMP Services as a whole. I added checks for SNMP Services, Service, and WMI Provider individually.
  3. There can be multiple blockers to implementing full automation.
    1. PowerShell Execution Policies for remote signing.
    2. Missing DLLs

Taking it to the Next Level

The rest of this post will be a comprehensive guide to fully automating this process. This includes the necessary group policies, shared DLL repositories, Configuration Manager packages, and more.

Why Not MDT?
Now if you're thinking, "why not just use MDT?!?" I'll tell you why...MDT doesn't support SNMP feature install to pre-2008R2 either since it ties into the ServerManager module as well (as I understand it). Though it does a handful of others including DNS and DHCP. Anyway, my logic was to have all server components managed with a single method vs. PowerShell sometimes and MDT others. That being said I hope to follow this up with an MDT how to for the same thing.

The Steps

  1. Extract i386 directory from Windows Server 2003 ISO/DVD to a share (preferably on site server if using ConfigMgr)
  2. Create Group Policies 
    • Set DLL Paths: Group Policy Preferences to modify the registry of targeted Windows Servers. Populate the install path for i386 files (default would typically be CD/ISO drive from initial install)
    • Configure PowerShell Execution Policy (or sign your scripts, both in posts to follow)
  3. Create an answer file for sysocmgr since that's the only way to automate pre-2008R2
  4. Create package containing the .PS1 script and .TXT answer file
When you see it as 4 steps it seems a little less intimidating. At least it seems that way to me :)

i386 DLLs

One of the first things I ran into with a working script was Server 2003 looking for the necessary DLLs


I decided to tackle this by placing the entire directory on a network share and update the default sourcepatc variables to that share. I figured this way future component installations beyond SNMP can reference the same path.


Neither of the following group policies are necessarily required for ALL environments. I'll explain...

DLL path via Group Policy Preference: Only required for pre-2008R2 deployments. If you're dealing with only 2008R2 servers you can probably skip this one for now since the ServerManager cmdlet will kick in.


REG_SZ: SourcePath 
VALUE: <i386 share>

REG_SZ: ServicePackSourcePath
VALUE: <i386 share>

Configure PowerShell Execution Policy = Unrestricted: I believe this is the default for Windows Server so unless you've explicitly enabled remote signing via some other GPO or other method you may be able to skip this as well.

You can check this on any server by typing the following command at a shell prompt


SYSOCMGR and Answer File

There are lots of great resources for using SYSOCMGR so I won't belabor the point. Here's the command and the associated answer file. Just drop the answer in a text file. The rest is in my script. This execution correctly will ride on the correct placement of the source files and registry settings.

sysocmgr /i:%WINDIR%\inf\sysoc.inf /u:<SNMP ANSWER FILE>.txt /r /x /q

Answer File


The Script

This is where all of the magic happens.

#Powershell Script To Install SNMP Services (SNMP Service, SNMP Service, SNMP WMI Provider)

#--------------------NON-SERVER 2008R2-----------------------

if ((get-module -ListAvailable ServerManager) -eq $Null)

write-output "Installing SNMP Components for non-Server2008R2 System"

sysocmgr /i:%WINDIR%\inf\sysoc.inf /u:<SNMP ANSWER FILE>.txt /r /x /q


#--------------------SERVER 2008R2---------------------------

#Import ServerManger Module (adds Add-WindowsFeature cmdlet)
Import-Module ServerManager

#Check If SNMP Services Are Already Installed
$checkSNMPServices = Get-WindowsFeature | Where-Object {$_.Name -eq "SNMP-Services"}

If ($checkSNMPServices.Installed -eq "True")
    write-output "SNMP Services were found on this system. Checking if sub-components are installed."
    #Check If SNMP Service is Installed (note: "SNMP Service" not "Services")
    $checkSNMPService = Get-WindowsFeature | Where-Object {$_.Name -eq "SNMP-Service"}
    If ($checkSNMPService.Installed -ne "True"){
        #Install/Enable SNMP Service
        Write-output "SNMP Service is not currently installed: Installing"
        Add-WindowsFeature SNMP-Services | Out-Null
    Else {Write-Output "SNMP Service Not Required"}
    #Check If SNMP-WMI-Provider is Installed
    $checkWMIProvider = Get-WindowsFeature | Where-Object {$_.Name -eq "SNMP-WMI-Provider"}
    If ($checkWMIProvider.Installed -ne "True"){
        #Install/Enable SNMP Service
        Write-output "SNMP WMI Provider is not currently installed: Installing"
        Add-WindowsFeature SNMP-Services | Out-Null
    Else {Write-Output "SNMP WMI Provider Not Required"}

    write-output "No SNMP Services were found installed on this system. Installing SNMP and sub-components"
    #Install/Enable SNMP Services
    Add-WindowsFeature SNMP-Services | Out-Null

Automating the Push with ConfigMgr

So far I haven't been able to get this to work. I suspected it was an issues with the execution policy or UAC (hence the GPO for execution policy). Haven't been able to nail down the culprit yet. However, running the script is still faster. Here's what I was trying as my command line. I would love to hear from someone if they have success deploying the script through SCCM. I'll keep working on it.


powershell.exe -WindowStyle hidden -file InstallSNMPComponents.ps1

Final Notes
I've read in a few spots that you do not want to use SYSOCMGR to install Windows components on a SQL Server because of how it stops services. Fortunately, I read this before trying it so I haven't done so myself. Just passing along the warning.

Feel free to drop me a note if you have questions about this process. I realize when thinking about the entirety it can be a bit overwhelming. Happy to help answer what I can.