Tuesday, November 25, 2014

You’re In Charge For The Next Gen MPs. What Would You Do?


Yes! That’s right!

Suppose YOU’re the boss for the team building the next generation of Microsoft Management Packs. And there are NO limits. No budget constraints. And limitless resources are available. There is only one thing to do:

Build the next generation of Microsoft MPs which will blow everyone of their feet

What would you do different? What would you scrap? What would you keep and what would you add? Also think about presentation (dashboarding, reports and so on). What kind of functionality are you missing in todays Microsoft MPs which should be present in the next generation?

I know. A situation like this won’t happen. BUT…

Suppose I’ve got contacts. And they asked me to provide them with information about what the next gen of Microsoft MPs should look like. What those MPs should do and shouldn’t do. How those MPs should function. What these MPs should fix in todays MPs.

And no, this is NO fantasy. As a matter of a fact I’ve been asked such questions quite recently. And I’ve answered them. But you know, that’s just me. I know many people who are working knee deep in the boiler room of SCOM, AKA ‘the trenches’. So why not ask them as well in order to get a WHOLE list of items my contacts can work with? Wouldn’t that be awesome?!

That’s why I am asking YOU to tune in and leave your comments on this posting.

Those comments will be forwarded to the right people who are about to start soon on the next generation of Microsoft MPs. I know for sure they’ll do their utmost best to incorporate as much as possible of those highly valued comments. They’re eager to hear from YOU!

So speak NOW and changes are your highly valued comments will be incorporated
into the next gen of Microsoft MPs!!!

Monday, November 24, 2014

What’s Hammering My SCOM 2012x Database?!

Issue
The health of the operational SCOM database is crucial for a smooth running SCOM 2012x Management Group. For instance, when too much data comes in and this database grows out of control, soon your SCOM 2012x MG will come to a stand still.

So how to recognize situations like these? Of course, you’ll notice a slower performance of the SCOM Console for instance, also a Warning Alert raised by the Monitor Operational Database Space Free (%) when the percentage of free space falls beneath the 40% and a Critical Alert when the percentage of free space falls below the 20%.

But still, when this happens it’s already a bit too late. Therefore it makes sense to run certain reports once per week, just to stay in control of your SCOM 2012x environment. This posting describes the reports which have helped me many times before and are a great help to me.

SCOM 2012x Reports & the Community
Yes, SCOM 2012x delivers out of the box some good reports in order to see what’s happening under the hood of your SCOM MG. None the less, some additional help is welcome, delivered by the Community.

In the days of SCOM 2007x some people build the SCC Health Check Reports MP, containing 25+ Reports delivering a good and deep insights in the state of the nuts and bolts of your SCOM environment. And even though this MP isn’t updated for SCOM 2012x, it runs just fine up to SCOM 2012 R2 UR#4. And delivers tons of good information. So my advice: download this MP, create the additional Data Source (as described in the related MP Guide), import the MP and enjoy the magic Smile.

SCOM 2012x Reports
These are the reports I use in order to gain a good insight about the health state of the SCOM 2012x environment, all found under the reporting node System Center Core Monitoring Reports:

  1. Data Volume by Management Pack
    Shows you exactly what MP has the biggest data volume impact on your SCOM environment.

    This Report allows you to select different Data Types, like Discovery, Alerts, Performance, Events & State Change. Also you can select one or more MPs. By default ALL MPs are selected. Making a small selection can be tedious since the selection box is way too small to be really functional. You can also choose the aggregation (daily, weekly and so on) and whether you want to see a top 10 or less or more.

    Usage: When you’re not investigating anything specific and just running your weekly check OR you think something isn’t okay, simply leave all the selections as they are. As a time period choose at least 7 days so you get a good average slice of it all.

    When drilling deeper, like suspecting an issue with performance data, only select Data Type Discovery, make the top 10 bigger like 15 or even 20. This way you can compare the number 1 to 5 more easily with the number 6 to 15/20 in order to have gain a better understanding of the ratio. One ore more single numbers don’t say that much but when compared to a longer list, it’s far more easier to find a ratio.

    When run the ‘fun’ isn’t over. The table Counts by Management Pack doesn’t only contain useful information but also LINKS to other reports, allowing you to drill down into specific information. For instance in this screen dump I have highlighted all clickable values in yellow. The value for the Veeam MP has a red circle on it since I want to gain a deeper insight into the performance counter data collected by this MP:
    image

    Clicking on that value gives me this detailed information, about the performance data collected by this MP:
    image

    When I go back to the first report, using the blue arrow bottom top left of the last report, I can also click on the MP itself, in order to get more detailed information about the whole MP and it’s impact on the SCOM MG:
    image

    As you see, this Report delivers tons of good information about the impact of the MPs on your environment. And please, don’t forget to READ the Report Details before running this report since it contains good information about what this report does, how to run it and how to interpret the information in this report:
    image

  2. Data Volume by Workflow and Instance
    Even though it sounds the same like the previous report, it drills deeper into the workflows itself. Actually this is the SAME report you’ll see when running the Data Volume by Management Pack report and click on one the numbers in the table cells, like a demonstrated before.

    So this report comes in handy when you already suspect something fishy and want to get a deeper understanding of it.
  3. This Report also allows you to select different Data Types, like Discovery, Alerts, Performance, Events & State Change. Also you can select one or more MPs. By default ALL MPs are selected. Making a small selection can be tedious since the selection box is way too small to be really functional. You can also choose the aggregation (daily, weekly and so on) and whether you want to see a top 10 or less or more.

    Usage: When investigating something special, this report is a great starting point. However, since the selection of MPs is really bad, it’s better to leave them as they are: all MPs are selected by default. The culprit will surface none the less in the report.

    There are two tables which I prefer the most in this Report: the first is Counts by Discovered Type, Rule or Monitor with a very helpful column Trend. An arrow shows you whether the volume of data during the period the report shows, is increasing (arrow points up), decreasing (arrow points down) or stable (arrow points sideways):
    image
    This table is found on the top of this report.

    The second table I like is the last one of the report, table Counts by Class Instance. This table shows you  Class Types and related Objects generate the most data:
    image
    Based on this table it’s quite easy to pinpoint the monitored systems/objects which generate the most data. Many times these are systems experiencing a wide range of other issues as well. Simply because problems are many times a combination of many different smaller issues, on themselves not problems at all. But when combined they result in one or more serious issues.

SCC Health Check Reports
With the two previous reports you already gained a deeper insight of your SCOM environment. However, additional information is welcome and now it’s time to run a set of reports from the SCC Health Check Reports MP. With them you have a complete picture of the state of the operational database of your SCOM environment.

Even though these are ‘single-click’ reports (no parameters are required, when double clicked the just run and show you the information), in certain circumstances I want to be a bit more in control, like the time frame selection and so on. In cases like these I run the relevant queries directly against the operational database. In most cases however, these reports deliver all the information I need and are awesome because they’re so easily used.

  1. Misc - Operational and Datawarehouse Usage Report (OM) - (DW)
    This report shows you the status of BOTH SCOM databases. On a single page you get to see all the information you need including the top 20 of largest tables of both SCOM databases:
    image

  2. Performance - Performance Inserts Per Day (OM)
    This report shows you how much performance data is inserted in to the operational database per day. It enables you to pinpoint potential culprits which hammer down your SCOM environment. Suppose you imported a new MP and from then on SCOM has serious performance issue. Perhaps the new MP collects way too much performance data, causing this issue. This report will help you to find a possible cause.
    image

  3. Performance - Top 20 Performance Insertions By Perf (OM)
    This Report shows what Objects and their related counters collects the most performance data and puts it into the operational database. This helps you to pinpoint problematic systems/objects.
    image

  4. Performance - Top Performance Baseline Generating Rules (OM)
    Yes, STTs (Self Tuning Thresholds) are still alive and kicking. But I don’t like them at ALL! Simply because they don’t work as intended. The idea was good: STTs would establish a baseline themselves. A lower and upper one. When performance happens between those baselines, all is well. When outside (below or over) the thresholds, an Alert will be raised.

    The Exchange Server 2003 MP was full of those STTs in the first version of that MP. The last version of that MP contained far less STTs AND the remaining ones were set to whole different (fixed) values.

    So this Report will show the Rules using that STT technology. My advice: when experiencing issues of too much performance data being collected? Kill those STT Rules! For now I suspect only the SQL MP using STT Rules:
    - MSSQL 2005: Collect Learning Data for SQL User Connections Monitor;
    - MSSQL 2008: Collect Learning Data for SQL User Connections Monitor;
    - MSSQL 2012: Collect Learning Data for SQL User Connections Monitor
    .
    image

As you may have noticed, most of these Reports are aimed at getting an insight about all the performance data being collected. Simply because many times the main reason for your operational database being hammered is that too much performance data is coming in.

When you’ve found the culprit additional tuning is required. Not by simply turning those Rules off, but by selecting other intervals and so on.

No performance data collection issue?
What if performance data collection isn’t an issue? Check out the status of the other SCOM nuts and bolts with these SCC Health Check Reports:

Alerts
Alerts - Top 20 Alerts By Alert Count (OM)
Alerts - Top 20 Alerts By Repeat Count (OM)

Config Churn
Config Churn - Discoveries Last 24 Hours (DW)
Config Churn - Modified Properties Details Last 24 Hours (DW)

Too many events coming in
Events - All Events Count By Last 7 Days (OM)
Events - Most Common Events by Number and Publisher (OM)
Events - Top 20 Computers Generating the Most Events (OM)

State data
State - Noisiest Monitors (OM)
State - Old State Changes Not Groomed (OM)
State - State Changes Per Day (OM)

As you can see, SCOM can be a challenge to master. But these Reports will help you to get on track. And don’t forget the community either Smile

Updated MP: SCOM 2012 MP For WS File & iSCSI Services 2012

Microsoft released an updated version for the MP Windows Server File & iSCSI services 2012, version 7.1.10100.0.

This version includes these modifications (taken directly from the website):

  • DeDuplication – Stay current
  • FSRM
  • Support for clustered namespaces
  • Support for clustered replication group members
  • Agentless monitoring
  • More detailed product knowledge
  • Support for clustered replication group members
  • Agentless monitoring
  • iSCSI – iSCSI Target is built inbox first time in Server 2012. This is the first version integrated with File Server.
  • NFS – Stay current.
  • SMB – New

Website can be downloaded from here.

Updated MP: SCOM 2012 R2 MP For JEE Application Servers (2014/10)

Microsoft released an update for the SCOM 2012 R2 JEE Application Servers (2014/10), version 7.5.1038.0. MP can be downloaded from here.

Thursday, November 20, 2014

Savision: Pay As You Go & Unity

It’s already some time ago I wrote a posting about Savision’s flagship product, Live Maps. Mainly because after some cool new features were added, it looked like progress wasn’t that big anymore. I know, it sound harsh so let me try to explain it.

The past, back to SCOM 2007x
For a long time there were the SCOM Console, the Visio add-in and SharePoint, enabling system engineers to create live dashboards using SCOM state information. So a gap was there since out of the box it missed a lot, like a WYSIWYG interface and less complexity. Outside the Microsoft offering there was Savision.

They came, saw and conquered. Soon they became the ‘top-dog’ in the market for visualizing SCOM state information in a simple and efficient manner. Back then there were no other companies offering other products with similar capabilities. So no competition besides Microsoft itself. Until now I am still puzzled why Microsoft didn’t acquire Savision and integrated it into SCOM 2012…

Savision kept listening to it’s customers and new features were added. Some minor and other really cool and awesome, like the one enabling to use geographical coordinates for depicting monitored locations. However, IMHO, for some time the changes weren’t that big.

Competition drives innovation…
Remember Windows Virtual PC? And the first version of Hyper-V? Compare it with todays ‘latest & greatest’ version based on Windows Server 2012 R2 or the Azure edition of it. The differences are HUGE. All the drive behind it didn’t come because Microsoft had some time to spare. Nor because they thought it would be nice to add new features. No way!

Microsoft aimed it’s arrows at the virtualization market, ruled by VMware, wanting to take over that position in their run to the cloud. So they became a huge competitor and learned from them, implementing tons of new features into Hyper-V, based on the capabilities available in VMware. Sometimes these were copies and others extensions or even innovations.

Back to our topic
Savision experienced something like that. In this market however, Savision ruled. Other companies learned that visualizing SCOM data had grown into a serious business so they stepped in with their own products, like Squared Up. Others connected their own monitoring platform to SCOM and learned the importance of visualizing that data in a good manner, soon outgrowing the default capabilities of SCOM forcing them to look for other means. A good example here is BlueStripe Performance Center.

Another shiny example is Veeam, the MP for monitoring VMware and Hyper-V based workloads with SCOM. They offer state of the art dashboards and reports. Many of them based on the tooling built by themselves like their own generic report library.

All these made the USP of Savision Live Maps less obvious thus harder to sell. Also their pricing scheme gave some customers of mine the chills.

Top dog bites back…
So Savision was facing some good & healthy competition and other challenges. Instead of hiding they came back with a revamped Live Maps portfolio. And yes, also the pricing scheme is modified enabling companies to use Savision Live Maps almost like a service, based on a yearly subscription.

Live Maps Standard = Live Maps Dashboards
The Standard edition is revamped to Live Maps Dashboards. And this is much more than a name change. First of all, the license model behind has become subscription based, with a price of $125,- per map per year. These licenses are purchased online, an easy and smooth process.

The license model starts from 1 map up to a maximum of 20.  So you only pay for what you need on a yearly basis. Features are:

  1. Automated Updating of Application Views 
  2. Customizable Dashboards 
  3. Comprehensive and Contextual Performance Data 
  4. Datacenter Maps 
  5. Advanced Network Topologies 
  6. Web Console (HTML5) 
    Native System Center Integration

Especially item 3 is really good. It shows you with a single mouse click critical performance metrics.

When 20 maps aren’t enough and/or your business requires more features, it’s time to move on to the next version.

Live Maps Enterprise = Live Maps Unity
The Enterprise edition is revamped to Live Maps Unity. And again, there is MUCH more going on than a name change. The list of features is HUGE and IMPRESSIVE:

  1. Performance Data 
  2. Out-of-Box Services 
  3. .NET Application Discovery 
  4. Dynamically Updating Services 
  5. Automated Updating of Application Views 
  6. Customizable Dashboards 
  7. Datacenter Maps 
  8. Advanced Network Topologies 
  9. Web Console 
  10. Native System Center Integration 
  11. Interactive Geographical Maps 
  12. Real-Time Application Performance  
  13. Native Mobile Clients 
  14. Services Dashboard 
  15. Service Maps 
  16. Service Notifications 
  17. Automated CMDB Synchronization 
  18. Automated Incident Prioritization 
  19. Automated Creation of SCOM Distributed Applications 

When going through the feature list you’ll notice that this version also connects with System Center Service Manager. Enabling to build dashboards for all different kinds of roles. Not only limited to the technical staff but also the IT stake holder up to the level of the CIO and everyone in between.

Other features are HTML5 based performance widgets, dynamic template services of known enterprise solutions like Exchange/SharePoint 2013 and Active Directory. And believe me, there is more to come like .NET application discovery with automatic DA construction!

Today there was a webcast about this newest edition of Savision Live Maps Unity. The recording is found on YouTube:

Recap
Savision is back and offers a new set of revamped Live Maps and a revamped licensing model using one-year subscriptions starting at one map up to 20 maps. This allows companies to start small with Savision Live Maps and grow into it and – perhaps – move on to Unity.

The Unity edition is the most sexy edition offering many new or upgraded features with more to come in the near future. Also noticed some interesting Q&A on their website about integrating with other products besides the Microsoft System Center stack. So at Savision HQ innovation is buzzing, which is always a good thing.

However, the competition is here to stay so they’ll bring out revamped versions of their flagship products as well. Which will drive the innovation to another new level. At the end, YOU the customer is on the best end of it all.

Simply because you can download free and fully functional trial versions which are time limited. So you can test drive all different solutions and decide for yourself what fits best to the requirements of your business. And perhaps it can become a challenge to make the right choice since the offering for visualizing SCOM data has grown up rapidly.

But before you rush to the websites of the different vendors in order to download the trial versions, first you’ve got to do some homework, like mapping out:

  1. Business requirements;
  2. Stakeholders;
  3. Consumers of the dashboards (techies only or also process owners?)
  4. What kind of connections? (SCOM only or also SCSM);
  5. Devices for the dashboards (TV screens, smart phones, tablets);
  6. Kind of data (state, performance, alerts and so on);
  7. Nice to haves vs. Must haves;
  8. and so on.

Based on that list the available solutions will be significant smaller, compared to downloading, installing and building dashboards out of the blue. Also will the budget be much smaller when using the latter approach, compared to the first one where you’re building a true business case why certain software should be purchased.

None the less, it will be worth the hassle and effort. After all, technology is only a small building block for any business, not a sole purpose. So the sooner you involve the business stake holders, the better the budget will be.

Monday, November 17, 2014

Exchange Server 2010 MP & SCOM 2012x

I know. Exchange Server 2010 isn’t the latest & greatest. And SOON the Mainstream Support End Date for it will be reached, on the 13th of January 2015:
image

So I guess it’s time for many organizations to make a move to either the latest and greatest Exchange on-premise version OR to move to Office 365 (or to make a combination of both).

None the less, many organizations are still running Exchange Server 2010 AND use SCOM 2012x in order to monitor it. Even though I’ve written many postings about the Exchange Server 2010 MP, there are some things to reckon with when running SCOM 2012x.

This posting is a small overview of the most important things:

  1. Disable the Monitor ‘The required SCOM hotfixes for Exchange MP are not installed’
    This Monitor checks whether SCOM 2007 R2 hotfixes are installed. So this Monitor serves NO purpose in your SCOM 2012x environment. The script of this Monitor might even throw errors like Operations Manager failed to start a process. So disable this Monitor.

  2. RMS is required
    Yes, the Root Management Server (RMS) is a hard requirement in order to make this MP work. In SCOM 2012x the RMS is no more. However the Root Management Server Emulator (RMSE) is there to emulate a RMS. With some simple PS cmdlets you can identify where the RMSE is hosted, remove it and put it on another SCOM 2012x Management Server. Pete Zerger has written a good posting about these cmdlets. Where ever the RMSE is hosted, it will become the home of the Correlation Engine, this beautiful piece of code, engineered especially for the Exchange Server 2010 MP.

  3. Correlation Engine (CE)
    This wonderful piece of software engineering is limited only to the Exchange Server 2010 MP. The theory (aka paradise) behind it is beautiful. However, the real world (aka jungle) soon entered the paradise and made an end to this piece of software. HOWEVER, when monitoring Exchange Server 2010 with SCOM, the CE is still required. Install it on the SCOM 2012x Management Server hosting the RMSE role. And no, you can’t make the CE high available, at least not in an officially supported manner.

  4. Along came a KB article all about the Exchange Server 2010 MP
    KB2592561 seems to tell it all. However, it was written for SCOM 2007. So all the parts about tuning the SCOM Management Servers, FORGET it! It’s old news!!! Changes are it will effect SCOM 2012x negatively. So is this KB useless for SCOM 2012x? No. The Common Errors part contains good information about tuning and trouble shooting this MP.

    It’s also good for a laugh. This part tells it all: ‘… This is by far the largest MP to date from Microsoft, and provides a massive amount of visibility to Exchange issues.  However, there are just some things in the Management Pack that just don’t work…’. HONESTLY!!! I don’t make it up!!! See it for yourself!

  5. Don’t disable Rules WITHOUT disabling the corresponding Monitors
    The Exhange 2010 MP is a strange beast among the other Microsoft MPs. The CE makes it even more special. So when disabling a Rule from the Exchange Server 2010 also disable the Monitor with the same name. Otherwise the OpsMgr DB will grow to a huge extend. Also explained in the same KB mentioned previously.

There is more, but these are on top of my list. Otherwise read all my postings about the Exchange Server 2010 MP. The best thing to do is to migrate away from Exchange Server 2010 and to Exchange Server 2013 for instance. At least it has a decent MP now Smile.

SCCM 2012x: Microsoft SQL Server Report Builder Error: Unable To Connect To Data Source

Never thought I would say this, but I really do like SCCM 2012x. Yes, I reckon it has its quirks for sure, but SCCM 2012x can do TONS of good stuff for any organization and safe so much time. Also the integration with SQL Server Reporting Services (SSRS) is magic.

Issue
However, when trying to build some customized Reports for SCCM 2012x, one is bound to bump into this error, when Microsoft SQL Server Report Builder is run from any other server than the SQL Server hosting the SCCM 2012x database: Microsoft SQL Server Report Builder Error: Unable To Connect To Data Source. The Certificate Chain Was Issued By An Authority That Is Not Trusted:
image

Cause
When SCCM 2012x is installed, a self signed Certificate is automatically created on the SQL server hosting the SCCM 2012x database. This certificate is used for communication with the SCCM 2012x database and required by any other system connecting directly to this database.

Solution
The solution is simple and straight forward. I write it down in an high level overview since I expect you to have enough experience to fill in the ‘blanks’ Smile.

  1. On the SQL Server hosting the SCCM 2012x database, start MMC > Certificates  > Local Computer. Browse to the Personal store and there you’ll find the certificate ConfigMgr SQL Server Identification Certificate. When in doubt simply check the last tab, Certification Path:
    image
  2. Export it (no Private Key required);
  3. On the computer experiencing this issue, open MMC > Certificates > Local Computer. Browse to the Trusted Root Certification Authorities store and import the previously exported certificate.
  4. Now Report Builder will work as intended.