New MP from Marshal

If you use Marshal products then you will be pleased to know that they are doing MOM 2005 MPs. Not sure it exists yet as I can not find it on their web site.

 February 26, 2007

Basingstoke, UK –  Integrated email and Internet content security provider Marshal Inc. has today announced an optional add-on module for its customers using Microsoft™ Operations Manager (MOM) 2005 SP1. The MailMarshal SMTP MOM Management Pack enables live monitoring of events via the MOM console on one or multiple MailMarshal servers, enabling consolidated event management of a customer’s entire MailMarshal environment.   

The integrated add-on module offers high availability of corporate messaging systems as it enables administrators to proactively monitor more than thirty unique MailMarshal indicators including performance, processing, services and security events. Including:

• Alerts for possible SMTP Denial of Service attacks
• Warnings for low disk space on a MailMarshal server
• Instantaneous notification of failed or stopped services
• Multiple performance counters including latency and bytes/second
• General system health information

Administrators will also benefit from a consolidated view of all associated network management tasks from a single console. The MOM Management Pack also allows automatic restarting of services which can decrease response times.  

According to Ed Macnair, CEO of Marshal, “Email today is a mission critical application and any downtime incurs costs for corporations.. Having greater visibility of the network is the most effective way to ensure email availability. Our integration with Microsoft™ Operations Manager, enables current and future customers of MailMarshal to more closely monitor their environment and stay alert to future email-borne threats.”

http://www.marshal.com/pages/newsitem.asp?article=145

Slow Console

I installed MOM 2005 in a system test area for a project I am working on but the console was incredibly slow. My initial thoughts was that it may be down to the virtual environment as there were a lot of guests on each machine, But investigations showed that was OK.

Doing nslookup showed that there was a name problem. When I pinged a server it took a long time to reply but the ping response was fast. As soon as I put in the fully qualified name it responded immediately. Looking at the DNS entries showed that there were a lot of DNS suffixes that did not exist that had been appended. It transpires that they wanted to make the system test area similar to production so had imported all the group policies, But there was one policy that appended 9 different DNS suffixes. So every time the console went to the database server it did a name resolution (obviously using the Netbios name) and it had to try 9 different domains that did not exist before it could get to the real one.

Moral of the story is that you need to make sure your DNS name resolution is up to scratch when using MOM. And MOM did not pick it up as a problem as Group Policy was working correctly and doing what it was told to do. Sometimes you need some human brain power as well as the technology.

SCE RC1

System Center Essentials RC1 is now available. I won’t add more as a number of other bloggers have commented but will say it is a 589 MB download so it takes a while!

I just hope that they have fixed the problem so that I don’t have to change to US English.

See Techlog, Pete and Stefan.

Virtual PC 2007 Released

Virtual PC 2007 is released to the web and it is free.

Some key features of Virtual PC 2007 include:

• Support for x64 Windows as a host operating system
• Support for hardware virtualization support
• Support for Windows Vista as a guest and host operating system 
• Support for PXE network booting of virtual machines
• Support for the use of fullscreen virtual machines on multi-monitor systems (VM still stays on just one monitor though)
• Better performance than 2004

Web site (with download link) – beware mainly marketing stuff with very little technical information!http://www.microsoft.com/windows/products/winfamily/virtualpc/default.mspx

Post holiday catch up and RC2 bugs

I am back from my skiing holiday and catching up on all the news. Pete has also been away but in sunnier climes (I went to the Mayan Mexico area a couple of years ago – great place) and mentions a System Center roadmap on the Techlog site.
http://www.it-jedi.net/2007/02/system-center-roadmap.html

System Center Reporting Manager is missing but as Daniel points out it will be incorporated as part of Service Desk product.
http://msmvps.com/blogs/daniel/archive/2007/02/10/news-of-system-center-reporting-manager.aspx

(He mentions that it no longer features on the System Center web site although you can still access the SCRM site at http://www.microsoft.com/systemcenter/scrm/default.mspx)

Seems to be an issue with the certificate part of SCOM 2007 Gateway server as discussed by Stefan and Techlog.
http://weblog.stranger.nl/opsmgr_2007_gateway_approval_tool
http://www.techlog.org/archive/2007/02/14/operations_manager_2007_gatewa

It is a good idea as with 2005 you could have all your servers in AD and have mutual authentication on but if one server was not in the forest (e.g. DMZ servers) then all servers had to have mutual authentication switched off. The new Gateway server role helps with that but only if it makes dealing with certificates easy. I did a 2 day PKI course in the days of Windows 2000 and PKI is not as easy as it should be.

Stefan also mentions where to get a copy of the Silect newsletter that has words of wisdom from 3 MVPs, as well as discovering Power Shell.
http://feeds.feedburner.com/myiti

Technlog mentions a bug with recoding task sequences with RC2 that only affects servers east of GMT! Should be fixed in RTM.
http://www.techlog.nl/archive/2007/02/15/recording_browser_session_in_o

Techlog also mentions an RC2 bug that won’t get fixed. The web link in an e-mail is incomplete but they show you how to fix it.
http://www.techlog.nl/archive/2007/02/18/opsmgr_2007_webconsole_link_in

I also submitted a few bugs for RC2

Shows that agent is running on a Microsoft Virtual Server/PC but not VMWare

“This would be due to the fact that we have an object discovery for Virtual Machine in the Windows Core Library that looks for VM attributes based on Virtual PC/Virtual Server, not VMWare machines. We will probably have to look at updating this rule to allow for other types of virtualization. In the meantime, you should be able to create an attribute that looks for attributes unique to VMWare, then you can use that attribute in creating discoveries, groups, monitors, views and other objects.”

Reporting fails to install even though the pre req checker passes if SRS is installed but Report Manager Virtual Directory is not installed. Difficult to install SRS without the RM VD unless you use an automated SQL script where that bit can be excluded as I found out.

“We should have a note in the deployment guide referring to the configuration of SQL Reporting Services before attempting to install reporting. The Pre-Req checker will verify the existance of SRS, but we are unable to verify every possible configuration prior to installation. This is a good point to include, however, and should be included in the final documentation.”

And I put a bug report in for the 2048 MB needed for console and was told it was by design! Microsoft must have shares in memory firms as Vista ups the memory requirement from XP anyway.

Looks like the product group are trying to close off as many non critical bugs as they can. That lets them focus on critical (show stoppers) bugs.

Micromuse Netcool connector

Netcool from Micromuse (recently bought by IBM) supplies a connector for MOM 2005. One customer uses Netcool as the manager of managers so we agreed to go along with that connector. Reading the PDF it looked pretty simple to install. But it did not work and worse there was nothing in the logs even though logging was set to verbose.

Well we plugged at it and got a Netcool specialist involved. One of the problems is that Netcool was written to be run on UNIX and the Windows version is just a port. From what I gather getting the connector to work with Netcool on UNIX is easier.

For a start the current version does not work on the Windows version. IBM have a new version but it is not GA (Generally Available) yet as they like to bundle updates on a regular basis rather as done like Microsoft do. You can get hold of it via IBM though if you need it until it is publicly released. This version uses the parameter IWA (Integrated Windows Authentication) which you need for it to work in a Windows environment.

We installed it on the MOM management server. You need the MCF and web console installed and Java 1.5. Although it utilises MCF it does not use it directly like a standard connector would. We found that we needed to set access rights for c:\windows\temp and as well as user needing to be a member of the MOM User group it needs to be added to the COM+ role EEASYSTEM.

The Netcool software was installed and the MOM.prop file was edited. Be careful with this as the file is sensitive to extra spaces and tabs need to be in the correct place. It creates a 241 level called Netcool and you can use the AKM file provided to test an event going to Netcool (event 600) or make live the alert rule although I would do some serious filtering and the some restrictions on that rule before sending all to Netcool.

Having done all that and more we are going to set up a new test environment and check it all again and document everything. But after I come back from my skiing holiday!

So the MOM 2005 SP1 Netcool connector works but you need more than just the documentation supplied.  Also if you want to set the logging to verbsose there are a few environment variables that need to be added to Windows.

John Hann AD Article on TechNet

MVP John Hann has a Technet article at http://www.microsoft.com/technet/technetmag/issues/2007/02/Monitoring/default.aspx (mentioned already by Pete and Stefan).

It is a good article (especially on the tuning of the AD MP) but here are a couple of comments. John mentions using the DNS, DHCP, FRS and Windows Base MPs to extend monitoring of your AD. He does not mention the Group Policy MP. Mind you it is not very extensive but it has shown me a major problem with AD GP with one customer. Another 2 MPs that help with AD are the DFS Service and the DFS Replication Service (Windows 2003 R2) MPs. Another is the Server Performance Advisor which is for IIS as well as AD. It is not so much a management pack as a diagnostic tool to help with AD problems. It can be run as a stand alone application similar to the Exchange BPA.

I talk to people about “Managing the Stack”. Usually it is around Exchange. The Exchange team think that all they have to do is use MOM to monitor Exchange but that relies on AD which relies on DNS and all rely on the OS and the hardware. So as part of monitoring AD I would include a hardware MP as well such as HP SIM or Dell OpenManage etc depending on hardware being used. And depending on the organisation I may also talk about extending the monitoring to the network with JalaSoft or eXcSoftware. Here is a slide I designed to show managing the stack.

The other point is on FRS. John does mention that FRS relies mainly on Ultrasound and needs its own database. FRS will work on MSDE or SQL 2000. If you are using SQL 2005 though you can not run Ultrasound on that. If you need to do that you need to install SQL 2000 first, then Ultrasound and finally upgrade to SQL 2005. Workaround is mentioned at the bottom of the download page.

Be aware that parts of the AD MP rely on OOMADS.MSI. This is installed automatically on the management servers and agents unless you do a silent build using batch files as I found out recently. In which case remember to include the install of that msi as part of the batch files for management servers (site diagram does not show up) and agents on DCs.

@echo off
@echo ———————————-
@echo Installing MOM 2005 agent……
REM Installs a MOM 2005 agent
msiexec.exe /i MOMAgent.msi CONFIG_GROUP=”yourmg” MANAGEMENT_SERVER=yourserver AM_CONTROL=”Full” /qn /l MOMAgtInstall.log
REM installs as local system
REM use these parameters for domain account
REM ACTIONS_USER=”youruser” ACTIONSPASSWORD=”yourpass” ACTIONSDOMAIN=”yourdom”
@echo ————————————
REM – use the existence of sysvol to test for DC
if not exist %systemroot%\sysvol goto END
REM install oomads.msi for MOM agents on DCs
:INSTALL
@echo Installing OOMADS
SupportTools\oomads.msi
:END
@echo Installation complete – check local MOMAgtInstall.log for errors

As always I would recommend people reading the AD MP Guide which has lots of good information. All the MP guides are located at http://www.microsoft.com/mom/techinfo/productdoc/default.mspx.