Your SlideShare is downloading. ×
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Title of Presentation
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Title of Presentation

768

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
768
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Agenda day 2 Day 1 wrap up and more It’s all about the XBOX Management Packs for Dummies Management Packs, a closer look
  • 2. So far Overview of SCOM function Installation But… what about availability
  • 3. Side by Side Migration Same Hardware Approach Management Group 1 - 2005 2005 2007 2005 2007 2005 2007 Management Group 2 –2007 Microsoft Confidential
  • 4. Side by Side Migration New Hardware Approach Management Group 1 - 2005 Management Group 2 - 2007 2005 2007 2005 2007 2005 2007 Microsoft Confidential
  • 5. High Availability Consideration 5
  • 6. High Availability Consideration 6
  • 7. Deployment Security Considerations Account Name Asked During Used For Low Maintenance High Security Management Collect Data from Management Low Privilege Domain Server Action provider and run Local System Server Setup Account Account responses Management Write to the Ops SDK and Config Server Setup Database and run Local System Domain Account Service Account services Domain or Local Domain Account or Administrator DiscoveryPush Installing Agents Administrator Local Administrator Account Agent Install Account Account Gather information DiscoveryPush Agent Action and run responses Low Privilege Domain Agent Install Local System Account on the managed Account computers Data Warehouse Reporting Server Write to the Data Low Privilege Low Privilege Domain Write Account Setup Warehouse Domain Account Account Low Privilege Low Privilege Domain Data Reader Reporting Server Query SQL Domain Account Account Account Setup Reporting Services 7
  • 8. Deployment Firewall/Security Considerations Point A Direction Point B Port Protocol Configurable DB Root MS OLEDB 1433 TCP Yes (Setup) DB MS OLEDB 1433 TCP Yes (Setup) Root MS MS 5723 TCP No Root MS Gateway Server 5723 TCP Yes (Setup) Root MS Data Warehouse OLEDB 1433 TCP No Root MS Reporting Server 5724 TCP No Root MS Operations Console 5723 TCP No Connector Framework No Root MS 51905 TCP Source Root MS Web Console Server 5724 TCP No Root MS (Top-Tier) Root MS (Mid-Tier) 5724 TCP No Root MS, MS, Gateway Server Agent 5723 TCP Yes (Setup) MS Gateway Server 5723 TCP Yes (Setup) MS ACS Collector Agent (ACS Forwarder) 59109 TCP Yes (Reg Key) MS AEM File Share AEM Data from client 51906, 445 TCP Yes (AEM Wizard) MS SQM End Point SQM Data from client 51907 TCP Yes (AEM Wizard) Gateway Server Gateway Server 5723 TCP Yes (Setup) Operations Console (Reports) SQL Reporting Services 80 TCP No Data Warehouse Reporting Server OLEDB 1433 TCP No ACS Database MS ACS Collector OLEDB 1433 TCP No Yes (Web Config Web Console Server Web Console Browser 51908, 443 TCP File)
  • 9. Management Packs for Dummies What is a Management Pack What is out there Now what?
  • 10. What is a Management pack? Very flexible and powerful way to extend OpsMgr Typical types of data that can be consumed Event logs, performance counters, log files SNMP data and traps, Syslog Something that can be accessed through a script WS-man – WindowsRM (OpsMgr sp1) XML document with knowledge about an application The structure of the application How to discover the application How to monitor the application What to do when the application breaks
  • 11. Sealed Management Packs Read-only Digitally signed by vendor Benefits Simplifies upgrading to a new version Easy to roll back to original version Simplifies troubleshooting for the vendor
  • 12. Sealed Management Packs Why Sealed MPs? ID Version Signed by Certificate Composability Must use the full identity Version indicates lowest version usable Only sealed MPs can be referenced
  • 13. Microsoft Management Packs 38 Management Packs Currently Published 18 more before December ~20 Windows Server 2008 MPs 5 more Native MPs being developed Biztalk R2 Cluster 2003 DNS 2003 DHCP ISA 2006
  • 14. Windows Server 2008 MPs All Windows Server 2008 Roles Base OS Certificate Services Group Policy IIS Cluster Services Print AD NLB Routing & Remote WINS Streaming Media Access DNS Terminal Services DHCP Hyper Visor Group Policy Windows Deployment Common library will be updated for down-level MPs AD WINS DNS DHCP There will be beta releases
  • 15. Released MPs for Operations Mgr 2007 Windows Group Policy 2003 Exchange Server 2003/2007 Windows Print Server 2003 Windows Server 2000/2003 AD Biztalk Server 2006 Information Worker Forefront for Exchange MS Server 2000/03 OS Forefront for Sharepoint MS Client 2000 XP OS Windows Network Load Balancing Windows Server IIS 2000/2003 Identity Integration Server 2003 SharePoint Portal Server 2003 Office Project Server 2007 Windows SharePoint Services 2003 Windows DNS Server 2003/2000 Windows Server 2000/2003 Terminal Services Windows Distributed File Systems 2003 SQL Server 2000/2005 Windows Routing and Remote Access Windows Vista Client Service 2003 Windows Update Services 3.0 Windows Distributed Transaction Dynamics CRM 3.0 Coordinator 2000/2003 SMS 2003 Computer Cluster Server 2003 Office SharePoint Server 2007 Windows AD Federation Services 2003 Windows SharePoint Services 3.0 Windows Internet Naming Service Windows DHCP Server 2003/2000 2000/2003 Windows File Replication Service 2003/2000 ISA Server 2004/2006 Office Live Communications Server 2005 15
  • 16. MP Roadmap for Operations Mgr 2007 Released Q4 CY’07 H1 CY‘08  Exchange Server 2003  Configuration Manager 2007  Windows Server 2008  Windows Server 2000/2003 AD  System Center Virtual Machine Manager  Windows Server 2008 AD  Information Worker  MS Server 2000/03 OS 2007 and Virtual Server 2005  Additional MPs (work in progress)  MS Client 2000 XP OS  Windows Server Clusters 2000/03  Windows Server IIS 2000/03  Exchange 2007  SharePoint Portal Server 2003  Windows Rights Management Services  Windows SharePoint Services 2003 2003  Windows Server 2000/03 Terminal Services  SQL Server 2000/05  Office SharePoint Server 2007  Windows Vista Client  Windows SharePoint Services 3.0/LH  Windows Update Services 3.0  Office Project Server 2007  Dynamics CRM 3.0  System Center Data Protection Manager  SMS 2003 2006  Office SharePoint Server 2007  Commerce Server 2007  Windows SharePoint Services 3.0  Host Integration Server 2006  Windows DHCP Server 2003/2000  Windows File Replication Service 2003/2000  Windows Password Change Notification  Windows Group Policy 2003 Service 2003  Windows Print Server 2003  Antigen 9.0 MOM Pack  Biztalk Server 2006  Windows Server Automated Deployment  Forefront for Exchange  Forefront for Sharepoint Services 2003  Windows Network Load Balancing  Windows Server Performance Advisor 2003  Identity Integration Server 2003  Windows System Resource Manager 2003  Office Project Server 2007  Communicator Web Access 2005  Windows DNS Server 2003/2000  Windows Distributed File Systems 2003  Windows Key Management Services 2003  Windows Routing and Remote Access Service  Office Communications Server 2007 2003  Windows Distributed Transaction Coordinator 2000/2003  Computer Cluster Server 2003  Windows AD Federation Services 2003  Windows Internet Naming Service 2000/2003  ISA Server 2004/2006  Office Live Communications Server 2005 This information represents Microsoft Corporation's current view of its product development cycle. It was accurate at the time of publication. None of the information in this timetable should be interpreted as a commitment on the part of Microsoft Corporation.
  • 17. Localization Batch 0 Batch 1 Batch 2 Batch 3 Now April 08 July 08 Oct 08 • Streaming Media Services 2008 • Network Policy Services 2008 • DHCP Server Service 2000/2003 •Exchange Server 2003 • Server Clusters 2000/2003 • Terminal Services 2008 • Print Server 2003 • SQL Server 2000/2005 • UDDI/Web Service Directory 2008 • Server Core OS 2008 • Internet Information Services • DNS Server Service 200/2003 • Print Services 2008 • Web Services (IIS) 2008 2000/2003 •Update Services Agent 2008 • AD Lightweight Directory Services • Office Live Communications Server • Server 2000/2003 Operating 2005 SP1 • Cluster Services 2008 2008 System • DHCP Services 2008 • AD Certificate Services 2008 •System Center Data Protection • XP Operating System • DNS Services 2008 • Virtual Server Services 2008 Manager 2006 • Information Worker • Group Policy Services 2008 • Network Load Balancing 2008 • SharePoint Service 2.0 • Commerce Server 2007 • Deployment Services 2008 • SharePoint Portal Server 2003 • Communicator Web Access 2005 • Application Services 2008 • Terminal Services 2000/2003 • Vista Client Monitoring • Operations Manager 2007 • Virtual Server 2005/Virtual Machine Manager 2007 •Configuration Manager 2007 • System Update Services 3.0 • File Replication Service 2000/2003 • SharePoint Service 3.0 • Systems Management Server 2003 •Forefront Security for Exchange 10.0 •Forefront Security for SharePoint 10.0 • Office Project Server 2007 • DFS Service 2003 • Compute Cluster Server 2003
  • 18. Tools for Dealing with Sealed MP’s MPViewer Command Shell Override Explorer Partner Tools (like MPStudio 2007 – Silect Software) Product Team Blogs: http://blogs.msdn.com/boris_yanushpolsky/ http://blogs.msdn.com/jakuboleksy/ http://blogs.technet.com/momteam/
  • 19. Management Packs, a closer look How to use Management Packs Discoveries Health monitoring State monitoring Monitors
  • 20. Management Pack contents Attributes – to Discover if a role excists Discoveries – to lookup objects in a role Groups Monitors – to monitor objects and provide data in a service based model, and raise alerts if needed Rules – monitor objects in a stand-alone model, and raise alerts if needed Views – look at that data almost realtime Tasks – diagnostic or to resolve Knowledge – knowhow of the data Reports – analyses and overview
  • 21. Common dataflows and interaction Installing an Agent Importing a management pack Changing a rule A rule firing or a monitor changing state Executing a task Microsoft Confidential
  • 22. Management Pack Management Override Best Practices Store override in separate MPs Do not use the “Disable” command in the override menu Make sure that the parameter is overridden in all the rules and monitors. Configure overrides for groups instead of specific instances
  • 23. Object Discoveries Objects and relationships are discovered: Registry WMI Script OLEDB LDAP Custom code (Managed) 23
  • 24. Discovered Objects 24
  • 25. Discovered Relationships stwilson15d.smx.net stwilson15dInstance1 master model OperationsManager tempdb test1 test2 25
  • 26. Health Modeling Every class has a health model Collection of monitors Arranged in a tree structure As deep or as shallow as required Represents the current state of the object Use the health explorer to view 26
  • 27. State Monitoring Operations Manager 2005 Watch for a condition Raise an alert Create a state change from the alert Operations Manager 2007 Watch for a condition Change state Roll up state as required Optionally generate an alert / notification 27
  • 28. Monitors A monitor is a state machine A monitor is in one state at any time Monitors some aspect of an application Has a finite number of operational states (maximum of 3 in this release) Each operational state maps to a health state Defines alerting conditions (optional) SCOM 2007 uses Service Based Monitoring instead of Server Based Monitoring like MOM 2005 !!!!! 28
  • 29. Aggregate Rollup Monitors Use to show service dependencies Exchange Server depends on DNS, Active Directory etc. if dns fails, an aggregate rollup monitor show exchange in a warning or critical state, even if these services do not reside on just one server. The computer holding the Exchange Server Role is not affected.
  • 30. Dependency Rollup Monitor Used to make the Windows Server running Exchange Role show as in same state as Aggregate Rollup if needed.
  • 31. Unit Monitor Monitor discrete events or services Reactive, but very helpfull Test using EventCreate.exe Eventcreate /L <LogName> ie Application, Security, … /T <Type> ie Warning, Error, Warning, Information /SO <Source> /ID <EventID> 1-1000 /D <Description>
  • 32. Unit Monitors Simple Windows Event Unit Monitor Look for one Event to occur Correlated Windows Event Unit Monitor Look for related Events to occur in certain order Windows Services Unit Monitor Checks if service is running, if not… RedHot SNMP Probe-Based Unit Monitor Sends SNMP traps to determine a state
  • 33. Monitors (State monitoring) Overall Health Aggregate Monitors Object Availability Performance Security Configuration Health Health Health Health Unit Monitors SQL 2005 Service Process DB Engine Check Utilization 33
  • 34. Health Model Entity Logical Entity Local Application Windows Computer Role SQL Server 34
  • 35. Health Model – Roll up SQL Server 35
  • 36. Monitor Types – Data Sources Event Script Performance OLEDB WMI LDAP Log file Syslog SNMP Trap Crimson WS-Man And more… 36
  • 37. Monitor Types - Workflows Event based: Performance based: Simple events Average Correlation Delta Consolidation Missing Consecutive samples And more… Self tuning And more… Pick the type to suit your needs Compose a new workflow if required 37
  • 38. Dependency Monitors SQL 2005 DB Engine Dependency Hosting Monitor SQL 2005 DB 38
  • 39. Dependency Monitors SQL 2005 DB Engine Hosting SQL 2005 DB 39
  • 40. Threshold Monitors (perfmon) Static Threshold Monitor Triggers Alert at certain level Self-Tuning Threshold Monitor Allows for tuning values
  • 41. Self-Tuning Thresholds OpsMgr agent learns the behavior of a counter Recorded behavior is used to generate alerts at the right time Learning can be continuous
  • 42. Optimized Performance Collection Significantly reduces the amount of data stored in the database Can be configured on a per-counter basis Tolerance can be configured using an absolute or percentage value
  • 43. Absolute or Percentage Absolute works well for counters with values in a limited range Example: Processor Utilization can range between 0 and 100 Percentage works well for counters with values in an unknown range Example: TCP Connections
  • 44. Create one of your own Approach to building a MP Targeting
  • 45. Approach to building a MP Gather the requirements Find the knowledge In the heads of customers, support staff, operators Application Developers and IT Professionals Build it Deploy it in a real work environment and refine Discipline to the process Common questions? How long will it take? Can we get it listed in the Microsoft catalog?
  • 46. Building a Management Pack Operations Console Authoring Console XML Editor
  • 47. Management Pack Building Blocks Types Rules Monitors Tasks Views Overrides Reports Other
  • 48. Targeting Microsoft Operations Manager (MOM) 2005 Create a computer group Create a rule group Add rules to rule group Associate rule group with computer group Operations Manager (OpsMgr) 2007 Create a type Create the discovery for that type Create a rule or monitor targeted to that type
  • 49. Targeting All Managed Computers Example: You want to monitor failed logon attempts on Windows Computers GOOD Use Windows Operating System to target all Windows managed nodes (desktop and servers) Use Windows Server Operating System to target all Windows server managed nodes (all versions) Use Windows Server 2003 Operating System to target all Windows Server 2003 managed nodes BAD Don’t use Agent: The monitor will not work for agent-less managed computers. The monitor will affect the health state of the Agent which is not what you want. Don’t use Computer: Management packs for non windows management are likely to use computer as the base type for types such as Unix computer. The monitor that you just created will not work against non windows computers. The monitor will execute against all windows computers. Both clients and servers that are managed by OpsMgr. Don’t use Windows Computer: The monitor will execute against all windows computers. Both clients and servers that are managed by OpsMgr. Microsoft Confidential
  • 50. Operating System Model Operating System Inheritance Windows Operating Other Operating System System Windows Server Windows Client Operating System Operating System Windows Server Windows Server Windows XP Windows Vista 2000 Operating 2003 Operating Operating Operating System System System System Microsoft Confidential
  • 51. Targeting A Server Role Example: You want to monitor file cache hits on Web Servers GOOD Use IIS Server Role 2003 to target all IIS 2003 Web Servers. Use IIS Server Role to target all IIS Web Servers. Currently this would apply to Windows 2000 and 2003 IIS servers. With the release of Windows Server 2008 MP, this would also apply to Windows Server 2003 IIS Web Servers. BAD Don’t use Windows Server 2003 Operating System The monitor will apply to all Windows 2003 Operating Systems regardless of whether IIS is installed or not. Don’t use Windows Server The monitor will apply to all Windows Servers regardless of whether IIS is installed or not. Don’t use Windows Computer The monitor will apply to all Windows computers (both desktops and servers) regardless of whether IIS is installed or not . Don’t use Computer If management packs for other operating systems are installed, the monitor will apply to non windows computers as well. However the monitor will not function correctly. Microsoft Confidential
  • 52. Computer Role Model Computer Role Inheritance Windows Computer Role Other OS Computer Role IIS Server Role SQL Role IIS 2000 Server IIS 2003 Server SQL Reporting SQL DB Engine Role Role Services Microsoft Confidential
  • 53. Targeting Some Managed Computers Example: You want to monitor failed logon attempts on Windows Computers in Redmond GOOD Use Windows Operating System to target all Windows managed nodes (desktop and servers) Use Windows Server Operating System to target all Windows server managed nodes (all versions) Use Windows Server 2003 Operating System to target all Windows Server 2003 managed nodes Once you have picked the right type for the situation, create a disabled monitor. Add all Redmond computers to a group. Create an override to enable the monitor for the group. BAD Don’t use Agent: The monitor will not work for agent-less managed computers. The monitor will affect the health state of the Agent which is not what you want. Don’t use Computer: Management packs for non windows management are likely to use computer as the base type for types such as Unix computer. The monitor that you just created will not work against non windows computers. The monitor will execute against all windows computers. Both clients and servers that are managed by OpsMgr. Don’t use Windows Computer: The monitor will execute against all windows computers. Both clients and servers that are managed by OpsMgr. Failed logons is actually an attribute of the operating system rather than the computer. Microsoft Confidential
  • 54. Ways to get data into OpsMgr Management pack consuming or creating the data (this is the better integrated method) OpsMgr existing data source modules Write to event log, build a perf counter Scripts executed within a MP Call a script on a timed interval and insert data back in for evaluation Creating a inserting “connector” through SDK apis Manage discovery Insert events, performance data associated to instances Use monitors to create alerts and change state
  • 55. Reports Report Types New generic reports Linked (specialized) reports Supporting database objects (views, functions, stored procedures) New storage structures (tables) and collection for new data types
  • 56. What is a quality MP? • Leverages the full capabilities of Operations Manager 2007 • Uses the OpsMgr agent on Windows platforms • Defines and discovers the model including relationships • Provides tasks to configure target applications/components to be managed • Provides component specific Health Models, troubleshooting knowledge, tasks and specific reports • Provides synthetic transactions for user facing components • Provides component problem specific resolution tasks • Is globalized and localized in the same languages as Operations Manager • Provides configuration and deployment guidance documentation

×