Recent Posts

Integrating VMware vCenter ESX Hosts and Clusters with Virtual Machine Manager VMM

No comments




Integrating VMware vCenter, ESX Hosts and Clusters with Virtual Machine Manager VMM



Virtual Machine Manager helps IT administrators to combine multiple products such as Hyper-V, VMware or Citrix in one administrative console. Having this type of integrations really helps your security, monitoring, and management. 



Step by Step


Go to your Virtual Machine Manager Console, Fabric workspace then Infrastructure.



On the Infrastructure folder expand and then right-click on the vCenter Server to add a resource. You could also click on Add resources and then VMware vCenter Server



Specify vCenter Server you would like to add



Import the certificate the monitor add job



Job progress



Completed



Under Fabric verify the vCenter Server is responding



Add VMware ESX Hosts and Clusters




Browse the Root or Admin account to your ESX server then Next.



Select VMware resources and Next.









Review your configuration and Finish to add your ESX Servers to VMM.




SCOM 2019 UR1 - Simplified Patching Finally Arrived!

No comments

SCOM 2019 UR1 - Simplified Patching Finally Arrived! 


Microsoft has released Update Roll Up 1 for SCOM 2019 and it comes with some great fixes and additions that will ease the upgrade process in your current environment. 


Simplified management server patching

UR1 introduces a frictionless way of patching the SCOM servers. This new funtionaity will enable you to update your MGMT servers, update configs for Operational and DW DBs and MPs  easly with just one step versus in the past that you pretty much needed to update each component separately. 

To see more details on What's New click here.


Improvements and fixes 

Web Console fixes and changes

  • The State widget now supports sorting by health and age. 
  • Alert widgets can now be searched on by Date Time and sorted based upon age and severity.
  • The alert link in an email notification returned the following error message when it's browsed: “Your session with the Web Console server expired." This occured even though the user was not logged in to web console. You will now see the login page post this fix.
  • The Alert summary view window in SCOM Web console can now be expanded as required.
  • When the Alert state was changed to some custom state, these alerts were not displayed in the web console. Alerts that have custom resolution states are now displayed.
  • Some additional scrollbars appear if a customer widget is created in the web console or if the browser window size is reduced.
  • Improvement: SCOM views load and save much faster than previously. 
For more fixes and improvements click here


Repost: Microsoft Docs and Support. 




One-Click Patching coming for SCOM 2019 Update Rollup 1 (UR1)

No comments

One-Click Patching coming for SCOM 2019 Update Rollup 1 (UR1) 


I'm so glad this is finally happening as it is quite a challenge to perform the upgrades on all servers + the DB scripts. There are also lots of great improvements for the Storage Spaces Direct monitoring,  Azure MP, gMSA support. 

Based on the MS Ignite presentation the first UR should be coming up on Q1. WIll be posting more updates once the official announcement is published. 


References: 

Configuring Auto-Shutdown on your Azure Virtual Machines

No comments
Configuring Auto-Shutdown on your Azure Virtual Machines
The auto-shutdown feature is definitely one of those extremely helpful ones as it provides a simple interface to configure those VM's you might not want to pay the extra cost when they are not being used. Having a function like this will certainly reduce cost and help better manage your cloud infrastructure. This feature also allows you to enable notifications 15 minutes before the auto-shutdown will occur so you can postpone or even skip the Virtual Machine. See the step by step below on how you can get started with the Auto-shutdown feature.  

Step by Step

  1. On the Azure Portal go to your VM blade and select the Virtual Machine.

  1. Navigate to Schedule, select Auto-Shutdown under the Operations Section and click On to enable.

  1. Schedule Shutdown on the preferred Time and Time Zone.
  2. Send notification if needed and specify the email address.

  1. Review and then Save.
  2. This is the email that you will receive when the scheduled Auto-shutdown is about to take place.


Thank you for reading, have a nice day!

References: Microsoft Docs and Azure Portal

How to connect Operations Manager 2019 (SCOM) to Azure Log Analytics (AKA OMS) in 4 simple steps

No comments

How to connect Operations Manager 2019 (SCOM) to Azure Log Analytics (AKA OMS) in 4 simple steps


Monitoring is a Key element in your IT infrastructure.  System Center a d Azure Cloud offers some phenomenal advantages when properly integrated. Connecting you on-premises SCOM environment to your Azure Log Analytics enhances monitoring while utilizing advanced analytics and machine learning which help identify issues and automatically respond to alerts. Hybrids environments certainly help that next level of productivity and even more when two exceptional platforms are integrated. SCOM +Azure Log Analytics helps to improve your operational workflows on your infrastructure.

Architecture Overview


Requirements:
1. Have your SCOM environment to be allowed to connect to 443 port over the internet.
2. An Active Azure subscription (This could be a trial one)
3. Admin Credentials to your Azure environment. 
More details at Microsoft Docs

Step by Step

1. Register or Connect to Azure Log Analytics

2. Sign in to your Microsoft Azure Account

3. Select Azure Log Analytics Workspace

4. Review and Create and after a couple of minutes, your workspace will be configured.


Heres my workspace


Thank you for viewing, please follow my LinkedIn and Twitter for more solutions and fixes.

References: Microsoft Docs







How to Deploy Active Directory Federation Services (ADFS) on Windows Server 2019

No comments

Deploying Active Directory Federation Services (ADFS) on Windows Server 2019


Active Directory Federation Services (AD FS) also popularly known as SAML/Federation Services/SSO. It provides Web single-sign-on (SSO) to authenticate a user to multiple Web applications while utilizing a single account which makes end users life much easier at the time to login to their HR cloud-based app etc. ADFS also facilitates Azure AD Connect deployment for Office 365 and Azure deployments and integration.
ADFS 2019 had so many great features to facilitate and improve our deployments for more details see What's new in Active Directory Federation Services for Windows Server 2019

ADFS Requirements

This will be the setup on my lab, this might vary depending on your environment and needs.
  1. One Application Server with Windows Server 2016
  2. One SSL Certificate CRS or AD Request Template
  3. Federation Services DNS name
  4. Service Account or Group Managed Service Account (gMSA)
  5. Domain Admin Permissions
More info at Microsoft Docs : AD FS Requirements

Installing Active Directory Federation Services (ADFS) Role on Windows Server 2019

To install utilizing PowerShell (Preferred/Easier method)

  • Open PowerShell as administrator and run the following command:
Install-windowsfeature adfs-federation –IncludeManagementTools

Installing via the Server Manager interface

  • Open Server Manager console, then navigate to Manage and select Add Roles and Features:

  • On the Before You Begin page, click Next.
  • On the Installation Type page, Select Role-Based and Next.
  • On the Server Selection page, Select ADFS Primary Farm Server and Next.
  • On the Server Roles page, Select Active Directory Federation Services Role and Next.

  • On the Features page, Next.
  • On the ADFS overview page, Next.
  • On the Confirmation page, click Install.
  • On the Results page Review and Close.

Configuring the ADFS Primary Farm Server Role

  • Open the Server Manager, navigate to the Flag Icon click and Select Post-Deployment Configuration for ADFS.

  • On the Welcome page of the Configuration, wizard select Create the first federation server in a federation server farm and click Next.

  • On the Connect to AD DS page, specify a Domain Admin account and Next.

  • On the Specify Service properties page, Import/Select Certificate, Select Federation Service Name and Specify Federation Service Display Name then Next.

Note: In my case, I will import a CSR cert which will prompt for the password. For more details see Microsoft, How to enroll an SSL Certificate for ADFS

  • On the Specify Service Account page, you can either Create a Group Managed Service Account (gMSA) or Specify an existing Service or gMSA Account.
Important: KDS Root Key needs to be set at this step or previous in order to enable AD to operate with gMSA's. One key benefit of gMSA's is auto-negotiated password update feature.

  • In order to enable set the KDS Root Key, proceed to login to one of your Domain Controllers and run the below PowerShell Command: Add-KdsRootKey –EffectiveTime (Get-Date).AddHours(-10)

  • After the command is successfully run go back to your ADFS Server and go to the previous page and then Next.
  • Select Create a Group Managed Service Account, enter the preferred name then Next.

  • On the Specify Database page, select Create a Database on this server Using WID and Next.

Note: you could also specify a SQL Server, make sure you have a sysadmin or a least dbcreator permissions. For more details see Microsoft https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/configure-a-federation-server.

If using a gMSA then you will need to pre-create gMSA Account via PowerShell unitizing the following script:
#User at your own risk :)
#Define gMSA account name.
$gMSA_Account = 'ADFS_gMSA_Farm'
#gMSA DNS Name.
$gMSA_FQDN = 'adfs.systemitpro.com'
#gMSA Servers Group Name (Optional, you could pre-stage servers that will need to retrieve the passwords such as SQL)
$gMSA_ServersGroupName = 'gMSA_ADFS_Farm_Group'
#Create new gMSA Account
New-ADServiceAccount -Name $gMSA_Account -DNSHostName $gMSA_FQDN -PrincipalsAllowedToRetrieveManagedPassword $gMSA_ADFSServersGroup
  • On the Review Options page, Review and Next.
  • On the Pre-requisite Checks page, review and click Configure.

  • On the Results page, review any warnings and close.

Verify ADFS Services

  • Open the Event Viewer and navigate to the ADFS View and search for the Event ID 100.

References

ADFS Deployment https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/ad-fs-deployment



I hope you've found this article helpful, have a nice day and thank you for reading. :)

How to configure SCOM HTML Notification Alerts from Orchestrator 2012/16 Step by Step

No comments
How to configure SCOM HTML Notification Alerts from Orchestrator 2012/16 Step by Step
clip_image001
This post is another great option that could be quite effective when you are notifying your engineers/application owners. This type of email formatting will allow them to easily read and take appropriate actions to correct the reported issues instead of trying to translate a very complicated and non organized text.

Before you start

  • Make sure you have the SCOM Orchestrator integration pack installed and configured.
  • Make sure your credentials and Orchestrator have access to your SCOM environment.
clip_image002
clip_image003

Creating the Runbook

On Orchestrator Runbook Designer Console, create a new Runbook and add the following activities;
  • Monitoring Alerts
  • Email Activity
clip_image004
On the SCOM Alert Monitoring Activity, add Title, SCOM connection, the trigger for New alerts and your needed filters.
Note: If you are looking for a closed alert email then you will need to select the Updated alerts trigger and status closed.
clip_image005
On the Send Email Activity, set the Title and Message Format to HTML.
clip_image006
On the Details Page Subject section, set your Subject details and subscribe to your monitoring data so you can dynamically display the alert name/instance.
clip_image007
On the Details Page Recipients section, set the email accounts that will be receiving this notification.
clip_image008
On the Details Page Message section, copy and paste the HTML formatted code you’re your published data IDs.
clip_image009
While working with your message you can also expand to have a better view of the HTML code.
clip_image010
Review your code and test with Notepad++ or Visual Studio then proceed to configure your SMTP/email channel.
clip_image011
On the published data you can add the needed fields to the message section select them all, copy and paste them into a notepad to get the actual ID which its way easier to add into your HTML code.
clip_image012
clip_image013
On the Connect page, set your Email address and SMTP connection.
clip_image014
Close all the activities and Check in the Runbook.
clip_image015

Click here to Download the actual HTML code and image. 


Here’s the email design that you will be sending out, feel free to customize and comment with your updates Smile
clip_image016
Hope this post was helpful and makes your IT life a bit easier Smile