Archive for May 2011
The TechEd 2011 is now finished, for the one who didn’t get the chance to be there, the Microsoft System Center Operations Manager 2012: Setup and Config session is now available online. (Speaker : Maarten Goet, Rob Kuehfus)
Today, I will present a little case that I need to deal with at one of my customer. My case Study is quite simple, I’ve got a Monitor Policy which creates an Incident/Ticket each time that a critical alert is raised in Operations Manager.
I will simplify this policy to the one below :
The scenario, a maintenance is planned on my Incident management platform, so at the convenience time I need to stop my Monitor Policy, wait the end of the maintenance window and after start my Monitor Policy again. As Opalis allows us to orchestrate our activities, I want to automate that task.
No object presents in the default integration packs allow us to do these actions easily.
· How could I stop an Opalis policy through another policy ?
· How could I schedule the start of an Opalis policy ?
· How could I pause my policy for some minutes ?
So we just have to create it with the Opalis Quick Integration Kit (QIK). J
Basically, I need to schedule an action, stop a policy, wait the end of the maintenance window and start my policy.
I invite you to read carefully the post of Adam Hall, Snr. Technical Product Manager for System Center Opalis/Orchestrator : Migrating a PowerShell script to an Opalis Activity
Thanks to this article and some PowerShell command I’ve been able to create three 3 new Opalis objects :
1. Sleep object: As input it simply takes a number of seconds and your policy will pause for the define time.
2. Start At: Specify a date and time for starting/continuing your policy.
3. Stop Policy: This object allows you to stop an Opalis policy from another one. It uses the sp_StopAllRequestsForPolicy SQL store procedure. As input it needs the Opalis Sql server name, database name, and the name of the policy that you want to stop.
Be carefull, the policy name that you specified must be unique, because this object will stop all the policies that are using the specified policy name. For example, if you’ve go more than one policy that is named “1.Monitor”, this object will stop all of them, and that certainly not what you want because that impact directly the others running policies. So be careful with it and always use an unique name for the policy that you want to top.
Now, we will use these news objects for stopping the Monitor Policy below during a maintenance window and restart it after, for that we created a Maintenance Window Policy.
Let’s configuring it
Maintenance window policy
Let’s testing it
You can directly download the integration pack which is containing these news objects and the source code: Download.
Remember, this is provided “As is” without any support and/or guarantee.
Feel free to contact me through the blog comments for any questions and/or remarks.
The first of four sessions on Operations Manager 2012 has been presented at the Tech Ed North America 2011. This session provides you with an overview of the capabilities in Operations Manager 2012.
I invite you to read the previous posts :
Now that your collector and reporting servers are up and running, we will enable the Forwarder service for the servers that you want to store security events in the ACS database.
You have now a functional ACS environment.
The next posts will be about the ACS Reports utilization and on how to use ACS in an untrusted environment.
Previous post about ACS :
Now that you have a running ACS Collector, you have to publish the ACS Reports on your SQL Reports Services server.
2. Open a command prompt
3. Go to the folder you just created (D:ACS)
4. Executing the following command
UploadAuditReports.cmd reportsrvfqdn http://reportsrvfqdn/ReportServer ACSFOLDER
5. Don’t take care of the two warnings
6. Start your web Brower and go to http://reportsrvfqdn/Reports
7. Click on Show Details and go to DB Audit.
8. Adapt the Connection String field to point to your ACS Database
data source= xxxxSQLDB1;initial catalog=OperationsManagerAC;Integrated Security=SSPI
9. If you are using the same reporting for Operations Mananger and ACS, select also the option Credentials supplied by the user running the report and check Use as Windows Credentials when connection to the data source.
10. Click Apply.
Access Control List
1. Create a new Active Directory group for your Security Administrator and add them as member. (By example: SCOM2007-ACSAuditors)
2. Go to your Database server and add the group as Users for you ACS DB.
3. Grant your group as db_datareader of your ACS database.
4. Your Security Administrator could now access to the ACS Reports through the SQL Reporting Services Web Interface : http://reportsrvfqdn/Reports > Audit Reports
The next post will be about the ACS Forwarder Configuration.
Feel free to contact in case of any remarks and/or comments.