Patch Management Integration with Service Manager & ConfigMgr

Back in November I presented a session on automation at MMS 2015 with Natascia Heil. The session was “Real world Automation with Service Manager and Azure Automation”.

As a part of this session Natascia Heil demo’d how to patch servers in SCCM via Service Manager! Essentially she was able to create a change request in Service Manager pulling in a software update and device collection into the change request and then Orchestrator talked to SCCM to apply the patch to the server.

This is awesome because it brings ITIL into the patching process and gives you a way to document applied patches and who applied the patch.

As a follow up to our session she has published a step by step post on the solution from the demo, the files used in the demo, and a complete video demoing the solution. This is another example of great community involvement in the System Center space as well as the kind of content you will see at MMS. Thanks Natascia for sharing this with the community.

Watch the video here:

Visit her blog post here:
https://systemcentertipps.wordpress.com/2015/12/18/orchestrator-2012-start-server-patching-from-service-manager/

Download the solution files here:
https://gallery.technet.microsoft.com/Patch-servers-with-SCSM-20ff1c66?tduid=%281b41a0287eb092bdef4fbcdd40d042b0%29%28256380%29%282459594%29%28TnL5HPStwNw-P.Z5y4TYC73yMs5ovpkyAA%29%28%29

Read more

System Center 2012 R2 UR7 Highlights

Its been a while since I have posted a new blog. I have been busy working on multiple System Center projects and other behind the scene activities. Today update rollup 7 for System Center 2012 R2 was released and this is definitely worth a post. This UR includes DPM, SCSM, SPF, VMM, , SCORCH, Azure Pack, but not Operations Manager. UR7 for Operations Manager will be coming within a few weeks. More info here.  It is interesting that SCOM is not in this UR and we actually see SCORCH included. Here are some highlights from UR7:

For Orchestrator The Monitor SNMP Trap activity has an issue fixed and there is a fix for Stop Job and Stop Runbook. The SCORCH UR also includes some fixes for SMA.

For Service Manager we see a bunch of fixes. Some fixes I want to call out are MPSync Data Warehouse job stop responding and the Get-SCDWInfraLocations cmdlet introduced in update rollup 5 have been fixed. Great work from the Service Manager team. Keep it up.

Beyond just fixes we see new features in two of the System Center components VMM and DPM. As always its exciting to see new features added via UR’s.

In VMM we see support for Windows 10, the ability to provision and customize Debian 8 Linux as a Guest Operating System, support for VMWare vCenter 5.5, the ability to have Multiple External IP Addresses per Virtual Network, the ability to re-associate orphaned virtual machines to their service or VM role, and support for VMM DHCP Extension PXE/TFP Forwarding. There also is a ton of great fixes for issues in VMM. This is great work from the team and should make VMM more stable.

In DPM we see support for Windows 10 client protection, and a really cool feature being the ability to use alternate DPM servers to recover backups from Azure Backup vault. These means if you sent your backup data to Azure from one DPM server and it croaks you can connect a different DPM server to your Azure Backup subscription and recover data from Azure! I have a feeling we will continue to see greater collaboration between on premise backup/DR (DPM) and cloud backup/DR Azure Backup in the future.

To access update rollup 7 visit this link: https://support.microsoft.com/en-us/kb/3069110

Read more

System Center Futures 2016 and Beyond

UPDATE 9-4-2015:

***There is an upcoming FREE event covering the Future of System Center. This will be held on Sep 25, 2015 at the Microsoft MTC in Minnesota (http://www.microsoft.com/en-us/mtc/locations/minneapolis.aspx). This is a must attend event for any company running System Center. For more info on this event visit: http://bit.ly/1JIHS48***

Last week I was able to attend the first ever Microsoft Ignite conference in Chicago. There was a lot of exciting news announced at this conference around the many Microsoft products and technologies. Everything was covered from SharePoint, Exchange, Unified Communications, Office, Windows server, Windows 10, all things Azure and more. This post is focused for any System Center professional that was unable to attend the MS Ignite 2015 conference but what’s to know what’s up with System Center. If you had any concern about System Center going away or just want to know about the future of System Center in general this post is for you.

During conference there were many sessions related to the various System Center components however there were a couple of critical sessions that covered the future of System Center. These are the Platform Vision & Strategy sessions. These are titled:

Windows Server & System Center Futures—Bring Azure to your Datacenter (Platform Vision & Strategy)

And

Platform Vision & Strategy (6 of 7): What’s New in System Center for Management

These sessions are important because they featured System Centers top guy Jeremy Winter and he talked about future direction of the management solutions. In this post I will sum up key information from each of these sessions.

NOTE: This post is my perspective on the Platform Vision & Strategy sessions from Ignite and do not represent the opinions of Microsoft.

Traditionally System Center has been a complete management stack for IT Operations. This is not going to change but will continue to get better. The stack consists of: Managing endpoints (PC’s/Mobile device/servers) – *SCCM/Intune* | Monitor – *SCOM* | Automation – *Orchestrator (SMA)* | Provision – *VMM* | Service Management – *SCSM* | Protection – *Data Protection Manager* | Self-service – *Azure Pack* also represented in the following screenshot from one of the session slides.

clip_image001[4]

So we are now in the year 2015 and have not had a new major version of the entire stack since 2012. However since the release of System Center 2012 we have seen a steady progression of enhancement to the stack. We have seen it move from SP1 to R2 and now updates and new features through update rollups.

These update rollups have been released on a faster cadence at a speed we have not seen from Microsoft before. In fact we have recently seen a round of new features in update rollup 6 and more announced at Ignite. Below is a list of key features that stuck out to me along with slides from one of the Platform Vision & Strategy sessions giving insight into where the System Center components are headed next.

Read more

Did you miss the #ITSM role in #Private Cloud webinar?

Did you miss my recent webinar with Savision about ‘Service Management’s Role in the Private Cloud’? This was co-hosted by Savision’s co-founder and VP of Product Management, Dennis Rietvink. If you would like to see it or watch it again, the on-demand version is now available.   “Screenshots from the webinar” During the webinars, we … Read more

SCORCH Web Console Error Executing the current operation

When I tried to access my Orchestrator 2012 R2 web console @ https://localhost:82 I was receiving the following error: Error Executing the current operation [HttpWebRequest_WebExeption_RemoteServer] Arguments: NotFound Debugging resource strings are unavailable. Often the key and arguments provide sufficient information to diagnose the problem. My Orchestrator web service (http://localhost:81/Orchestrator2012/Orchestrator.svc) still worked just fine. I did … Read more

Online Orchestrator Clinic

The Windows Management User Group (WMUG.co.uk) – @WMUG presents the August 2014 Clinic in which System Center Orchestrator will be discussed with Sam Erskine (@samerskine) and a team of Orchestrator Guru’s. The team includes: Steve Beaumont (MVP) – @StevybSC Dieter Gasser – @DiGaBlog Steve Buchanan (MVP) – @Buchatech Andreas Baumgarten (MVP) – @ABaumgarten Sam Erskine … Read more

SysCTR 2012 R2 UR2 – SCSM fixes, DPM SRV 03 support, & new SCOM DB Widgets

Microsoft has release UR2 for System Center 2012 R2. There are many good fixes for the System Center products in this release.

For Service Manager a good amount of console issues are resolved including the annoying FullAdapter error. Here is the list:

  • Assume that users have both SMTP and Session Initiation Protocol (SIP) endpoints. When you send email messages to these users from the Service Manager console, Service Manager uses the Lync SIP endpoint as the email address.
  • After you select the Service Requests with Service Level Warning feature, an error occurs about one hour later.
  • After you select the Assigned to me view, a FullAdapter exception occurs about one hour later.
  • When the Service Manager console runs in maximized mode, you encounter one or more of the following issues:When you run PowerShell workflows at the same time, the results are displayed as successful. Actually, the workflows fail.
    • You experience slow performance in the console, and the console consumes excessive CPU resources.
    • Context menus in the console are not displayed as expected, and instead it is displayed at the upper-right hand corner of the main window.
    • Scroll bars for the work items preview pane do not display when you run in full-screen mode. Even if the scroll bars display, they are still inactive and you cannot move the slider.
    • Certain forms or wizards do not display appropriately. Specifically, only the left navigation pane displays and the right area is blank.
    • When you create or edit on a User Prompts page in a request offering, the page is not displayed appropriately.
    • When you scroll on an open work item or a configuration item form, the scrolling does not work. In this case, you can have the mouse held over the scroll bar for scrolling.
  • When a user tries to open an already opened attachment from a work item form, an exception is thrown.
  • After you mark a release record as Closed, the attachment and associated details cannot be retrieved.
  • When you create service requests from Request Offerings, it takes a long time to display the request offerings form.
  • When you try to use a service request template, the console crashes.
  • When you try to create a service request, a NullReferenceException exception is thrown and the console crashes.
  • The Service Manager console shows a generic Microsoft SQL exception instead of the detailed Data Collision exception when you run in a non-English environment.

The DPM update includes support for Windows 2003 Servers. This from the KB article:

DPM 2012 R2 now supports backup and recovery of Windows 2003 servers. In Update Rollup 2, you can now protect Windows Server 2003 by using DPM 2012 R2. The following workloads are also supported in Windows Server 2003:

Microsoft SQL Server 2005, Microsoft SQL Server 2008, Microsoft SQL Server 2008 R2

Microsoft Office Sharepoint Server 2007

Other highlights are:  SQL AlwaysOn with Clustering now supported and the ability to schedule backup and CC jobs defined by time windows on individual protection groups. There also are a number of issues that are resolved.

Some highlights from the Operations Manager UR 2 are:

Service Level Objectives (SLO) dashboard load times will be more consistent. When member of a member of a custom Operator role views load slow. This is resolved. There also has been updates to the Unix and Linux monitoring and SQL issues resolved. Something else to note that is new with this SCOM UR is new widgets for the dashboards. Very exciting! Here is a blog specifically about this http://blogs.technet.com/b/momteam/archive/2014/04/24/new-widgets-and-dashboard.aspx and a wiki article http://social.technet.microsoft.com/wiki/contents/articles/24133.operations-manager-dashboard-widgets.aspx with details on them. Here are screenshots of some of the widgets:

NewSCOmWidget1  

NewSCOmWidget2  NewSCOmWidget3

UR downloads and full details can be found here:

http://support.microsoft.com/kb/2932881

Read more

Launch a Runbook from a Service Manager Console Task

I recently ran across the question of “How Can I Launch a Runbook from a Console Task?” in this forum thread:

http://social.technet.microsoft.com/Forums/systemcenter/en-US/5cd957fa-5114-41fe-a727-3294df74a7b0/how-can-i-launch-a-runbook-from-a-console-task?forum=customization .

I started thinking about how this could be useful in certain scenarios and how this would work. I decided to figure this out and blog about it so here it is. First you will need a tool that can connect to Orchestrators web service and start runbooks. There is such a tool called Orchestrator Remote Tools 2.51.

With this tool you also have the ability to discover information about runbooks on an Orchestrator server, pass parameters to the tool and see the status on if the runbook started successfully or failed. This tool has a GUI and command line interface.

This tool only discovers runbooks that have an “Initialize Data” activity. This tool launches runbooks looking to a generated .XML template with information about the runbook or it can launch runbooks directly without the XML template file (CLI mode only). for The tool consists of three components:

  1. UI Generator (ORTUIGenerator.exe): This is what discovers all your runbooks and allows you to browse them. You also use this component to generate the XML template files.
  2. Remote Runbook Launcher (ORTRunbookLauncher.exe): Is the graphical way to launch runbooks.
  3. Remote Runbook Launcher CLI (ORTRunbookLauncherCLI.exe): Is the command line way to launch runbooks.

You can learn more about the tool here:

http://blogs.technet.com/b/yasc/archive/2011/11/17/orchestrator-remote-tools-2-0-fka-the-opalis-ui-generator.aspx

It can be downloaded here:

http://orchestrator.codeplex.com/releases/view/76983

Let’s work with the tool to prepare for using it with Service Manager. Create a share on your Service Manager management server. This can be something like \\SMSERVER\ORT\.

Copy the Orchestrator Remote Tools into it. You should have the following:

clip_image001[4]

Now click on ORTUIGenerator.exe . You will see this popup message:

clip_image002[4]

Click OK. This is telling you it is the first time you have run the tool and you need to put in your Orchestrator settings.

You will see the following window and will need to complete all the fields.

NOTE: Once you put in the data base server it will automatically pull in the Orchestrator database. If your SCORCH DB is not named Orchestrator you will be able to click the drop down and select it.

Click Save when you are done. Clicking Save will create a Config.xml file in your ORT directory.

clip_image003[4]

Now the UI Generator window will pop up. This is the window you use to generate the .XML template file.

On the left hand side you are able to browse through the discovered runbooks. Keep in mind it only finds runbooks that have an “Initialize Data” activity. To configure the template for a runbook browse to it on the right hand side, select it and click the “Get details for the selected runbook” button. It will then expose the settings of the “Initialize Data” activity for the runbook on the right hand side. Here is where you can configure values for the parameters and give the runbook a description for those that will be running it. Note you are not required to configure values for the parameters. When you are ready to generate the .XML template click on the “Create Runbook Launcher configuration file” button.

clip_image004[4]

You should now have a policy_template.xml in your ORT directory. By default when you run ORTRunbookLauncher.exe or ORTRunbookLauncherCLI.exe the policy_template.xml will be used allowing you to only have settings for one runbook at a time. You can elect to use another file by using the /ORTXML switch. What this does is allows you to store multiple XML templates in the same directory by different names and launch the specific one you want.

The /ORTXML switch only works using ORTRunbookLauncherCLI.exe as it is passed as a parameter. Another way around this if you are stuck on using the GUI component is to create multiple folders and put the exe’s, config file in each folder as it will have its own policy_template.xml file. That however could become a nightmare to manage and requires more space. I recommend using the /ORTXML switch.

Let’s look at the GUI component. In the ORT folder launch ORTRunbookLauncher.exe. The Runbook Launcher window will pop up. It should look similar to the following screenshot.

Input the parameters and click “Start Runbook” button.

clip_image005[4]

It is that easy to remotely launch a runbook using this tool. Using the ORTRunbookLauncherCLI.exe is basically doing the same thing except it is running from a command line allowing you to pass in the values for the parameters right in the command. The syntax for starting a runbook using the ORTRunbookLauncherCLI.exe would look like this:

ORTRunbookLauncherCLI.exe /LastName=Sinatra /Location=”Building 45″ /Department=Sales /Title=”VP of Sales” /FirstName=Frank /SamAccount=Franks /”Reporting To”=”John Adams”

 

NOTE: If the parameters’ names or values have spaces, you need to enclose them using double quotes.

clip_image006[4]

Ok, so now let’s combine the tool with Service Manager and its CMDB. Think about all the possibilities. There are a lot of useful scenarios in which these two could be utilized. A couple of possibilities I can think of off the top of my head are: Pass a user from Service Managers CMDB to this tool as a parameter and have a runbook disable a user in AD, pick up a computer from the CMDB pass it as a parameter to a runbook and move the computer from one OU to another in AD.

I don’t see this tool as a replacement for using Runbooks with Service Requests in Service Manager. I see this as more of a way to give the administrative team a quick and easy way to launch runbooks without ever leaving the Service Manager console.

Let’s look at how we can bring the Orchestrator Remote Tools and Service Manager together, create a console task and accomplish a task.

For this blog post we are going to use a very simple disable user runbook. To do this we need to create a console task using the ORT tool. Use the following steps to do this:

Read more

SCSM Assignment/Re-Assignment Notify Options

Service Manager can email analysts when a work item is assigned to them or re-assigned to them. Assignment/re-assignment notification is a common requirement most Service Manager projects. To set this up is not an easy task. This is a topic that has been blogged about already and there are several solutions out for this. Some … Read more