How to Audit and Alert Server Restarts with SCOM 2019 (2012/16)
2016
,
Audit
,
Restart
,
SCOM
,
SCOM 2016
,
SCOM 2019
,
System Center 2012 R2
,
System Center 2016
,
System Center 2019
,
Virtual Machines
,
Windows Server
,
Windows Server 2016
,
WIndows Server 2019
,
Winows 10
No comments
How to Audit and Alert Server Restarts with SCOM 2019 (2012/16)
Often IT admins
suffer from small to big outages due to unscheduled patches, failures, power, or someone mistakenly restarting a server in the middle of the workday without notifying anyone. I've created
this "How to Guide" to help you set up this in your SCOM environment.
- On your SCOM Console,
navigate to authoring and create a new Rule
- Fill in the Rule Name and
Description, select Rule Category (Alert), rule Target (Windows Computer)
and make sure Rule is enabled is checked.
- Event Log Type System
- Build Event Expression insert
Event ID and Source
- Insert values where Event ID
= 1074 and Event Source = User32.
- Set Alert Priority and Severity to fit your needs then Finish and Close
- Overview of your recently
configured rule on the Squared Up HTML5 Console
That's it, you will
now start tracking those restarts.
Thanks for reading, please share and
subscribe.
How to Audit and Alert Server Restarts with SCOM 2019 (2012/16)
Often IT admins
suffer from small to big outages due to unscheduled patches, failures, power, or someone mistakenly restarting a server in the middle of the workday without notifying anyone. I've created
this "How to Guide" to help you set up this in your SCOM environment.
- On your SCOM Console, navigate to authoring and create a new Rule
- Fill in the Rule Name and Description, select Rule Category (Alert), rule Target (Windows Computer) and make sure Rule is enabled is checked.
- Event Log Type System
- Build Event Expression insert Event ID and Source
- Insert values where Event ID = 1074 and Event Source = User32.
- Set Alert Priority and Severity to fit your needs then Finish and Close
- Overview of your recently configured rule on the Squared Up HTML5 Console
That's it, you will
now start tracking those restarts.
Thanks for reading, please share and
subscribe.
Integrating VMware vCenter ESX Hosts and Clusters with Virtual Machine Manager VMM
Cloud and Datacenter Management
,
SCVMM
,
System Center 2016
,
System Center 2019
,
VMWARE
No comments
Integrating VMware vCenter, ESX Hosts and Clusters
with Virtual Machine Manager VMM
Virtual Machine Manager helps IT administrators to combine multiple products such as Hyper-V, VMware or Citrix in one administrative console. Having this type of integrations really helps your security, monitoring, and management.
Step by Step
Go to your Virtual Machine Manager Console, Fabric
workspace then Infrastructure.
On the Infrastructure folder expand and then right-click on the vCenter Server to add a resource. You could also click on Add
resources and then VMware vCenter Server
Specify vCenter Server you would like to
add
Import the certificate the monitor add
job
Job progress
Completed
Under Fabric verify the vCenter Server is responding
Add VMware ESX Hosts and Clusters
Select VMware resources and Next.
Review your configuration and Finish to add your ESX
Servers to VMM.
SCOM 2019 UR1 - Simplified Patching Finally Arrived!
SCOM 2019 UR1 - Simplified Patching Finally Arrived!
Simplified management server patching
UR1 introduces a frictionless way of patching the SCOM servers. This new funtionaity will enable you to update your MGMT servers, update configs for Operational and DW DBs and MPs easly with just one step versus in the past that you pretty much needed to update each component separately.
To see more details on What's New click here.
Improvements and fixes
Web Console fixes and changes
- The State widget now supports sorting by health and age.
- Alert widgets can now be searched on by Date Time and sorted based upon age and severity.
- The alert link in an email notification returned the following error message when it's browsed: “Your session with the Web Console server expired." This occured even though the user was not logged in to web console. You will now see the login page post this fix.
- The Alert summary view window in SCOM Web console can now be expanded as required.
- When the Alert state was changed to some custom state, these alerts were not displayed in the web console. Alerts that have custom resolution states are now displayed.
- Some additional scrollbars appear if a customer widget is created in the web console or if the browser window size is reduced.
- Improvement: SCOM views load and save much faster than previously.
For more fixes and improvements click here.
Repost: Microsoft Docs and Support.
One-Click Patching coming for SCOM 2019 Update Rollup 1 (UR1)
2016
,
Cloud and Datacenter Management
,
SCOM
,
SCOM 2019
,
System Center 2019
,
Update Rollup
,
Windows Server
,
Windows Server 2016
,
WIndows Server 2019
No comments
One-Click Patching coming for SCOM 2019 Update Rollup 1 (UR1)
I'm so glad this is finally happening as it is quite a challenge to perform the upgrades on all servers + the DB scripts. There are also lots of great improvements for the Storage Spaces Direct monitoring, Azure MP, gMSA support.
Based on the MS Ignite presentation the first UR should be coming up on Q1. WIll be posting more updates once the official announcement is published.
References:
Configuring Auto-Shutdown on your Azure Virtual Machines
Configuring
Auto-Shutdown on your Azure Virtual Machines
The auto-shutdown
feature is definitely one of those extremely helpful ones as it provides a
simple interface to configure those VM's you might not want to pay the extra cost
when they are not being used. Having a function like this will certainly reduce
cost and help better manage your cloud infrastructure. This feature also allows
you to enable notifications 15 minutes before the auto-shutdown will occur so
you can postpone or even skip the Virtual Machine. See the step by step below
on how you can get started with the Auto-shutdown feature.
Step
by Step
- On the Azure Portal go to your VM blade and select the Virtual Machine.
- Navigate to Schedule, select Auto-Shutdown under the Operations Section and click On to enable.
- Schedule Shutdown on the preferred Time and Time Zone.
- Send notification if needed and specify the email address.
- Review and then Save.
- This is the email that you will receive when the scheduled Auto-shutdown is about to take place.
Thank you for
reading, have a nice day!
References:
Microsoft Docs and Azure Portal
How to connect Operations Manager 2019 (SCOM) to Azure Log Analytics (AKA OMS) in 4 simple steps
Azure
,
Azure Log Analytics
,
Cloud
,
Cloud and Datacenter Management
,
OMS
,
SCOM
,
SCOM 2019
,
System Center 2019
No comments
How to connect Operations Manager 2019 (SCOM) to Azure Log Analytics (AKA OMS) in 4 simple steps
Architecture Overview
Requirements:
1. Have your SCOM environment to be allowed to connect to 443 port over the internet.
2. An Active Azure subscription (This could be a trial one)
3. Admin Credentials to your Azure environment.
More details at Microsoft Docs
Step by Step
1. Register or Connect to Azure Log Analytics2. Sign in to your Microsoft Azure Account
3. Select Azure Log Analytics Workspace
4. Review and Create and after a couple of minutes, your workspace will be configured.
Heres my workspace
Thank you for viewing, please follow my LinkedIn and Twitter for more solutions and fixes.
References: Microsoft Docs
Thank you for viewing, please follow my LinkedIn and Twitter for more solutions and fixes.
References: Microsoft Docs
How to Deploy Active Directory Federation Services (ADFS) on Windows Server 2019
Deploying Active Directory Federation Services (ADFS) on Windows Server 2019
ADFS 2019 had so many great features to facilitate and improve our deployments for more details see What's new in Active Directory Federation Services for Windows Server 2019
ADFS Requirements
This will be the setup on my lab, this might vary depending on your environment and needs.- One Application Server with Windows Server 2016
- One SSL Certificate CRS or AD Request Template
- Federation Services DNS name
- Service Account or Group Managed Service Account (gMSA)
- Domain Admin Permissions
Installing Active Directory Federation Services (ADFS) Role on Windows Server 2019
To install utilizing PowerShell (Preferred/Easier method)
- Open PowerShell as administrator and run the following command:
Install-windowsfeature adfs-federation –IncludeManagementTools
Installing via the Server Manager interface
- Open Server Manager console, then navigate to Manage and select Add Roles and Features:
- On the Before You Begin page, click Next.
- On the Installation Type page, Select Role-Based and Next.
- On the Server Selection page, Select ADFS Primary Farm Server and Next.
- On the Server Roles page, Select Active Directory Federation Services Role and Next.
- On the Features page, Next.
- On the ADFS overview page, Next.
- On the Confirmation page, click Install.
- On the Results page Review and Close.
Configuring the ADFS Primary Farm Server Role
- Open the Server Manager, navigate to the Flag Icon click and Select Post-Deployment Configuration for ADFS.
- On the Welcome page of the Configuration, wizard select Create the first federation server in a federation server farm and click Next.
- On the Connect to AD DS page, specify a Domain Admin account and Next.
- On the Specify Service properties page, Import/Select Certificate, Select Federation Service Name and Specify Federation Service Display Name then Next.
Note: In my case, I will import a CSR cert which will prompt for the password. For more details see Microsoft, How to enroll an SSL Certificate for ADFS
- On the Specify Service Account page, you can either Create a Group Managed Service Account (gMSA) or Specify an existing Service or gMSA Account.
- In order to enable set the KDS Root Key, proceed to login to one of your Domain Controllers and run the below PowerShell Command: Add-KdsRootKey –EffectiveTime (Get-Date).AddHours(-10)
- After the command is successfully run go back to your ADFS Server and go to the previous page and then Next.
- Select Create a Group Managed Service Account, enter the preferred name then Next.
- On the Specify Database page, select Create a Database on this server Using WID and Next.
Note: you could also specify a SQL Server, make sure you have a sysadmin or a least dbcreator permissions. For more details see Microsoft https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/configure-a-federation-server.
If using a gMSA then you will need to pre-create gMSA Account via PowerShell unitizing the following script:
#User at your own risk :)
#Define gMSA account name.
$gMSA_Account = 'ADFS_gMSA_Farm'
#gMSA DNS Name.
#gMSA Servers Group Name (Optional, you could pre-stage servers that will need to retrieve the passwords such as SQL)
$gMSA_ServersGroupName = 'gMSA_ADFS_Farm_Group'
#Create new gMSA Account
New-ADServiceAccount -Name $gMSA_Account -DNSHostName $gMSA_FQDN -PrincipalsAllowedToRetrieveManagedPassword $gMSA_ADFSServersGroup
- On the Review Options page, Review and Next.
- On the Pre-requisite Checks page, review and click Configure.
- On the Results page, review any warnings and close.
Verify ADFS Services
- Open the Event Viewer and navigate to the ADFS View and search for the Event ID 100.
- Verifying SSO
- Run the following PowerShell Command
- Set-AdfsProperties -EnableIdPInitiatedSignonPage $true
- Browse to the ADFS sign-in page and test authentication. https://federationservicename/adfs/ls/idpinitiatedsignon.htm
References
ADFS Deployment https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/ad-fs-deploymentI hope you've found this article helpful, have a nice day and thank you for reading. :)
Subscribe to:
Posts
(
Atom
)