Friday, March 27, 2015

Alert: ‘Script Based Test Failed to Complete’

Issue
A SCOM MG reported the Alert Script Based Test Failed to Complete for all its Domain Controllers. The AD Helper Object was in place however, so this couldn’t be the issue at all.

Funny thing, sometimes the scripts ran just fine and the other time they failed. And different scripts were involved, some examples:

  1. AD Replication Partner Count : The script 'AD Replication Partner Count' failed to initialize correctly.
    The error returned was: 'Object required' (0x80000000);
  2. While running 'AD General Response' the following consecutive errors were encountered:
    Failed to bind to 'LDAP://<DOMAINCONTROLLER.y.z>/rootDSE'. This is an unexpected error.
    The error returned was 'LDAP://<DOMAINCONTROLLER.y.z>/rootDSE' (0x8007203A);
  3. AD Replication Monitoring : encountered a runtime error.
    Failed to bind to 'LDAP://<DOMAINCONTROLLER.y.z>/RootDSE'.
    The error returned was: 'The server is not operational.' (0x8007203A)
    .

Investigation
Even though SCOM reported issues, nothing was wrong. AD worked as intended. These DCs are WS 2012 R2 based. When looking at those servers I noticed that IPv6 was unbound on the NICs:
image

However, unbinding or disabling IPv6 on WS 2012 R2 has consequences, like this posting tells us: Known Issues with Disabling or Unbinding IPv6.

Cause
IPv6 is unbound on the related NICs of the DCs.

Solution
Enable IPv6 or bind it again on the NICs of the DCs and the script Alerts won’t show up again.

Friday, March 13, 2015

New FREE ebook: Microsoft System Center Software Update Management Field Experience

A few days ago Microsoft Press released a new FREE ebook, titled Microsoft System Center Software Update Management Field Experience.
image

Since I am working with SCCM on a weekly basis, I am very happy with this book. Because it’s written by Premier Field Engineering it contains good advice and best practices.

So for everyone working with SCCM and using the integrated updated feature, this book is a must have and should be read at least once.

Want to know more? Go here.

Wednesday, March 11, 2015

Exchange Server 2013 MP Report Error: Cannot Initialize Report. Value Cannot Be Null. Parameter Name: GroupList

Issue
The Exchange Server 2013 MP is imported and many Reports fail with this error: Cannot initialize report. Value cannot be null. Parameter name: GroupList.
image

And:

Date: 10-3-2015 15:27:18
Application: Operations Manager
Application Version: 7.1.10226.0
Severity: Error
Message: Cannot initialize report.

System.ArgumentNullException: Value cannot be null.
Parameter name: GroupList
   at Microsoft.EnterpriseManagement.Mom.Internal.UI.Reporting.Parameters.Controls.Monitoring.ReportMonitoringObjectXmlEditorBase.LoadValues(ReportParameterInfoCollection reportParameters)
   at Microsoft.EnterpriseManagement.Mom.Internal.UI.Reporting.Parameters.ReportParameterBlock.LoadValues()
   at Microsoft.EnterpriseManagement.Mom.Internal.UI.Console.ReportForm.SetReportJob(Object sender, ConsoleJobEventArgs args)

Reports affected:

  1. Exchange 2013 - Mailbox Database Copy Performance;
  2. Exchange 2013 - Organization Performance;
  3. Exchange 2013 - All Performance;
  4. Exchange 2013 - IIS Application Pool Performance;
  5. Exchange 2013 - Windows Service Performance;
  6. Exchange 2013 - Server Storage Performance;
  7. Exchange 2013 - Server Mail Process SMTP Performance;
  8. Exchange 2013 - Server Mail Process Performance;
  9. Exchange 2013 - Server CPU and Memory Performance.

Cause
This one took me a long time to crack. I contacted my fellow MVPs in order to see they experience the same issues. But all of them had no issues what so ever with these Reports. For them these Reports run just fine.

Since this customer had a brand new Exchange Server 2013 environment I first thought the cause could be found there. Perhaps certain Groups, required by these Reports were still empty, causing these Reports to fail.

But the more I thought about it, the less viable it seemed to be the case. Also the Exchange administrators showed me everything is in place and running smoothly. So back to SCOM it was.

And suddenly it hit me. Could it be that the regional settings on the SCOM Management Servers were at play here? When Reports aren’t programmed that good, they can’t handle it because the decimal symbol, digit grouping symbols and short/long date are different, causing the Reports to fail with all kinds of exotic errors…

Solution
Time to check it out in my own test environment since I could repro this issue there as well.

Okay, the regional settings are set to Dutch (Netherlands) on both SCOM Management Servers:
image

And:
image

As you can see, here in the Netherlands (and many other European countries for that matter) use a comma as decimal symbol and a dot as a digital grouping symbol, exact the opposite as the US does…

So I changed it to English (United States):
image
Also the short/long date are different. In many countries in Europe we start with the day, followed by the month. In the US it’s the other way around…

And:
image

This causes the decimal symbol to become a dot and the digit grouping symbol to become a comma.

I applied these settings, closed the SCOM Console and started it again. And tried to run the same Exchange Report which failed the time before these modifications. Let’s keep our fingers crossed:
image

Tadaa!!!! I tested all the Reports which failed on me before this modification and ALL those Reports run fine now! Awesome!!!

Recap
When you’ve got many of the Exchange Server 2013 Reports failing on you with the error Cannot initialize report. Value cannot be null. Parameter name: GroupList, please check the Regional Settings on ALL your SCOM Management Servers.

Modify them to English (United States) and changes are those Reports will run as intended.

It’s common practice to have your production servers set to English (United States) unless there are strict issues preventing that.

AOI IP: Security & Audit

One of the latest Azure Operational Insights (AOI) Intelligence Packs (IP) is the Security and Audit IP. This IP is updated by Microsoft on a periodically basis in order to provide you with the latest security intelligence.
image

And:
image

This IP is a special one since it works best when you’ve got a proper Audit Policy in place. But because of that same Audit Policy, it can create a large volume of security event data uploaded to AOI, potentially causing to reach the daily data transfer.

So use this IP wisely and test it thoroughly in order to see whether it delivers good information which can be used by the security auditors. And when it does, write a business case for this IP, allowing for a move from the Free Tier to the Standard or even Premium one.

AOI: New IP: Active Directory (AD) Assessment

For a couple of weeks now the Active Directory Assessment Intelligence Pack (IP) for Azure Operational Insights is available.
image

And:
image

This MP scans on a WEEKLY basis the risk and health of your AD environments, whether on-prem, in the cloud or hybrid. It will present the information a monthly rollup. On top of it all, it will create a report with a prioritized list of recommendations, so you know exactly what issues need to be addressed first.

Since every AD environment differs from the other ones, the recommendations are categorized across different focus areas, allowing you to choose what’s more important for your organization.

IP and IP?
Yeah, this is kind of fun. Because in this case IP doesn’t only stand for Intelligence Pack but also for Intellectual Property when you ask me.

Why? Because the recommendations found in this IP are based on the knowlegde and experiences by the Microsoft Customer Support Services Engineers, all around the globe. So all the cases they’ve worked on, all the issues they bumped into, all the fixes they applied and all the recommendations they’ve given, is poured into this IP.

So when that ain’t IP and IP, I don’t know Smile.

My own test lab is running now and being assessed by the AD IP as well. As soon as I get some results, I’ll let you know.

When you want to know more about this latest IP, read this posting written by one of the program managers of AOI and – even better – sign up for the free trial and experience it yourself.

New MP: BizTalk Server 2013 R2

Last month Microsoft released a new MP for monitoring BizTalk Server 2013 R2 with SCOM. Please be aware that this MP is solely written for SCOM 2012x. So it won’t run in SCOM 2007x environments…

This MP can be downloaded from here.

Hopefully this MP isn’t as noisy as the BizTalk MPs which monitors the older version of BizTalk (2006/2009) and 2010. Gladly for both older versions there are community driven efforts in order to bring down the noise:

  1. BizTalk 2006/2009: http://thoughtsonopsmgr.blogspot.nl/2014/01/biztalk-20062009-mp-lets-make-some-noise.html
  2. BizTalk 2010: http://www.bictt.com/blogs/bictt.php/2012/04/12/scom-biztalk-2010-noise-reduction

Updated MP: Workflow Manager MP, Version 1.0.2015.0

About a week ago Microsoft released an updated version of the Workflow Manager MP, version 1.0.2015.0. This MP supports Workflow Manager CU#2 and fixes a discovery bug as well.

MP can be downloaded from here.