Lessons learned SCOM SP1 Upgrade – Part 3

I am a strong believer in not using AD integration any more. I think the management of the agents long term and in a DR situation is easier with a little planing.

Durring an upgrade to SCOM SP1 I ran into an few unexpected results.

When the management server upgrade fails you will be left without a management server on the host that failed to upgrade.

AD integration was setup and 90% of the agents’ primary management server was the Management Server that had just failed and the install removed from the server.  The failed Management Server still showed up in the console as management server but it is grayed out, you need to delete the server from the console if you want to reinstall the management server role on the same server. Here is the catch, you can’t delete the server while there is still agents assigned to the server as the primary management server. Since AD integrated agents are not remotely manageable this created a lot of extra work that when you have other problems you are trying to address only complicate things and increase the time to resolution. you can find the steps to convert the agents from AD integrated here.

I have taken the SQL script to make all agents remotely manageable and put it in a Orchestrator runbook and set it to run every 7 days, this will ensure that any manually installed agents in the future will be manageable from the console. My next version of this runbooks will also balance the agents between management servers every time it runs.

runbook overview

 

SCOM Agent Mgmt runbook

Step 1

Scom Agent mgmt Step 1

 

Step 2 set all agents to be remotely manageable

Scom Agent mgmt Step 2

 

Step 3

Powershell script to approve agent in pending in ManualApproval status

Import-Module OperationsManager
New-SCOMManagementGroupConnection -ComputerName scomn01
$Passwd = ConvertTo-SecureString “password” -AsPlainText -Force
$Account = New-Object System.Management.Automation.PSCredential (“SCOMAction”, $Passwd)
$Agents = Get-SCOMPendingManagement | where {$_.AgentPendingActionType -eq “ManualApproval”} | Approve-SCOMPendingManagement -ActionAccount $Account

 

If you are doing something similar and have installed the SCOM agent in MDT and set it to AD integrated in the OS wim. The SCOM agent will have to come out of the base OS image and become a step of the SCCM OSD task sequence.

Advertisements
This entry was posted in Powershell, SC 2012 SP1, SCO, SCOM and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s