Scott Moss shot me an IM a little bit ago to remind me about the System Center Virtual User Group that’s happening today (November 21st, 2008) at 1:00 PM Central time. Here’s the ClickToAttend.Com Link to the event - feel free to add this to your Google Calendar.

Speaking of Google!

Google is slowly rolling out new features for a select group of users. It’s a wiki-fied version of search with promote/demote buttons and a comment area. This will help you pick the more authorative links among a list - unless someone has hired an army to promote a malware site, which I wouldn’t put past the modern web.

Anyway, here’s a screen shot of what the new interface looks like, and a short video afterwords.

The new wiki-like features of Google search

And a screencast!

Edit: 09/13/2008 - On the advice of Pete Zerger, updated script to include a throttling mechanism to prevent an overload if an alert storm occurs. Also changed things around to make it a more generic ‘run remote executable’ instead of run remote sound.

A question was recently asked on the MOM Mailing List over at myITforum.com.

That question was, quite to the point:
“How to create a audible alert? I like to create one for the critical alerts..”

I’ve been working earlier with a script that would go out and disable the run time tracing, stop it, then delete the log files. So I already had knew what would work - a simple PowerShell script that uses WMI’s process create method on a remote machine.

A caveat lector before I continue; while this solution will technically work, I haven’t tested it formally. Additionally, you’ll need to contend with permission issues that arise as well. If you’re running the OpsMgr services under a named account, you’ll need to give that same account local administrator access on whichever machine you plan to run this call against. If you’re using ‘Local System’ you’ll have to either add the RMS\Local System account to the remote machine’s admin group or embed credentials inside the WMI call((Be careful when doing this. I haven’t included directions for that because it’s just a nightmare waiting to happen. I can give you a jumping off point though.))

First, the script. It’s small and basic. It wants to know the machine you want to run the command on, the command, and because this is a a sound player, the path to the WAV file. It then creates the process via WMI, and decodes the return code. If it’s 0, everything is fine. If it’s anything else, the process creation failed and it writes an event to the Operations Manager event log, which you can create an additional rule to look for.

Download SCOM-RunRemoteExecutable.ps1

To implement this, open the Operations Console and go to Administration > Settings > Notification
Click on the Command tab, then click on add. Fill it out as you normally would:

Then click on OK, and you’ll see it with the rest of your commands:

Now to finish it up you’ll need to create a new notification recipient. Right-click on Notifications and select new recipient.

Make the display something to designate that it runs a command, I used “Sound Audible Alert”. And because the NOC isn’t manned 24/7, I limited the notification time to weekdays from 8am to 6pm. You can also adjust this from the devices tab, but I’m not going to include an emailing or other devices, so I prefer to set it in the general tab, this way it’s obvious even with a casual glance what the settings are.

After that, click on the “Notification Devices” tab, then click “Add”.
In the resulting popup, select our new notification command and enter anything for the delivery address - I used NA, because for this particular command we don’t require any additional information - but OpsMgr still needs something in there. Hit next, keep the schedule at always unless you’re adding additional channels, next again, name the device - I used “Send Audible Alert”

Click OK, and your set. Treat it like any other notification recipient - either create a new rule just for this, or edit an existing subscription and add our new recipient to it.

As you can see, using PowerShell inside of Operations Manager makes it very flexible and powerful. We can run all manner of things in response to alerts; From running a simple sound file all the way up to initiating disaster recovery scenarios and intense system diagnostics - both things which I’ll be showing you later on as we explore the Notification Command Channel together.

When it comes to notifications, we have many options - except one that people have asked about, a nag mode. Something that will re-send an email after a certain amount of time to make sure it’s taken care of.

Well, it does exist in OpsMgr.

Either intentionally or unintentionally as a bug, if you call the Update method on an alert without changing any criteria, the notification bound to the alert will re-fire. This will happen whether you add a comment with the update (Update(”Updating the alert”)) or not (Update(”")).

To enable this secret nag-mode, it’s as simple as writing a Powershell script that runs every X hours. In that script you’ll just need to do a Get-Alert with the criteria you’re looking for - in the example I’m just going to have it return all alerts older then 4 hours, and update them.

It’s very simple though - how simple? Like this:

You can expand this as much as you’d like. Match against NetBiosComputerName to only nag for those critical core servers, match it against the monitoring object to ensure critical monitors are being addressed. Multiple management groups? Match against that. You see where I’m going with this. In fact, you can find out everything you can match against by just running Get-Alert | select -first 1 - there’s all the fields available.

I’ve never had a ‘proper’ test/development environment for System Center products. I’ve used both client systems and VMs I’d spin up through VirtualBox. That will be changing.

I placed an order a few days ago for a new server - featuring a 2.8Ghz Quad core Xeon and 12GB of ram, it will begin a brand new environment - and I’ll be screencasting all of the most relevant parts of it.

We’ll cover sizing, install, deployment, security - and move on to extending OpsMgr by utilizing the SDK service, designing custom reports - and a lot more.

In the mean time, while I painfully await the arrival of a shiny box from DHL, I’m working on the framework for 2 new side projects - one of which I think you’ll all be quite happy with; the much awaited SCOPE - System Center OpsMgr Powershell Extentions - a collaborative operation between me, Marco Shaw, Cameron Fuller, Pete Zerger and - you, possibly. We’re at the very early stages of SCOPE, and could definitely use people now and down the road - especially C# programmers and those familiar with creating PowerShell snapins. If you’d like to help, send me an email (jeremy@pavleck.net) and let me know what you can do.

By default, you can’t really specify a failover management server in OpsMgr. Why? Not really sure, though I think it’s a ploy to ensure you setup the OpsMgr Active Directory Integration, which will handle this for you.

No fret though, we can still do it - it’ll just take a little bit of actual effort.

First, we need to define our Primary and Failover management servers. This isn’t something you can just progmatically grab, so you’ll need to know the name yourself.

In my $PROFILE, I’ve set them to be defined to 2 variables with the following:

Now that we have that set, it’s simple to do the rest. First, lets grab all of the servers that don’t have a failover management server set.

What the above does is call the GetFailoverManagementServers() method on each agent. If they have a failover, it will return data and thus $True. If there aren’t any failovers, it will return nothing - which is the same as $False. So we look for all the ones that don’t return anything.

If you’re curious, you can see just how many servers are missing failovers with

- in my case it was 63.

Now, we just run a quick snippet that adds the failover server to the agent:

That will crunch away as it’s doing it’s thing, we’re redirecting output to $null so we don’t have to see agents scrolling over and over. When it returns you to a prompt, you’re done. If you’d like to verify that you did indeed set all of the agents to have a failover, we can check real quick:

And that’s that. All of your agents have a primary and failover server.

But wait, you have a lot of remotely managed devices too? Monitoring SNMP on a bunch of different servers - what happens for that?

Well, we can’t setup a failover (From what I’ve seen, if I’m wrong please let me know) agent. But we can proactively write a script that will change the proxy agent on the devices, and run it as needed.

This was written in a response to this query on the newsgroups, and is only a cursory look into it. There may be other ways of doing this - and I’d love to hear it. As it stands, I’m not sure how to set them back to a management server as the monitor.

Firstly, we’ll have to pick an agent managed computer to use as the new proxy agent. You can’t use a management server for this, because they aren’t “Agent Managed” and you can’t use Set-ManagementServer because the devices aren’t “Remote Managed Computers”.  I have a seperate agent-managed server on my network I call “Timex” because it acts like a watcher node. So I’ll go ahead and use him.

Then gather a list of our current remotely managed devices

Now just loop through it, setting the device to use the proxy agent we just instantiated:

That will loop through things changing the proxy server that it uses. When it’s done, we can verify it by running:

If it outputs nothing, then they’ve all been changed. Simple as that!