SCOM: Create an Alert on an Object Property Status

Today I had an interesting question from one of my customer. Is it possible to create a SCOM alert based on an SCOM Object Property?

In clear, They would like to get a SCOM Alert when a DHCP Scope is deactivated (or Disabled). If you check the DHCP Scope properties, this information is already there and we ‘just’ need to monitor the changes of this property.


Unfortunately, this monitor doesn’t exist in the DHCP MP, only the following 3 monitors are available out of the box.image

So we need to create a new monitor that will timely check the IsEnabled property of each DHCP Scopes and if the value is False, raise an alert.

Go to the authoring section and create a new unit monitor.

Select Time Script Two State Monitor.image

As Monitor Target, specify DHCP Scope.image

Define the schedule for your monitor.

There are 3 steps that you need to do:
_Provide a name .vbs to your script.
_Copy/Paste the script below


Dim oAPI, oBag
Set oAPI = CreateObject("MOM.ScriptAPI")
Set oBag = oAPI.CreatePropertyBag()

iScopeStatus = WScript.Arguments(0)

If iScopeStatus = "True" Then
   Call oBag.AddValue("Status","OK")
   Call oBag.AddValue("Status","NOK")
End If

Call oAPI.Return(oBag)


When done, click on Parameters… and select the Is Enabled parameter.image

Configure the Unhealthy Expression:

_Parameter Name: Property[@Name=’Status’]
_Value: NOK


Configure the Healthy Expression:

_Parameter Name: Property[@Name=’Status’]
_Value: OK


Define the Monitor Health State for the Unhealthy Monitor Condition.image

Finally, configure the Alert Settings.

Now the problem with this approach is that the monitor is looking to a value that has been set by a Discovery Script. Which means that if your DHCP Scope Discovery script is only running one time per day, the IsEnabled property will be refreshed only one time per day.

So in this case, we will need to change the DHCP Scope Discovery interval to match our monitor interval. Go to the authoring section, search for ‘scopes discovery’


Select DHCP Technical Preview Scopes Discovery Data Source With Paging and create an Override For All objects of class: Microsoft Windows Server DHCP Technical Previewimage

Decrease the interval seconds to match to the monitor we createdimage

After a few minutes, we could see that my disabled DHCP Scope is turning Red.

If we compare Health Explorer Status of my two DHCP Scopes (One enabled and one disabled), we could confirm that the monitor is working as expected Smile


You could download the management pack here:


Posted in Uncategorized | 1 Comment

Deploy your domain joined and ip configured Nano server

With Windows Server 2016 Technical Preview 4 that has been released by Microsoft, a few weeks ago, a lot of person start playing with the new Nano Server…including myself. Smile

As part of my requirements, I would like to get my Nano Server deployed directly from the ISO file, AD Domain Joined, IP Configured, Firewall disabled (oops Smile with tongue out)…. In order to be able to do all that in an automated way, I created a small PowerShell script that I would like to share with you.

Run this script from the regular PowerShell Command Prompt (on you Hyper-v 2016 TP4 host) and not from PowerShell ISE. If you are running it from PowerShell ISE, for a reason that I didn’t figure it out yet, you risk to receive the following error message:ERROR  : Cannot find type [WIM2VHD.WimFile]: verify that the assembly containing this type is loaded.


#Script Info
$ScriptPath = "C:\Users\Christopher\Downloads"
$ISOPath = "C:\Users\Christopher\Downloads\ISO\10586.0.151029-1700.TH2_RELEASE_SERVER_OEMRET_X64FRE_EN-US.ISO"

#Domain Info
$DomainName = ""
$DCName = "DC001"
$DCUser = "Administrator"
$DCPassword = ConvertTo-SecureString "P@$$w0rd01" -AsPlainText -Force

#Nano Server Info
$NanoServerName = "NANOSRV001"
$NanoAdminPwd = ConvertTo-SecureString 'P@$$w0rd01' -AsPlainText -Force 
$NanoIP = ''
$NanoMask = ''
$NanoGW = ''
$NanoDNS = ''

#Nano VM Configuration
$VMCores = 2
$VMMemory = 2  #GB
$VMVHDPath = "E:\Hyper-V"
$VMSwitch = "vSwitch"


# Mount the OS ISO image onto the local machine
Mount-DiskImage -ImagePath $ISOPath 
$iSOImage = Get-DiskImage -ImagePath $ISOPath | Get-Volume
$iSODrive = "$([string]$iSOImage.DriveLetter):"

#Copy the module and script
Copy-Item -Path $iSODrive\NanoServer\NanoServerImageGenerator.psm1 -Destination $ScriptPath -force
Copy-Item -Path $iSODrive\NanoServer\Convert-WindowsImage.ps1 -Destination $ScriptPath -force

#Connection to the domain controller via PowerShell Direct
$Creds = New-Object System.Management.Automation.PSCredential ("$DomainName\$DCUser", $DCPassword)

$Domainblob = Invoke-Command -VMname $DCName -Credential $Creds -Scriptblock {
    param($DomainName, $NanoServerName)
    djoin.exe /provision /domain $DomainName /machine $NanoServerName /savefile $env:TEMP\$NanoServerName | Out-Null
    $Domainblob = Get-content $env:TEMP\$NanoServerName
    Remove-item $env:TEMP\$NanoServerName -force

} -ArgumentList $DomainName, $NanoServerName

#Save the Domainblob File Locally
$Domainblob | Out-File $ScriptPath\$NanoServerName

#Nano Server Info
#Create the VHD
Import-Module $ScriptPath\NanoServerImageGenerator.psm1
New-Item $ScriptPath\$NanoServerName-tmp -type directory
New-NanoServerImage -MediaPath $iSODrive -BasePath $ScriptPath\$NanoServerName-tmp -TargetPath $ScriptPath\$NanoServerName.vhd -GuestDrivers -AdministratorPassword $NanoAdminPwd -DomainBlobPath $ScriptPath\$NanoServerName -InterfaceNameOrIndex Ethernet -Ipv4Address $NanoIP -Ipv4SubnetMask $NanoMask -Ipv4Gateway $NanoGW

Remove-Module -Name NanoServerImageGenerator
Remove-Item $ScriptPath\$NanoServerName
Remove-Item $ScriptPath\$NanoServerName-tmp -Recurse -force
Remove-Item $ScriptPath\NanoServerImageGenerator.psm1 -force
Remove-Item $ScriptPath\Convert-WindowsImage.ps1 -force
Dismount-DiskImage -ImagePath $ISOPath 

#Create the VM

New-Item $VMVHDPath\$NanoServerName -type directory
Copy-Item -Path $ScriptPath\$NanoServerName.vhd -Destination $VMVHDPath\$NanoServerName
Remove-item $ScriptPath\$NanoServerName.vhd -Force

$VMMemory= $VMMemory * 1024 * 1024 * 1024
New-VM –Name $NanoServerName –MemoryStartupBytes $VMMemory –VHDPath $VMVHDPath\$NanoServerName\$NanoServerName.vhd -SwitchName $VMSwitch
SET-VMProcessor –VMName $NanoServerName –Count $VMCores
Start-VM –Name $NanoServerName

#Configure tne VM

#Check if the computer is online / Need to find something better.
Start-Sleep 120

#Connection to the VM via PowerShell Direct
$Creds = New-Object System.Management.Automation.PSCredential ("$NanoServerName\Administrator", $NanoAdminPwd)
Invoke-Command -VMName $NanoServerName -Credential $Creds -Scriptblock {

    #Disable the firewall
    netsh advfirewall firewall add rule name="Local Any" dir=in action=allow profile=any remoteip=any 

    #Set the DNS
    Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses $NanoDNS

    shutdown -r -t 5

} -ArgumentList $NanoDNS

In a few minutes, the script will create the configured VHD and deploy it to Hyper-V:


you could now manage your brand new Nano server via PowerShell:


Or remotely from another server:


Have a nice day

Posted in Uncategorized | 2 Comments

SCOM SQL MP 100% CPU, Logs Full, deployment failure ….

This morning at one of my customer, I decided to import the last version of the SQL Management pack, which is the….
After a few hours, we noticed some very strange behaviors that were happening in the SCOM environment.

  1. SCOM failed to deploy database component to Data Warehouse.
  2. The CPU on the SQL server hosting the SCOM Date Warehouse DB was running at 100%.
  3. If we take a look at the CPU usage for the last few days, we could see that something is going wrong since we imported the MP.
  4. The Data Warehouse DB Log file increased of several GB at once and continued to grow very quickly
  5. In SQL, we could see that one query was really CPU Intensive.
  6. If we look into the details, we could see that this is related to the SQLServer Virtualization Library.

  7. To fix the problem, just remove the followings MPs from the SCOM Management Console:
  • Microsoft.SQLServer.Visualization.Library.mpb

After a few minutes, you will directly see the CPU SQL of your SQL server will return to a normal situation J

There are already 2 threads on TechNet about this problem:

My good friend Marnix also blogged about it

I had the confirmation that the product team is aware of the problem and they are currently working on a fix.

I’ll keep you posted as soon as I’ve got some news from Microsoft.



Posted in Uncategorized | Leave a comment

SMA: Start Runbook / Get Status Runbook from the Rest API via PowerShell

For one of my customer, I had to write a PowerShell script which should be able to start a SMA Runbook but also to retrieve the status of this runbook. Another requirement is to use the REST API instead of the SMA Cmdlets. I used my favorite search engine and I found a blog post from Laurie Rhodes who already published a PowerShell script that was doing almost everything that I need.
The original script is available at the following URL:

I re-wrote some parts of the script and added some functionalities. My version of Laurie’s script is available below:

# Original script from
# Modified by Christopher Keyaert (

# Ignore SSL Self-Signed certificate  
   add-type @"
        using System.Net;
        using System.Security.Cryptography.X509Certificates;

            public class IgnoreSelfSignedCertificate : ICertificatePolicy {
            public IgnoreSelfSignedCertificate() {}
            public bool CheckValidationResult(
                ServicePoint sPoint, X509Certificate cert,
                WebRequest wRequest, int certProb) {
                return true;
[System.Net.ServicePointManager]::CertificatePolicy = new-object IgnoreSelfSignedCertificate

# Step 0. Define Variables
$SMAServer = ""
$RunbookName = "MyRunbook001"

# Create a Credentials object 
$credentials = New-Object System.Management.Automation.PSCredential ("Domain\User",(ConvertTo-SecureString "Password" -AsPlainText -Force))
#$credentials = Get-Credential

# Enable verbose logging
$VerbosePreference = "Continue"
#$VerbosePreference = "SilentlyContinue"

# Step 1. Query the SMA server for the Runbook GUID
Write-Verbose ""
$URI =  "https://$SMAServer/00000000-0000-0000-0000-000000000000/Runbooks()?`$filter=RunbookName eq '$RunbookName'"
$Response = Invoke-RestMethod -Uri $URI  -Method Get -Credential $credentials 
$StartGUIDURI = $
# Step 2. Start the runbook with Name Value pairs for inputs
# * All REST inputs for SMA are as Name Value pairs submitted as JSON
Write-Verbose ""
$URI =  “$($StartGUIDURI)/Start”
$Headers = @{“Accept” = “application/atom+xml,application/xml”}
$Body = @"
$Response = Invoke-RestMethod -Uri $URI -Body $Body -Method Post -Headers $Headers -Credential $credentials -ContentType  “application/json;odata=verbose” 
$JobGUID = $Response.Start.'#text'
Write-verbose "JOB Id = $($JobGUID)"
# Step 3. Retrieve the status of the submitted job
# Keep polling until the job status is complete
Write-Verbose ""
$URI =  "https://$SMAServer/00000000-0000-0000-0000-000000000000/Jobs(guid'" + $JobGUID  + "')"
$Response = Invoke-RestMethod -Uri $URI  -Method Get -Credential $credentials 
$JobStatus = $ 
$Status = (Invoke-RestMethod -Uri $URI  -Method Get -Credential $credentials )
Write-Verbose ""
while ($Status -ne "Completed") { 
   Write-verbose "Status = $($Status)"
   Start-Sleep 5
   $Status = (Invoke-RestMethod -Uri $URI  -Method Get -Credential $credentials )
Write-Verbose ""
# --------------------------
# Step 4. Retrieve the output streams from the Job
Write-Verbose ""

$URI =   "https://$SMAServer/00000000-0000-0000-0000-000000000000/JobStreams/GetStreamItems?jobId='" + $JobGUID +"'&streamType='Any' "
$Result = Invoke-RestMethod -Uri $URI  -Method Get -Credential $credentials 
Write-verbose "StreamText = $($"

# Step Optional. Retreive all the Runbook Names and IDs
Write-Verbose ""
$URI =  "https://$SMAServer/00000000-0000-0000-0000-000000000000/Runbooks()"
$Response = Invoke-RestMethod -Uri $URI  -Method Get -Credential $credentials 

foreach($Rep in $Response)
    Write-Verbose $'#text'
    Write-Verbose $
    Write-Verbose ""


I hope this help

Posted in Uncategorized | Leave a comment

What’s up here?

It has been a long time since I didn’t post anything on my blog… more than 4 months to be exact. If you are following me on Twitter, if not, please do, you already know that these 4 months were really busy.

  • In August, I was in Switzerland to speak at System Center Universe.
  • In September I was in Las Vegas to speak at IT/Dev Connections.
  • End of October I will fly to Seattle for the Microsoft MVP Summit
  • Finally, on November 19th, I will be in the Netherlands to speak at Experts Live (

The recordings of my sessions at SCU and IT/Dev Connections are not yet available, but I would like to already share with you my slide decks.

System Center Universe/ IT Dev Connections: WAP and ASR – Better Together

D1 – Part 1 – Tenant Portal Presentation

D1 – Part 2 – HSP ASR Presentation + Failover

D1 – Part 3 – Tenant Azure Portal Presentation

D2 – Part 1 – VMM and ASR Configuration

D2 – Part 2 – Plan Configuration

D2 – Part 3 – Runbook Execution

IT DEV Connections: Azure Site Recovery, the Enterprise-Scale Disaster Recovery solution for your Hyper-V, VMware and Physical servers

Demo 1 – Part 1 – Infrastructure Deployment

Demo 1 – Part 2 – ASR Protection and recovery

Demo 2 – Part 1 – Infrastructure deployment

Demo 2 – Part 2 – ASR Protection

See you soon for another post 😉


Posted in Uncategorized | Leave a comment